Click here to download all references as Bib-File.
| 2023-04-20 ⋅ ESET Research ⋅ Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack BADCALL 3CX Backdoor BADCALL IconicStealer |
| 2023-02-09 ⋅ Trend Micro ⋅ Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs Enigma Loader |
| 2023-01-17 ⋅ Trend Micro ⋅ Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures NjRAT |
| 2022-09-30 ⋅ ESET Research ⋅ Lazarus & BYOVD: evil to the Windows core FudModule |
| 2022-09-30 ⋅ ESET Research ⋅ Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium BLINDINGCAN FudModule |
| 2022-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive Cobalt Strike EnvyScout Gdrive |
| 2022-07-14 ⋅ Sophos ⋅ BlackCat ransomware attacks not merely a byproduct of bad luck BlackCat BlackCat |
| 2022-07-05 ⋅ Palo Alto Networks Unit 42 ⋅ When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors |
| 2022-06-06 ⋅ NCC Group ⋅ Shining the Light on Black Basta Black Basta |
| 2022-05-20 ⋅ nccgroup ⋅ Metastealer – filling the Racoon void MetaStealer |
| 2022-04-12 ⋅ Sophos ⋅ Attackers linger on government agency computers before deploying Lockbit ransomware LockBit |
| 2021-12-22 ⋅ Sophos ⋅ Avos Locker remotely accesses boxes, even running in Safe Mode AvosLocker |
| 2021-12-20 ⋅ IronNet ⋅ Detecting anomalous network traffic resulting from a successful Log4j attack |
| 2021-12-16 ⋅ TEAMT5 ⋅ Winnti is Coming - Evolution after Prosecution Cobalt Strike FishMaster FunnySwitch HIGHNOON ShadowPad Spyder |
| 2021-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus Godzilla Webshell |
| 2021-11-29 ⋅ Certitude ⋅ Unpatched Exchange Servers distribute Phishing Links (SquirrelWaffle) Squirrelwaffle |
| 2021-11-16 ⋅ IronNet ⋅ How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware Cobalt Strike Conti IcedID REvil |
| 2021-11-07 ⋅ Palo Alto Networks Unit 42 ⋅ Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer Godzilla Webshell NGLite |
| 2021-10-12 ⋅ IronNet ⋅ Continued Exploitation of CVE-2021-26084 |
| 2021-10-07 ⋅ Palo Alto Networks Unit 42 ⋅ SilverTerrier – Nigerian Business Email Compromise |