Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-17ProofpointGreg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT UNK_RemoteRogue
2025-03-07ProofpointOle Villadsen, Proofpoint Threat Research Team, Selena Larson
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice
2025-02-18ProofpointProofpoint Threat Research Team
An Update on Fake Updates: Two New Actors, and New Mac Malware
Marcher FAKEUPDATES FrigidStealer Lumma Stealer
2024-12-17ProofpointDavid Galazin, Konstantin Klinger, Nick Attfield, Pim Trouerbach
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs
MiyaRAT WmRAT HAZY TIGER
2024-08-29ProofpointPim Trouerbach, Selena Larson, Tommy Madjar
The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”
Voldemort
2024-06-17ProofpointProofpoint
From Clipboard to Compromise: A PowerShell Self-Pwn
DarkGate HijackLoader Lumma Stealer Matanbuchus NetSupportManager RAT TA571
2024-04-10ProofpointSelena Larson, Tommy Madjar
Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer
Rhadamanthys
2024-04-04ProofpointProofpoint Threat Research Team, Team Cymru, TEAM CYMRU S2 THREAT RESEARCH
Latrodectus: This Spider Bytes Like Ice
IcedID Latrodectus
2024-03-21ProofpointProofpoint Threat Research Team
Security Brief: TA450 Uses Embedded Links in PDF Attachments in Latest Campaign
2024-03-06ProofpointDusty Miller, Jake G, Selena Larson
TA4903: Actor Spoofs U.S. Government, Small Businesses in Phishing, BEC Bids
TA4903
2024-03-04ProofpointKelsey Merriman, Selena Larson, Tommy Madjar
TA577’s Unusual Attack Chain Leads to NTLM Data Theft
2024-02-13ProofpointAxel F, Selena Larson
Bumblebee Buzzes Back in Black
BumbleBee
2023-12-21ProofpointAxel F, Dusty Miller, Selena Larson, Tommy Madjar
BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates
DarkGate
2023-12-12ProofpointKelsey Merriman, Selena Larson, Xavier Chambrier
Security Brief: TA4557 Targets Recruiters Directly via Email
More_eggs FIN6
2023-12-05ProofpointCrista Giering, Greg Lesnewich, Proofpoint Threat Research Team
TA422’s Dedicated Exploitation Loop—the Same Week After Week
2023-11-14ProofpointJoshua Miller
TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities
IronWind TA402
2023-10-30ProofpointAxel F, Selena Larson
Security Brief: TA571 Delivers IcedID Forked Loader
PHOTOFORK TA571
2023-10-23ProofpointJared Peck
From Copacabana to Barcelona: The Cross-Continental Threat of Brazilian Banking Malware
Grandoreiro TA2725
2023-09-20ProofpointProofpoint Threat Research Team
Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
FatalRat PurpleFox ValleyRAT
2023-07-31ProofpointKelsey Merriman, Pim Trouerbach
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion
ISFB WikiLoader