Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-03-20Cisco TalosAsheer Malhotra, Brandon White, Jungsoo An, Vitor Ventura
UAT-5918 targets critical infrastructure entities in Taiwan
LaZagne JuicyPotato Meterpreter MimiKatz
2025-03-12LookoutLookout
Lookout Discovers New Spyware by North Korean APT37
KoSpy
2025-02-28GreynoiseNoah Stone
New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran
Mirai
2025-02-20Cisco TalosCisco Talos
Weathering the storm: In the midst of a Typhoon
2025-02-13Recorded FutureInsikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor
2025-02-06MicrosoftMicrosoft Threat Intelligence
Code injection attacks using publicly disclosed ASP.NET machine keys
2025-01-14InfobloxDavid Brunsdon
One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet
2025-01-07SANS ISCYee Ching Tok
PacketCrypt Classic Cryptocurrency Miner on PHP Servers
2025-01-03SANS ISCXavier Mertens
SwaetRAT Delivery Through Python
SwaetRAT
2024-12-11LookoutKyle Schmittle, Paul Shunk
Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT
BoneSpy DroidWatcher PlainGnome
2024-12-11LookoutKristina Balaam
Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus
EagleMsgSpy
2024-11-07Cisco TalosAliza Johnson, Chetan Raghuprasad, Elio Biasiotto, Michael Szeliga
Unwrapping the emerging Interlock ransomware attack
Rhysida
2024-10-31Twitter (@nextronresearch)Nextron Systems
Tweet about discovery of HellDown ransomware
HellDown
2024-10-30Palo Alto Networks Unit 42Unit 42
Jumpy Pisces Engages in Play Ransomware
Dtrack MimiKatz PLAY Sliver
2024-10-24Cisco TalosAaron Boyd
Writing a BugSleep C2 server and detecting its traffic with Snort
bugsleep
2024-10-24Hunt.ioHunt.io
Rekoobe Backdoor Discovered in Open Directory, Possibly Targeting TradingView Users
Rekoobe
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Highlighting TA866/Asylum Ambuscade Activity Since 2021
WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Threat Spotlight: WarmCookie/BadSpace
Cobalt Strike csharp-streamer RAT WarmCookie
2024-10-22Cisco TalosChetan Raghuprasad
Threat actor abuses Gophish to deliver new PowerRAT and DCRAT
PowerRAT
2024-10-17Cisco TalosAsheer Malhotra, Dmytro Korzhevin, Vanja Svajcer, Vitor Ventura
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
MeltingClaw ROMCOM RAT ShadyHammock RomCom