Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-02MandiantMandiant Intelligence
To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions
FAKEUPDATES Blister Cobalt Strike DoppelPaymer Dridex FriedEx Hades LockBit Macaw MimiKatz Phoenix Locker WastedLocker
2022-06-02MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
POLONIUM
2022-06-02MicrosoftMicrosoft Digital Crimes Unit
Complaint filed by Microsoft Digital Crimes Unit against BOHRIUM, a Iranian threat actor
2022-06-01AvertiumAvertium
An In-Depth Look At Black Basta Ransomware
Black Basta
2022-06-01Deep instinctSimon Kenin
Iranian Threat Actor Continues to Develop Mass Exploitation Tools
CobaltMirage FRP
2022-06-01Qianxin Threat Intelligence CenterRed Raindrop Team
Analysis of the attack activities of the Maha grass group using the documents of relevant government agencies in Pakistan as bait
BadNews QUILTED TIGER
2022-06-01AvastJakub Vávra
SMSFactory Android Trojan producing high costs for victims
2022-06-01Group-IBAlexander Badaev, Nikita Rostovcev
SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan
2022-05-30NSFOCUSNSFOCUS
Operation DarkCasino: In-Depth Analysis of Recent Attacks by APT Group EVILNUM
DarkMe
2022-05-30Matthieu Walter
Automatically Unpacking IcedID Stage 1 with Angr
IcedID
2022-05-28Bleeping ComputerSergiu Gatlan
Clop ransomware gang is back, hits 21 victims in a single month
Clop
2022-05-27MalwarologyGaetano Pellegrino
Janicab Series: The Core Artifact
Janicab
2022-05-27PTSecurityAleksey Vishnyakov, Anton Belousov
How bootkits are implemented in modern firmware and how UEFI differs from Legacy BIOS
LoJax MoonBounce
2022-05-26DarktraceDarkTrace
Worm-like propagation of Sysrv-hello crypto-jacking botnet: Network traffic analysis and latest TTPs
Sysrv-hello Sysrv-hello
2022-05-26TrustwaveBernard Bautista
Grandoreiro Banking Malware Resurfaces for Tax Season
Grandoreiro
2022-05-26IBMDave McMillen, Kevin Henson
Black Basta Besting Your Network?
Black Basta
2022-05-25Medium walmartglobaltechJason Reaves, Joshua Platt
SocGholish Campaigns and Initial Access Kit
FAKEUPDATES Blister Cobalt Strike NetSupportManager RAT
2022-05-25Team CymruS2 Research Team
Bablosoft; Lowering the Barrier of Entry for Malicious Actors
BlackGuard BumbleBee RedLine Stealer
2022-05-25cybleCyble Research Labs
ERMAC Back In Action: Latest Version Of Android Banking Trojan Targets Over 400 Applications
ERMAC
2022-05-25ReutersChristopher Bing, James Pearson, Raphael Satter
Russian hackers are linked to new Brexit leak website, Google says