Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-08-15Cisco TalosAsheer Malhotra, Brandon White, Vitor Ventura
UAT-7237 targets Taiwanese web hosting infrastructure
SoundBill
2025-08-12Cisco TalosEdmund Brumaghin, Jordyn Dunk
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
PS1Bot
2025-06-18Cisco TalosVanja Svajcer
Famous Chollima deploying Python version of GolangGhost RAT
GolangGhost PylangGhost GolangGhost
2025-06-05Cisco TalosAsheer Malhotra, Dmytro Korzhevin, Jacob Finn
Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
PathWiper
2025-05-22Cisco TalosAsheer Malhotra, Brandon White
UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Tetra Loader
2025-05-13Cisco TalosAsheer Malhotra, Ashley Shen, Edmund Brumaghin, Vitor Ventura
Defining a new methodology for modeling and tracking compartmentalized threats
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-17Cisco TalosJoey Chen
Unmasking the new XorDDoS controller and infrastructure
XOR DDoS
2025-03-28Cisco TalosGuilherme Venere
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Remcos
2025-03-26Cisco TalosCisco Talos
Year in Review
2025-03-20Cisco TalosAsheer Malhotra, Brandon White, Jungsoo An, Vitor Ventura
UAT-5918 targets critical infrastructure entities in Taiwan
ShortLeash LaZagne JuicyPotato Meterpreter MimiKatz ShortLeash UAT-5918
2025-02-20Cisco TalosCisco Talos
Weathering the storm: In the midst of a Typhoon
2025-02-13Recorded FutureInsikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor
2024-11-14Cisco TalosAlex Karkins, Chetan Raghuprasad, Joey Chen
New PXA Stealer targets government and education sectors for sensitive information
PXA Stealer
2024-11-07Cisco TalosAliza Johnson, Chetan Raghuprasad, Elio Biasiotto, Michael Szeliga
Unwrapping the emerging Interlock ransomware attack
Interlock Rhysida
2024-10-24Cisco TalosAaron Boyd
Writing a BugSleep C2 server and detecting its traffic with Snort
bugsleep
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Highlighting TA866/Asylum Ambuscade Activity Since 2021
WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Threat Spotlight: WarmCookie/BadSpace
Cobalt Strike csharp-streamer RAT WarmCookie
2024-10-22Cisco TalosChetan Raghuprasad
Threat actor abuses Gophish to deliver new PowerRAT and DCRAT
PowerRAT
2024-10-17Cisco TalosAsheer Malhotra, Dmytro Korzhevin, Vanja Svajcer, Vitor Ventura
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
MeltingClaw ROMCOM RAT ShadyHammock RomCom