Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-06-17TrellixAlejandro Houspanossian
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion
HijackLoader Lumma Stealer
2024-06-05Cisco TalosCisco Talos
DarkGate switches up its tactics with new payload, email templates
DarkGate
2024-05-30Cisco TalosAsheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid
2024-04-24CiscoCisco Talos
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
ArcaneDoor Storm-1849
2024-04-24NCSC UKNCSC UK
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices.
2024-04-24NCSC UKNCSC UK
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices.
2024-02-15Cisco TalosArnaud Zobec, Asheer Malhotra, Holger Unterbrink, Vitor Ventura
TinyTurla Next Generation - Turla APT spies on Polish NGOs
TinyTurlaNG
2024-02-08Cisco TalosCisco Talos
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization
HTran reGeorg Venom Proxy ZarDoor
2024-01-11SecurityScorecardSecurityScorecard STRIKE Team
Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days
2024-01-10SecurityScorecardSTRIKE Team
Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days
KV
2024-01-09Avast DecodedThreat Research Team
Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police
Babuk
2023-12-11Cisco TalosAsheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT
2023-11-17Cisco TalosGuilherme Venere
A deep dive into Phobos ransomware, recently deployed by 8Base group
8Base Phobos
2023-11-17Cisco TalosGuilherme Venere
Understanding the Phobos affiliate structure and activity
Phobos
2023-10-25Cisco TalosAsheer Malhotra, Vitor Ventura
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan
Ave Maria Loda YoroTrooper
2023-09-28Cisco TalosJonathan Munshaw
The security pitfalls of social media sites offering ID-based authentication
RansomVC
2023-09-19Cisco TalosArnaud Zobec, Asheer Malhotra, Caitlin Huey, Sean Taylor, Vitor Ventura
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
HTTPSnoop PipeSnoop LightBasin ShroudedSnooper
2023-08-31Cisco TalosEdmund Brumaghin
SapphireStealer: Open-source information stealer enables credential and data theft
2023-08-24Cisco TalosAsheer Malhotra, Jungsoo An, Vitor Ventura
Lazarus Group's infrastructure reuse leads to discovery of new malware
Collection RAT
2023-08-24Cisco TalosAsheer Malhotra, Jungsoo An, Vitor Ventura
Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT
QuiteRAT