Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-12-10The RecordJonathan Greig
DOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure
2025-12-09Huntress LabsJonathan Semon, Stuart Ashenbrenner
AMOS Stealer Exploits AI Trust: Malware Delivered Through ChatGPT and Grok
AMOS
2025-11-19SpamhausJonas Arnold
The anatomy of bulletproof hosting – past, present, future
2025-11-14The RecordJonathan Greig
Multiple US citizens plead guilty to helping North Korean IT workers earn $2 million
2025-11-04The RecordJonathan Greig
Treasury sanctions 8 for laundering North Korea earnings from cybercrime, IT worker scheme
2025-10-20DarktraceNathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE
2025-09-05Arctic WolfDmitry Kupin, Dmitry Melikov, Jacob Faires, Jon Grimm, Pavel Usatenko
GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe
2025-06-18Huntress LabsAlden Schmidt, Jonathan Semon, Stuart Ashenbrenner
Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion
2025-06-17Palo Alto Networks Unit 42Dominik Reichel
Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
KimJongRat
2025-06-04ThreatrayAbdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two
AlmondRAT AlmondRAT Artra Downloader BDarkRAT Havoc KiwiStealer KugelBlitz MiyaRAT ORPCBackdoor WmRAT ZxxZ
2025-06-04ProofpointAbdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One
Artra Downloader Havoc
2025-01-20Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Qbot is Back.Connect
ReedBed UNC4393
2025-01-01CyberchJon Pertwee
Aisuru Botnet Shifts from DDoS to Residential Proxies
Aisuru
2024-07-18MandiantJared Wilson, Jonathan Lepore, Luis Rocha, Mike Stokkel, Pierre Gerlings, RENATO FONTANA, Stephen Eckels
APT41 Has Arisen From the DUST
Cobalt Strike
2024-05-01MandiantAdrian Hernandez, Asli Koksal, Jonathan Leathery, Ofir Rozmann, Sarah Bock
Uncharmed: Untangling Iran's APT42 Operations
TAMECAT
2024-02-29ANALYST1Anastasia Sentsova, Jon DiMaggio
LockBit Takedown & Operation Cronos: A Long-Awaited PsyOps Against Ransomware
LockBit LockBit LockBit
2024-02-27MandiantChen Evgi, Jonathan Leathery, Ofir Rozmann
When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors
LIGHTRAIL MINIBIKE MINIBUS UNC1549
2024-02-08ANALYST1Anastasia Sentsova, Jon DiMaggio
“This Forum is a Bunch of Communists and They Set Me Up”, LockBit Spills the Tea Regarding Their Recent Ban on Russian-Speaking Forums
LockBit
2024-01-16Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Keyhole Analysis
IcedID Keyhole
2023-12-04The RecordJonathan Greig
Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks