Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-26MandiantDaniel Kapellmann Zafra, Jay Christiansen, Keith Lunden, Ken Proska, Thibault van Geluwe de Berlaere
Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers
Clop Industroyer MimiKatz Triton
2022-07-26Cert-UACert-UA
UAC-0010 (Armageddon) cyberattacks using the GammaLoad.PS1_v2 malware (CERT-UA#5003,5013,5069,5071)
Gamaredon Group
2022-07-26MicrosoftMicrosoft 365 Defender Research Team
Malicious IIS extensions quietly open persistent backdoors into servers
CHINACHOPPER MimiKatz
2022-07-25Trend MicroByron Gelera, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Katherine Casona, Nathaniel Gregory Ragasa, Nathaniel Morales
LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities
BlackMatter LockBit
2022-07-25Cert-UACert-UA
Mass distribution of desktops (Formbook, Snake Keylogger) and use of Malware RelicRace/RelicSource as a means of delivery (CERT-UA#5056)
404 Keylogger Formbook RelicRace
2022-07-23BleepingComputerBill Toulas
North Korean hackers attack EU targets with Konni RAT malware
Konni
2022-07-22DataBreaches.netDissent
Recent cyberattacks put Thai citizens’ privacy and data security at greater risk
Desorden Group
2022-07-22MalwareBookReportsmuzi
THE TRASH PANDA REEMERGES FROM THE DUMPSTER: RACCOON STEALER V2
RecordBreaker
2022-07-21BlackberryMark Stevens, Rocky De Wiest
The 13 Deadly Sins of APT Incident Response — Part 1
2022-07-21TalosTalos
Attackers target Ukraine using GoMet backdoor
GoMet
2022-07-21ProofpointBryan Campbell, Pim Trouerbach, Proofpoint Threat Research Team, Selena Larson
Buy, Sell, Steal, EvilNum Targets Cryptocurrency, Forex, Commodities
EVILNUM Evilnum
2022-07-20Securonix Threat LabsDen Iyzvyk, Oleg Kolesnikov, Tim Peck
STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni/APT37 (North Korea) - Securonix
Konni Opal Sleet
2022-07-20SophosColin Cowie, Gabor Szappanos
OODA: X-Ops Takes On Burgeoning SQL Server Attacks
Maoloa Remcos TargetCompany
2022-07-20FreebufQi Anxin Threat Intelligence Center
Abused Slack Service: Analysis of APT29's Attack on Italy
Unidentified 098 (APT29 Slack Downloader)
2022-07-20Trend MicroBuddy Tancio, Erika Mendoza, Jessie Prevost, Joelson Soares, Nusrath Iqra
Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data
2022-07-20MandiantMandiant Threat Intelligence
Evacuation and Humanitarian Documents used to Spear Phish Ukrainian Entities
Cobalt Strike GraphSteel GrimPlant MicroBackdoor
2022-07-20KasperskyDmitry Galov, Jornt van der Wiel, Marc Rivero López, Sergey Lozhkin
Luna and Black Basta — new ransomware for Windows, Linux and ESXi
Black Basta Conti
2022-07-20Cert-UACert-UA
Cyberattack on State Organizations of Ukraine using the topic OK "South" and the malicious program AgentTesla (CERT-UA#4987)
Agent Tesla
2022-07-20Advanced IntelligenceMarley Smith, Vitali Kremez, Yelisey Boguslavskiy
Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion
Cobalt Strike
2022-07-19GoogleBilly Leonard
Continued cyber activity in Eastern Europe observed by TAG
CyberAzov APT28 Callisto Ghostwriter Sandworm Turla