Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-29ProofpointProofpoint Staff, Selena Larson
TA544 Targets Italian Organizations with Ursnif Malware
ISFB
2021-09-29Trend MicroAliakbar Zahravi, Kamlapati Choubey, Peter Girnus, William Gamazo Sanchez
FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal
Formbook
2021-09-28FlashpointFlashpoint
REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout
REvil
2021-09-23Bleeping ComputerIonut Ilascu
REVil ransomware devs added a backdoor to cheat affiliates
REvil
2021-09-22McAfeeAlexandre Mundo, Marc Elias
BlackMatter Ransomware Analysis; The Dark Side Returns
BlackMatter
2021-09-20Trend MicroAliakbar Zahravi, William Gamazo Sanchez
Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads
Ave Maria BitRAT LimeRAT Nanocore RAT NjRAT Quasar RAT
2021-09-14ZecOpsZecOps Research Team
The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up: One Year Later
Chrysaor
2021-09-09IBMMegan Roddie
LockBit 2.0: Ransomware Attacks Surge After Successful Affiliate Recruitment
LockBit
2021-09-08McAfeeJohn Fokker, Max Kersten, Thibault Seret
How Groove Gang is Shaking up the Ransomware-as-a-Service Market to Empower Affiliates
Babuk BlackMatter Babuk BlackMatter CTB Locker
2021-09-03SophosAnand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti
2021-08-25Trend MicroBin Lin, William Gamazo Sanchez
New Campaign Sees LokiBot Delivered Via Multiple Methods
Loki Password Stealer (PWS)
2021-08-13vsquareAnna Gielewska, Julia Dauksza
The Ghostwriter Scenario (UNC1151)
2021-08-11LumenBlack Lotus Labs
ReverseRat Reemerges With A (Night)Fury New Campaign And New Developments, Same Familiar Side-Actor
ReverseRAT
2021-08-06Sophos Naked SecurityPaul Ducklin
Conti ransomware affiliate goes rogue, leaks “gang data”
Conti
2021-08-06Threat PostElizabeth Montalbano
Angry Affiliate Leaks Conti Ransomware Gang Playbook
Conti
2021-08-06The RecordCatalin Cimpanu
Australian cybersecurity agency warns of spike in LockBit ransomware attacks
LockBit
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access
Conti
2021-08-05The RecordCatalin Cimpanu
Disgruntled ransomware affiliate leaks the Conti gang’s technical manuals
Conti
2021-08-05Bleeping ComputerLawrence Abrams
Angry Conti ransomware affiliate leaks gang's attack playbook
Conti
2021-08-05cybleCyble
BlackMatter Under the Lens: An Emerging Ransomware Group Looking for Affiliates
DarkSide