Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-30ProofpointMichael Raggi, Proofpoint Threat Insight Team
Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe
Winter Vivern
2021-10-20ProofpointBryan Campbell, Proofpoint Threat Insight Team
TA551 Uses ‘SLIVER’ Red Team Tool in New Activity
2020-03-16ProofpointAxel F, Jeremy H, Proofpoint Threat Insight Team
New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign
RedLine Stealer
2019-11-14ProofpointBryan Campbell, Proofpoint Threat Insight Team
TA2101 plays government imposter to distribute malware to German, Italian, and US organizations
Maze TA2101
2019-10-16ProofpointAxel F, Dennis Schwarz, Kafeine, Matthew Mesa, Proofpoint Threat Insight Team
TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader
Get2 SDBbot TA505
2019-10-14ProofpointProofpoint Threat Insight Team
Threat Actor Profile: TA407, the Silent Librarian
Silent Librarian
2019-09-26ProofpointBryan Campbell, Jeremy Hedges, Proofpoint Threat Insight Team
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos
2019-09-22ProofpointMichael Raggi, Proofpoint Threat Insight Team
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs
Lookback TA410
2019-09-06ProofpointProofpoint Threat Insight Team
PsiXBot Now Using Google DNS over HTTPS and Possible New Sexploitation Module
PsiX
2019-09-05ProofpointMichael Walsh, Proofpoint Threat Insight Team
Seems Phishy: Back to School Lures Target University Students and Staff
Silent Librarian
2019-08-12ProofpointProofpoint Threat Insight Team
PsiXBot Continues to Evolve with Updated DNS Infrastructure
PsiX
2019-08-01ProofpointDennis Schwarz, Michael Raggi, Proofpoint Threat Insight Team
LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards
GUP Proxy Tool Lookback TA410
2019-07-31ProofpointDennis Schwarz, Kade Harmon, Kafeine, Proofpoint Threat Insight Team
SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits
SystemBC
2019-07-23ProofpointDennis Schwarz, Michael Raggi, Proofpoint Threat Insight Team
Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia
8.t Dropper Cotx RAT Poison Ivy TA428
2019-07-22ProofpointKafeine, Proofpoint Threat Insight Team
BrushaLoader still sweeping up victims one year later
BrushaLoader NARWHAL SPIDER
2019-07-11ProofpointProofpoint Threat Insight Team
Threat Actor Profile: TA544 targets geographies from Italy to Japan with a range of malware
ISFB PandaBanker UrlZone NARWHAL SPIDER
2019-07-02ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Insight Team
TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States
AndroMut FlawedAmmyy
2019-06-19ProofpointProofpoint Threat Insight Team
URLZone top malware in Japan, while Emotet and LINE Phishing round out the landscape
ISFB UrlZone NARWHAL SPIDER
2019-05-15ProofpointAxel F, Proofpoint Threat Insight Team
Threat Actor Profile: TA542, From Banker to Malware Distribution Service
Emotet MUMMY SPIDER
2019-05-09ProofpointDennis Schwarz, Proofpoint Threat Insight Team
New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials
KPOT Stealer
2019-05-02ProofpointBryan Campbell, Proofpoint Threat Insight Team
2019: The Return of Retefe
Dok Retefe SmokeLoader
2019-03-13ProofpointDennis Schwarz, Proofpoint Threat Insight Team
DanaBot control panel revealed
DanaBot
2019-02-21ProofpointProofpoint Threat Insight Team
Fake Jobs: Campaigns Delivering More_eggs Backdoor via Fake Job Offers
More_eggs