Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-03-12GdataJohn Dador
Endgame Harvesting: Inside ACRStealer’s Modern Infrastructure
ACR Stealer
2026-02-17GoogleDaniel Sislo, Fernando Tomlinson, John Scarbrough, Jr., Nick Harbour, PETER UKHANOV, Rich Reece
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
BRICKSTORM GRIMBOLT SLAYSTYLE UNC6201
2026-02-15Github (jrm360seclab)Johny Metellus
AODIN X1BQ Projector — Pre-Installed Vo1d Botnet Malware
Void
2026-01-29FortninetAngelo Deveraturda, Jared Betts, John Simmons, Ken Evans, Mark Robson, Omar Avilez Melo, Xiaopeng Zhang
Interlock Ransomware: New Techniques, Same Old Tricks
Interlock
2025-12-18HelpNetSecurityJohn Wilson
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
Scripted Sparrow
2025-12-01FORTRAJohn Wilson
Scripted Sparrow: A Prolific BEC Threat Group
Scripted Sparrow
2025-09-24GoogleAshley Pearson, Austin Larsen, BRAD SLAYBAUGH, Doug Bienstock, Geoff Carstairs, John Wolfram, Josh Madeley, Josh Murchie, Matt Lin, Sarah Yoder
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
BRICKSTORM
2025-08-19Red CanaryChris Brook, Christina Johns, Tyler Edmonds
Patching for persistence: How DripDropper Linux malware moves through the cloud
2025-06-12CitizenLabBill Marczak, John Scott-Railton
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted
2025-05-29FortinetJohn Simmons, Xiaopeng Zhang
Deep Dive into a Dumped Malware without a PE Header
2025-05-01FortinetFaisal Abdul Malik Qureshi, Fred Gutierrez, Hossein Jazi, John Simmons, Mark Robson, Said Wali, Xiaopeng Zhang
FortiGuard Incident Response Team Detects Intrusion into Middle East Critical National Infrastructure
Havoc
2025-04-16SpyCloudAurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-03-18TrellixJambul Tologonov, John Fokker
Analysis of Black Basta Ransomware Chat Leaks
Black Basta Black Basta
2025-03-12YouTube (John Hammond)John Hammond
LEAKED Russian Hackers Internal Chats
Black Basta Black Basta
2025-03-11Trend MicroCj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader Water Kurita
2025-03-07FortinetFaisal Abdul Malik Qureshi, Fred Gutierrez, Hossein Jazi, John Simmons, Mark Robson, Said Wali, Xiaopeng Zhang
Investigating Iranian Intrusion into Strategic Middle East Critical Infrastructure
Havoc
2025-02-20ReliaquestJohn Dilgen
48 Minutes: How Fast Phishing Attacks Exploit Weaknesses
ReedBed
2024-11-20TrellixJambul Tologonov, John Fokker, Phuc Pham
Phobos: Stealthy Ransomware That Operated Under the Radar - Until Now
8Base CryptXXXX Dharma Phobos
2024-11-07Cisco TalosAliza Johnson, Chetan Raghuprasad, Elio Biasiotto, Michael Szeliga
Unwrapping the emerging Interlock ransomware attack
Interlock Rhysida