Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-01-13HalcyonHalcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger
2024-12-30FortinetChris Hall
Catching "EC2 Grouper"- no indicators required!
EC2 Grouper
2024-12-19SpyCloudJames
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
Lumma Stealer
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-01-18M4lcode, Mostafa Farghaly
Detect Mortis Locker Ransomware with YARA
Mortis
2023-11-21Palo Alto Networks Unit 42Unit 42
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
BeaverTail InvisibleFerret WageMole
2023-09-29ESET ResearchPeter Kálnai
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
CLOUDBURST LightlessCan miniBlindingCan sRDI
2023-09-15Migeel.skMichal Strehovský
Reverse engineering natively-compiled .NET apps
2023-08-23LogpointAnish Bogati, Nischal khadgi
Defending Against 8base: Uncovering Their Arsenal and Crafting Responses
8Base Phobos SmokeLoader SystemBC
2023-07-24M4lcodeMostafa Farghaly
Deep Analysis of Vidar Stealer
Arkei Stealer Vidar
2023-06-06Apophis133Michelle Khalil
RedLine Technical Analysis Report
RedLine Stealer
2023-04-28Twitter (@MichalKoczwara)Michael Koczwara
Tweet on hunting BRC4 infrastructure
Brute Ratel C4
2023-04-13GOV.PLCERT.PL, Military Counterintelligence Service
HALFRIG - Malware Analysis Report
HALFRIG
2023-02-020x0d4y0x0d4y
[Zero2Automated] Complete Custom Sample Challenge Analysis
CruLoader
2023-01-04CSO OnlineApurva Venkat
Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says
BlueHornet
2022-12-19kienmanowar Blogm4n0w4r, Tran Trung Kien
[Z2A]Bimonthly malware challege – Emotet (Back From the Dead)
Emotet
2022-09-26Palo Alto Networks Unit 42Daniela Shalev, Itay Gamliel
Hunting for Unsigned DLLs to Find APTs
PlugX Raspberry Robin Roshtyak
2022-08-11Group-IBGroup-IB
Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution
2022-08-01QualysHarshal Tupsamudre
Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor
BPFDoor