Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-05-16GdataKarsten Hahn
Printer company provided infected software downloads for half a year
SnipVex
2025-04-30SeqriteMahua Chakrabarthy, Sanjay Katkar
Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government
Crimson RAT
2025-04-29TrustwaveTrustwave SpiderLabs
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge
KongTuke
2025-04-14Palo Alto Networks Unit 42Prashil Pattni
Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
RN Stealer
2025-03-25JPCERT/CCHayato Sasaki
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup
2025-03-04Department of JusticeU.S. Attorney's Office Southern District of New York
10 Chinese Nationals Charged With Large-Scale Hacking Of U.S. And International Victims On Behalf Of The Chinese Government
2025-01-13HalcyonHalcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger
2024-12-30FortinetChris Hall
Catching "EC2 Grouper"- no indicators required!
EC2 Grouper
2024-12-19SpyCloudJames
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
GhostSocks Lumma Stealer
2024-08-09Palo Alto Networks Unit 42Amanda Tanner, Kristopher Bleich
Ransomware Review: First Half of 2024
Ukrainian Cyber Alliance
2024-04-17MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Luke Jenkins, Nick Simonian, Ryan Hall, Tyler McLellan
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Sandworm
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
UNC3569 UNC5266 UNC5291 UNC5330 UNC5337 UTA0178
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-01-18M4lcode, Mostafa Farghaly
Detect Mortis Locker Ransomware with YARA
Mortis
2023-11-21Palo Alto Networks Unit 42Unit 42
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
BeaverTail InvisibleFerret WageMole
2023-09-29ESET ResearchPeter Kálnai
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
CLOUDBURST LightlessCan miniBlindingCan sRDI
2023-09-15Migeel.skMichal Strehovský
Reverse engineering natively-compiled .NET apps
2023-08-23LogpointAnish Bogati, Nischal khadgi
Defending Against 8base: Uncovering Their Arsenal and Crafting Responses
8Base Phobos SmokeLoader SystemBC
2023-07-24M4lcodeMostafa Farghaly
Deep Analysis of Vidar Stealer
Arkei Stealer Vidar