Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-05-19cyjaxJoe Wrieden
A Sting on Bing: Bumblebee delivered through Bing SEO poisoning campaign
BumbleBee
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-17Cisco TalosJoey Chen
Unmasking the new XorDDoS controller and infrastructure
XOR DDoS
2024-09-10Talos IntelligenceJoey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank
2024-08-01CiscoAshley Shen, Joey Chen, Vitor Ventura
APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike
Cobalt Strike ShadowPad
2024-07-26SecurityIntelligenceGolo Mühr, Joe Fasulo
Hive0137 and AI-supplemented malware distribution
WarmCookie XWorm Hive0137
2024-06-21ElasticJoe Desimone, Samir Bousseaden
GrimResource - Microsoft Management Console for initial access and evasion
Cobalt Strike
2024-04-04Cisco TalosChetan Raghuprasad, Joey Chen
CoralRaider targets victims’ data and social media accounts
CoralRaider
2023-12-08Security IntelligenceClaire Zaboeva, Golo Mühr, Joe Fasulo
ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware
Headlace
2023-11-11Security JoesSecurityJoes
Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel
BiBi-Linux
2023-10-30Security JoesSecurityJoes
BiBi Wiper
BiBi-Linux BiBiGun
2023-10-27ElasticJoe Desimone, Salim Bitam
GHOSTPULSE haunts victims using defense evasion bag o' tricks
HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar
2023-09-05Github (JoelGMSec)Joel Gámez Molina
MultiPlatform HTTP Reverse Shell
HTTP-Shell
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-22eSentireJoe Stewart, Keegan Keplinger
The Hunt for VENOM SPIDER PART 2
VENOM SPIDER
2023-04-28DISCARDED PodcastJoe Wise, Pim Trouerbach
Beyond Banking: IcedID Gets Forked
IcedID PhotoLoader
2023-04-26eSentireJoe Stewart, Keegan Keplinger
Gootloader Unloaded: Researchers Launch Multi-Pronged Offensive Against Gootloader, Cutting Off Traffic to Thousands of Gootloader Web Pages and Using the Operator’s Very Own Tactics to Protect End-Users
GootLoader
2023-03-30ElasticDaniel Stepanic, Devon Kerr, Joe Desimone, Remco Sprooten, Samir Bousseaden
Elastic users protected from SUDDENICON’s supply chain attack
3CX Backdoor
2023-03-28MandiantDan Perez, Fred Plan, Jeffery Johnson, JOE DOBSON, Michael Barnhart, Van Ta
APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations
APT43
2023-03-28MandiantDan Perez, Fred Plan, JEFF JOHNSON, JOE DOBSON, Michael Barnhart, Van Ta
APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations
APT43 Kimsuky