Click here to download all references as Bib-File.
| 2022-09-07 ⋅ Google ⋅ Initial access broker repurposing techniques in targeted attacks against Ukraine AnchorMail Cobalt Strike IcedID |
| 2022-07-12 ⋅ Google ⋅ TAG Bulletin: Q2 2022 |
| 2022-06-30 ⋅ Google ⋅ Countering hack-for-hire groups Void Balaur |
| 2022-06-23 ⋅ Google ⋅ Spyware vendor targets users in Italy and Kazakhstan Hermit |
| 2022-05-19 ⋅ Google ⋅ Protecting Android users from 0-Day attacks |
| 2022-05-03 ⋅ Google ⋅ Update on cyber activity in Eastern Europe Curious Gorge |
| 2022-03-30 ⋅ Google ⋅ Tracking cyber activity in Eastern Europe |
| 2022-03-24 ⋅ Google ⋅ Countering threats from North Korea |
| 2022-03-17 ⋅ Google ⋅ Exposing initial access broker with ties to Conti BazarBackdoor BumbleBee Cobalt Strike Conti |
| 2022-03-08 ⋅ Twitter (@ShaneHuntley) ⋅ Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February |
| 2022-03-07 ⋅ Google ⋅ An update on the threat landscape (APT28, UNC1151, MUSTANG PANDA) |
| 2022-03-01 ⋅ Google ⋅ TAG Bulletin: Q1 2022 |
| 2022-01-14 ⋅ Twitter (@billyleonard) ⋅ Tweet on APT28 credential phishing campaigns targeting Ukraine |
| 2021-12-07 ⋅ Google ⋅ Disrupting the Glupteba operation Glupteba |
| 2021-12-02 ⋅ Google ⋅ TAG Bulletin: Q4 2021 |
| 2021-11-24 ⋅ Google ⋅ Threat Horizons Cloud Threat Intelligence November 2021. Issue 1 BlackMatter |
| 2021-11-11 ⋅ Google ⋅ Analyzing a watering hole campaign using macOS exploits CDDS |
| 2021-11-10 ⋅ Twitter (@billyleonard) ⋅ Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012 Rekoobe |
| 2021-10-29 ⋅ Google ⋅ TAG Bulletin: Q3 2021 |
| 2021-10-20 ⋅ Google ⋅ Phishing campaign targets YouTube creators with cookie theft malware |