Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-05-22SekoiaFélix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.
2025-03-31SekoiaAmaury G., Coline Chavane, Félix Aime, Sekoia TDR
From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic
FrostyFerret GolangGhost GolangGhost
2025-02-25Félix Aime, Jeremy Scion, Sekoia TDR
PolarEdge: Unveiling an uncovered ORB network
PolarEdge
2025-01-13SekoiaAmaury G., Erwan Chevalier, Félix Aime, Maxime A.
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
HATVIBE
2025-01-13SekoiaAmaury G., Erwan Chevalier, Félix Aime, Maxime A.
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
HATVIBE
2023-05-17SekoiaFélix Aime
APT28 leverages multiple phishing techniques to target Ukrainian civil society
2022-12-05SekoiaFélix Aime, Maxime A, Sekoia TDR
Calisto show interests into entities involved in Ukraine war support
Callisto
2022-05-04Twitter (@felixw3000)Felix
Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC.
Cobalt Strike IcedID PhotoLoader
2022-02-23SophosAbhijit Gupta, Anand Ajjan, Andrew Brandt, Colin Cowie, Felix Weyne, Rahil Shah, Steven Lott, Syed Zaidi, Vikas Singh, Xiaochuan Zhang
Dridex bots deliver Entropy ransomware in recent attacks
Entropy
2021-04-15Twitter (@felixw3000)Felix
Tweet on Dridex's evasion technique
Dridex
2020-10-15Kaspersky LabsFélix Aime, Ivan Kwiatkowski, Pierre Delcher
IAmTheKing and the SlothfulMedia malware family
SlothfulMedia
2020-07-28Kaspersky LabsFélix Aime, Ivan Kwiatkowski, Pierre Delcher
Lazarus on the hunt for big game
Dacls Dacls Dacls VHD Ransomware
2020-03-31Kaspersky LabsFélix Aime, Ivan Kwiatkowski, Pierre Delcher
Holy water: ongoing targeted water-holing attack in Asia
Godlike12
2020-03-23Kaspersky LabsFélix Aime, Yury Namestnikov
Fin7 APT: how billion dollar crime ring remains active after leaders’ arrest
Carbanak
2019-06-02VMRayFelix Seele
Hypervisor-based Analysis of macOS Malware
Coldroot RAT
2019-05-08Kaspersky LabsFélix Aime, Yury Namestnikov
FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
Griffon Ave Maria FIN7
2019-05-01Felix Weyne
Hancitor's Packer Damystified
Hancitor
2018-07-29SophosFelix Weyne
AdKoob information thief targets Facebook ad purchase info
AdKoob
2018-07-26FireEyeSwapnil Patil
Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign
Felixroot
2016-08-01UperesiaFelix Weyne
Analysis of a packed Pony downloader
Pony