Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-12-02Trend MicroByron Gelera, Emmanuel Panopio, Ian Kenefick, Jeffrey Francis Bonaobra, Joe Soares, Sarah Pearl Camiling
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Water Saci
2025-10-27Trend MicroEmmanuel Panopio, Jeffrey Francis Bonaobra, Joe Soares
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Water Saci
2025-07-23Stranded on Pylos BlogJoe Slowik
Will the Real Salt Typhoon Please Stand Up?
KV
2025-05-19cyjaxJoe Wrieden
A Sting on Bing: Bumblebee delivered through Bing SEO poisoning campaign
BumbleBee
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-17Cisco TalosJoey Chen
Unmasking the new XorDDoS controller and infrastructure
XOR DDoS
2024-11-14Cisco TalosAlex Karkins, Chetan Raghuprasad, Joey Chen
New PXA Stealer targets government and education sectors for sensitive information
PXA Stealer
2024-09-10Talos IntelligenceJoey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank
2024-08-01CiscoAshley Shen, Joey Chen, Vitor Ventura
APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike
Cobalt Strike ShadowPad
2024-07-26SecurityIntelligenceGolo Mühr, Joe Fasulo
Hive0137 and AI-supplemented malware distribution
WarmCookie XWorm Hive0137
2024-06-21ElasticJoe Desimone, Samir Bousseaden
GrimResource - Microsoft Management Console for initial access and evasion
Cobalt Strike
2024-04-04Cisco TalosChetan Raghuprasad, Joey Chen
CoralRaider targets victims’ data and social media accounts
CoralRaider
2023-12-08Security IntelligenceClaire Zaboeva, Golo Mühr, Joe Fasulo
ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware
Headlace
2023-11-11Security JoesSecurityJoes
Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel
BiBi-Linux
2023-10-30Security JoesSecurityJoes
BiBi Wiper
BiBi-Linux BiBiGun
2023-10-27ElasticJoe Desimone, Salim Bitam
GHOSTPULSE haunts victims using defense evasion bag o' tricks
HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar
2023-09-05Github (JoelGMSec)Joel Gámez Molina
MultiPlatform HTTP Reverse Shell
HTTP-Shell
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-22eSentireJoe Stewart, Keegan Keplinger
The Hunt for VENOM SPIDER PART 2
VENOM SPIDER
2023-04-28DISCARDED PodcastJoe Wise, Pim Trouerbach
Beyond Banking: IcedID Gets Forked
IcedID PhotoLoader