Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-04-04Deep instinctSimon Kenin
DarkBeatC2: The Latest MuddyWater Attack Framework
MuddyC2Go
2024-02-02Cyber Kendraadmin
FritzFrog Botnet Expands Attack Arsenal with Log4Shell Exploits
FritzFrog
2024-01-09Trend MicroArianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira
2023-12-13FortinetAmey Gat, Angelo Cris Deveraturda, Hongkei Chan, Jared Betts, Jayesh Zala, John Simmons, Ken Evans, Mark Robson
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
GraphDrop
2023-11-09MandiantChris Sistrunk, Daniel Kapellmann Zafra, Jared Wilson, John Wolfram, Keith Lunden, Ken Proska, Nathan Brubaker, Tyler McLellan
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
CaddyWiper
2023-11-08Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel
PhonyC2 MuddyC2Go
2023-11-01Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyWater eN-Able spear-phishing with new TTPs
PhonyC2
2023-10-20TechCrunchCarly Page
Authorities confirm RagnarLocker ransomware taken down during international sting
RagnarLocker RagnarLocker
2023-09-14Deep instinctMark Vaitzman, Ron Ben Yizhak, Simon Kenin
Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets
Unidentified 110 (RustyFlag)
2023-08-26BushidoToken BlogBushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY
2023-08-10CrowdStrikeCounter Adversary Operations, Ken Balint, Marco Ortisi, Nicolas Zilio
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874
2023-06-29DeepInstinctDeep Instinct Threat Lab, Simon Kenin
PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
PhonyC2 POWERSTATS
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-260xToxin Labs@0xToxin
Kraken - The Deep Sea Lurker Part 2
KrakenKeylogger
2023-05-25MandiantCorey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Nathan Brubaker, Rushikesh Nandedkar
COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises
LIGHTWORK PIEHOP
2023-05-24BushidoToken BlogBushidoToken
Unmasking Ransomware Using Stylometric Analysis: Shadow, 8BASE, Rancoz
8Base
2023-05-20@0xToxin
Kraken - The Deep Sea Lurker Part 1
KrakenKeylogger
2023-04-28Trend MicroDon Ovid Ladores, Earle Maui Earnshaw, Ian Kenefick
Rapture, a Ransomware Family With Similarities to Paradise
Paradise
2023-03-13TrendmicroIan Kenefick
Emotet Returns, Now Adopts Binary Padding for Evasion
Emotet
2023-03-09DeepInstinctSimon Kenin
DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL