Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT
2024-03-010x0v1Ovi
APT37's ROKRAT HWP Object Linking and Embedding
RokRAT
2023-12-06FortgaleFortgale
Nebula Broker: offensive operations made in Italy
Vetta Loader
2023-06-29BusinessWireDaria Zhukova
Dark Web Intelligence Shows Everest Ransomware Group Increasing Initial Access Broker Activity
2023-05-01Check Point ResearchCheck Point Research
Chain Reaction: RokRAT's Missing Link
Amadey RokRAT
2023-04-26AhnLabbghjmun
RokRAT Malware Distributed Through LNK Files (*.lnk): RedEyes (ScarCruft)
RokRAT
2023-04-19Bleeping ComputerBill Toulas
March 2023 broke ransomware attack records with 459 incidents
Clop WhiteRabbit BianLian Black Basta BlackCat LockBit MedusaLocker PLAY Royal Ransom
2023-02-09CISA, DSA, FBI, HHS, NSA, ROK
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot
2023-01-01ThreatMonSeyit Sigirci (@h3xecute), ThreatMon Malware Research Team
Reverse Engineering RokRAT: A Closer Look at APT37’s Onedrive-Based Attack Vector
RokRAT
2023-01-01ThreatMonSeyit Sigirci (@h3xecute), ThreatMon Malware Research Team
Reverse Engineering RokRAT: A Closer Look at APT37’s Onedrive-Based Attack Vector
RokRAT
2022-12-09SecureworksSecureWorks' Counter Threat Unit Research Team
Drokbk Malware Uses GitHub as Dead Drop Resolver
Drokbk
2022-12-09Positive TechnologiesPTSecurity
APT Cloud Atlas: Unbroken Threat
2022-11-04DataBreaches.netDissent
Malaysian online stock brokerage firm victim of cyberattack
Desorden Group
2022-09-28Twitter (@ESETresearch)ESET Research
Twitter Thread linking CloudMensis to RokRAT / ScarCruft
CloudMensis RokRAT
2022-09-07GoogleGoogle Threat Analysis Group, Pierre-Marc Bureau
Initial access broker repurposing techniques in targeted attacks against Ukraine
AnchorMail Cobalt Strike IcedID
2022-09-07GoogleGoogle Threat Analysis Group, Pierre-Marc Bureau
Initial access broker repurposing techniques in targeted attacks against Ukraine
AnchorMail Cobalt Strike IcedID
2022-09-06ESET ResearchThibaut Passilly
Worok: The big picture
MimiKatz PNGLoad reGeorg ShadowPad Worok
2022-08-17Group-IBVictor Okorokov
Switching side jobs Links between ATMZOW JS-sniffer and Hancitor
Hancitor
2022-08-02Recorded FutureInsikt Group
Initial Access Brokers Are Key to Rise in Ransomware Attacks
Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar
2022-07-14SophosAlexander Giles
Rapid Response: The Ngrok Incident Guide