Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-01-26Recorded FutureInsikt Group
@techreport{group:20230126:bluebravo:9d6aa62, author = {Insikt Group}, title = {{BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware}}, date = {2023-01-26}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf}, language = {English}, urldate = {2023-02-02} } BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware
GraphicalNeutrino APT29
2022-12-05Recorded FutureInsikt Group
@techreport{group:20221205:exposing:b80717f, author = {Insikt Group}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-1205.pdf}, language = {English}, urldate = {2023-01-03} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
TAG-53
2022-12-05Recorded FutureInsikt Group
@online{group:20221205:exposing:4181968, author = {Insikt Group}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations?utm_campaign=PostBeyond&utm_source=Twitter&utm_medium=359877&utm_term=Exposing+TAG-53%E2%80%99s+Credential+Harvesting+Infrastructure+Used+for+Russia-Aligned+Espionage+Operations}, language = {English}, urldate = {2023-01-03} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
TAG-53
2022-09-28Recorded FutureInsikt Group®
@techreport{group:20220928:1:eb11b21, author = {Insikt Group®}, title = {{1 KEY FOR 1 LOCK: The Chinese Communist Party’s Strategy for Targeted Propaganda}}, date = {2022-09-28}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/ta-2022-0928.pdf}, language = {English}, urldate = {2022-09-30} } 1 KEY FOR 1 LOCK: The Chinese Communist Party’s Strategy for Targeted Propaganda
2022-09-22Recorded FutureInsikt Group®
@techreport{group:20220922:chinese:9349a24, author = {Insikt Group®}, title = {{Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets}}, date = {2022-09-22}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0922.pdf}, language = {English}, urldate = {2022-09-26} } Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets
8.t Dropper LOWZERO
2022-09-20Recorded FutureInsikt Group®
@techreport{group:20220920:threat:b6666bd, author = {Insikt Group®}, title = {{Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming}}, date = {2022-09-20}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0920.pdf}, language = {English}, urldate = {2022-09-26} } Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming
2022-09-19Recorded FutureInsikt Group®
@techreport{group:20220919:russianexus:e07ed8e, author = {Insikt Group®}, title = {{Russia-Nexus UAC-0113 Emulating Telecommunication Providers in Ukraine}}, date = {2022-09-19}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0919.pdf}, language = {English}, urldate = {2022-09-26} } Russia-Nexus UAC-0113 Emulating Telecommunication Providers in Ukraine
Ave Maria Colibri Loader DCRat
2022-08-16Recorded FutureInsikt Group®
@techreport{group:20220816:redalpha:5bfb9a3, author = {Insikt Group®}, title = {{RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations}}, date = {2022-08-16}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf}, language = {English}, urldate = {2022-08-30} } RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations
RedAlpha
2022-08-02Recorded FutureInsikt Group
@techreport{group:20220802:initial:5caddb5, author = {Insikt Group}, title = {{Initial Access Brokers Are Key to Rise in Ransomware Attacks}}, date = {2022-08-02}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0802.pdf}, language = {English}, urldate = {2022-08-05} } Initial Access Brokers Are Key to Rise in Ransomware Attacks
Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar
2022-07-19Recorded FutureInsikt Group®
@techreport{group:20220719:amid:e54f780, author = {Insikt Group®}, title = {{Amid Rising Magecart Attacks on Online Ordering Platforms, Recent Campaigns Infect 311 Restaurants}}, date = {2022-07-19}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0719.pdf}, language = {English}, urldate = {2022-07-25} } Amid Rising Magecart Attacks on Online Ordering Platforms, Recent Campaigns Infect 311 Restaurants
magecart
2022-05-03Recorded FutureInsikt Group
@online{group:20220503:solardeflection:5419c1a, author = {Insikt Group}, title = {{SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse}}, date = {2022-05-03}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/solardeflection-c2-infrastructure-used-by-nobelium-in-company-brand-misuse/}, language = {English}, urldate = {2022-05-06} } SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse
Cobalt Strike
2022-05-03Recorded FutureInsikt Group®
@techreport{group:20220503:solardeflection:1470221, author = {Insikt Group®}, title = {{SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse}}, date = {2022-05-03}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0503.pdf}, language = {English}, urldate = {2022-05-04} } SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse
Cobalt Strike EnvyScout
2022-04-06Recorded FutureInsikt Group®
@techreport{group:20220406:continued:dcee8d2, author = {Insikt Group®}, title = {{Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group (TAG-38)}}, date = {2022-04-06}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/ta-2022-0406.pdf}, language = {English}, urldate = {2022-08-05} } Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group (TAG-38)
ShadowPad
2022-04-06Recorded FutureInsikt Group
@online{group:20220406:continued:cdf57e5, author = {Insikt Group}, title = {{Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group}}, date = {2022-04-06}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/continued-targeting-of-indian-power-grid-assets/}, language = {English}, urldate = {2022-04-12} } Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group
ShadowPad
2022-03-30Recorded FutureInsikt Group
@techreport{group:20220330:social:e36c4e5, author = {Insikt Group}, title = {{Social Engineering Remains Key Tradecraft for Iranian APTs}}, date = {2022-03-30}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0330.pdf}, language = {English}, urldate = {2022-04-05} } Social Engineering Remains Key Tradecraft for Iranian APTs
Liderc pupy
2022-03-30Recorded FutureInsikt Group
@online{group:20220330:social:cd7cb6f, author = {Insikt Group}, title = {{Social Engineering Remains Key Tradecraft for Iranian APTs}}, date = {2022-03-30}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/social-engineering-remains-key-tradecraft-for-iranian-apts/}, language = {English}, urldate = {2022-04-05} } Social Engineering Remains Key Tradecraft for Iranian APTs
2022-03-24Recorded FutureInsikt Group
@techreport{group:20220324:isaacwiper:82f3d6d, author = {Insikt Group}, title = {{IsaacWiper Continues Trend of Wiper Attacks Against Ukraine}}, date = {2022-03-24}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/mtp-2022-0324.pdf}, language = {English}, urldate = {2022-03-25} } IsaacWiper Continues Trend of Wiper Attacks Against Ukraine
IsaacWiper
2022-03-24Recorded FutureInsikt Group®
@online{group:20220324:isaacwiper:ee6aace, author = {Insikt Group®}, title = {{IsaacWiper Continues Trend of Wiper Attacks Against Ukraine}}, date = {2022-03-24}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/isaacwiper-continues-trend-wiper-attacks-against-ukraine/}, language = {English}, urldate = {2022-03-25} } IsaacWiper Continues Trend of Wiper Attacks Against Ukraine
IsaacWiper
2022-03-24Recorded FutureInsikt Group®
@techreport{group:20220324:russian:b033b71, author = {Insikt Group®}, title = {{Russian State-Sponsored Amplification of Bio Lab Disinformation Amid War in Ukraine}}, date = {2022-03-24}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0324.pdf}, language = {English}, urldate = {2022-05-05} } Russian State-Sponsored Amplification of Bio Lab Disinformation Amid War in Ukraine
2022-03-18Recorded FutureInsikt Group®
@techreport{group:20220318:ghostwriter:907199b, author = {Insikt Group®}, title = {{Ghostwriter in the Shell: Expanding on Mandiant’s Attribution of UNC1151 to Belarus}}, date = {2022-03-18}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0318.pdf}, language = {English}, urldate = {2022-03-22} } Ghostwriter in the Shell: Expanding on Mandiant’s Attribution of UNC1151 to Belarus