Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-02-26OntinueBalazs Greksza, Domenico de Vitto, Manupriya Sharma, Rhys Downing
Inside BlackBasta: What Leaked Conversations Reveal About Their Ransomware Operations
Black Basta Black Basta
2024-11-19CrowdStrikeCounter Adversary Operations
Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector
LIMINAL PANDA
2024-11-18BlackberryBlackBerry Research and Intelligence team
Suspected Nation-State Adversary Targets Pakistan Navy in Cyber Espionage Campaign
Sync-Scheduler
2024-10-10Hunt.ioHunt.io
Unmasking Adversary Infrastructure: How Certificates and Redirects Exposed Earth Baxia and PlugX Activity
Cobalt Strike PlugX
2024-08-27LumenBlack Lotus Labs
Taking the Crossroads: The Versa Director Zero-Day Exploitation
VersaMem
2024-08-02Palo Alto Networks Unit 42Unit 42
Fighting Ursa Luring Targets With Car for Sale
Headlace
2024-07-25SOC PrimeVeronika Telychko
UAC-0057 Attack Detection: A Surge in Adversary Activity Distributing PICASSOLOADER and Cobalt Strike Beacon
Cobalt Strike PicassoLoader Ghostwriter
2024-07-25CrowdStrikeCounter Adversary Operations
Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List
SAMBASPIDER
2024-07-02SekoiaQuentin Bourgue
Exposing FakeBat loader: distribution methods and adversary infrastructure
BlackCat Royal Ransom EugenLoader Carbanak Cobalt Strike DICELOADER Gozi IcedID Lumma Stealer NetSupportManager RAT Pikabot RedLine Stealer SectopRAT Sliver SmokeLoader Vidar
2024-06-06Hunt.ioHunt.io
Tracking LightSpy: Certificates as Windows into Adversary Behavior
lightSpy
2024-03-06BushidoTokenBushidoToken
Tracking Adversaries: UAC-0050, Cracking The DaVinci Code
2024-02-01SecuronixDen Iyzvyk, Oleg Kolesnikov, Tim Peck
Analysis and Detection of STEADY#URSA Attack Campaign Targeting Ukraine Military Dropping New Covert SUBTLE-PAWS PowerShell Backdoor
SUBTLE-PAWS
2024-01-09Recorded FutureInsikt Group
2023 Adversary Infrastructure Report
AsyncRAT Cobalt Strike Emotet PlugX ShadowPad
2023-12-12FourcoreSwapnil
Rhysida Ransomware: History, TTPs And Adversary Emulation Plans
Rhysida Rhysida Vanilla Tempest
2023-12-11Sentinel LABSAleksandar Milenkoski, Bendik Hagen
Sandman APT | China-Based Adversaries Embrace Lua
KEYPLUG LuaDream
2023-12-07Palo Alto Networks Unit 42Unit 42
Fighting Ursa Aka APT28: Illuminating a Covert Campaign
2023-11-09CrowdStrikeCounter Adversary Operations
IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations
IMAPLoader
2023-10-31Palo Alto Networks Unit 42Daniel Frank, Tom Fakterman
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)
Kazuar
2023-08-26BushidoToken BlogBushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY
2023-08-10CrowdStrikeCounter Adversary Operations, Ken Balint, Marco Ortisi, Nicolas Zilio
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874