Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-05-31The InsiderChristo Grozev, Michael Weiss, Roman Dobrokhotov
Hidden Bear: The GRU hackers of Russia’s most notorious kill squad
2025-05-09LumenChris Formosa, Ryan English
Classic Rock: Hunting a Botnet that preys on the Old
2025-02-20Cyber TriageChris Ray
WMI Malware: The Complete Forensics Guide
ShrinkLocker
2024-12-30FortinetChris Hall
Catching "EC2 Grouper"- no indicators required!
EC2 Grouper
2024-11-19Palo Alto Networks Unit 42Asher Davila, Chris Navarrete
FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications
FrostyGoop
2024-10-14Trend MicroAdremel Redondo, Adriel Isidro, Andre Filipe Codod, Charles Adrian Marty, Christian Alpuerto, Kim Benedict Victorio, Lorenzo Laureano, Mark Jason Co
Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware
Astaroth Water Makara
2024-04-19Spiegel OnlineChristoph Giesen, Hakan Tanriverdi, Simon Hage
VW-Konzern wurde jahrelang ausspioniert – von China?
CHINACHOPPER PlugX
2024-04-03Trend MicroChristopher Boyton
Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption
LockBit
2024-04-02Trend MicroChristopher So
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
APT41 Earth Freybug
2024-03-26LumenChris Formosa, Danny Adamitis, Ryan English, Steve Rudd
The Darkside Of TheMoon
TheMoon
2024-01-31StairwellAlex Hegyi, Chris St. Myers, Evelyne Diaz Araque, Matt Richard, Silas Cutler, Vincent Zell
Technical analysis: The silent torrent of VileRAT
VileRAT EVILNUM
2024-01-23Arctic WolfChristopher Prest, Hady Azzam, Steven Campbell
CherryLoader: A New Go-based Loader Discovered in Recent Intrusions
CherryLoader
2024-01-23Trend MicroChristian Alpuerto, Christian Jason Geollegue, Don Ovid Ladores, Emmanuel Panopio, Emmanuel Roll, Francesca Villasanta, Gerald Fernandez, Julius Keith Estrellado, Raighen Sanchez, Raymart Yambot, Rhio Manaog, Shawn Austin Santos, Sophia Nilette Robles
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver
Kasseika
2023-11-09MandiantChris Sistrunk, Daniel Kapellmann Zafra, Jared Wilson, John Wolfram, Keith Lunden, Ken Proska, Nathan Brubaker, Tyler McLellan
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
CaddyWiper
2023-07-26SPURRiley Kilmer
Christmas in July: A finely wrapped Malware Proxy Service
AVrecon
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2022-12-20Trend MicroChristopher Daniel So
Raspberry Robin Malware Targets Telecom, Governments
Raspberry Robin Roshtyak
2022-12-14Chris Partridge
50 Domains Worth Blocking: The Evolution of ViperSoftX's Underreported DGA
ViperSoftX
2022-11-17Cisco TalosChris Neal
Get a Loda This: LodaRAT meets new friends
Loda Kasablanka
2022-11-03paloalto Netoworks: Unit42Chris Navarrete, Durgesh Sangvikar, Matthew Tennis, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
Cobalt Strike