Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-15Recorded FutureInsikt Group®
@techreport{group:20210715:threats:c0bb112, author = {Insikt Group®}, title = {{Threats to the 2020 Tokyo Olympic Games}}, date = {2021-07-15}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0715.pdf}, language = {English}, urldate = {2021-07-20} } Threats to the 2020 Tokyo Olympic Games
2021-07-08Recorded FutureInsikt Group®
@online{group:20210708:chinese:98d34d3, author = {Insikt Group®}, title = {{Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan Using Winnti and Other Tooling}}, date = {2021-07-08}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/chinese-group-tag-22-targets-nepal-philippines-taiwan/}, language = {English}, urldate = {2021-07-12} } Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan Using Winnti and Other Tooling
ShadowPad Spyder Winnti
2021-06-02Recorded FutureInsikt Group®
@techreport{group:20210602:threats:d878fa3, author = {Insikt Group®}, title = {{Threats to Asian Communities in North America, Europe, and Oceania}}, date = {2021-06-02}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0602.pdf}, language = {English}, urldate = {2021-06-16} } Threats to Asian Communities in North America, Europe, and Oceania
2021-05-11Recorded FutureInsikt Group®
@techreport{group:20210511:business:36b4351, author = {Insikt Group®}, title = {{The Business of Fraud: Drops and Mules}}, date = {2021-05-11}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0511.pdf}, language = {English}, urldate = {2021-05-21} } The Business of Fraud: Drops and Mules
2021-05-05Recorded FutureInsikt Group®
@online{group:20210505:chinas:0d77f3f, author = {Insikt Group®}, title = {{China’s PLA Unit 61419 Purchasing Foreign Antivirus Products, Likely for Exploitation}}, date = {2021-05-05}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/china-pla-unit-purchasing-antivirus-exploitation/}, language = {English}, urldate = {2021-05-08} } China’s PLA Unit 61419 Purchasing Foreign Antivirus Products, Likely for Exploitation
2021-04-21Recorded FutureInsikt Group®
@techreport{group:20210421:iranlinked:3eb0720, author = {Insikt Group®}, title = {{Iran-Linked Threat Actor The MABNA Institute’s Operations in 2020}}, date = {2021-04-21}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0421.pdf}, language = {English}, urldate = {2021-05-04} } Iran-Linked Threat Actor The MABNA Institute’s Operations in 2020
2021-03-25Recorded FutureInsikt Group®
@online{group:20210325:suspected:5b0078f, author = {Insikt Group®}, title = {{Suspected Chinese Group Calypso APT Exploiting Vulnerable Microsoft Exchange Servers}}, date = {2021-03-25}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/chinese-group-calypso-exploiting-microsoft-exchange/}, language = {English}, urldate = {2021-03-30} } Suspected Chinese Group Calypso APT Exploiting Vulnerable Microsoft Exchange Servers
Meterpreter PlugX
2021-03-24Recorded FutureInsikt Group®
@techreport{group:20210324:myanmar:f99a20a, author = {Insikt Group®}, title = {{Myanmar Coup and Internet Censorship Pushes Civilians to Underground Forums, Dark Web}}, date = {2021-03-24}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0324.pdf}, language = {English}, urldate = {2021-03-25} } Myanmar Coup and Internet Censorship Pushes Civilians to Underground Forums, Dark Web
2021-03-17Recorded FutureInsikt Group®
@online{group:20210317:chinalinked:65b251b, author = {Insikt Group®}, title = {{China-linked TA428 Continues to Target Russia and Mongolia IT Companies}}, date = {2021-03-17}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/china-linked-ta428-threat-group}, language = {English}, urldate = {2021-03-19} } China-linked TA428 Continues to Target Russia and Mongolia IT Companies
PlugX Poison Ivy
2021-03-12Recorded FutureInsikt Group®
@techreport{group:20210312:dewmode:c28007f, author = {Insikt Group®}, title = {{DEWMODE Web Shell Used on Accellion FTA Appliances}}, date = {2021-03-12}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/mtp-2021-0312.pdf}, language = {English}, urldate = {2021-03-16} } DEWMODE Web Shell Used on Accellion FTA Appliances
DEWMODE
2021-02-28Recorded FutureInsikt Group®
@online{group:20210228:chinalinked:ce3b62d, author = {Insikt Group®}, title = {{China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions}}, date = {2021-02-28}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/redecho-targeting-indian-power-sector/}, language = {English}, urldate = {2021-03-31} } China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions
PlugX ShadowPad RedEcho
2021-02-28Recorded FutureInsikt Group®
@techreport{group:20210228:chinalinked:2fb1230, author = {Insikt Group®}, title = {{China-Linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions}}, date = {2021-02-28}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0228.pdf}, language = {English}, urldate = {2021-03-04} } China-Linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions
Icefog PlugX ShadowPad
2021-02-25Recorded FutureInsikt Group®
@techreport{group:20210225:business:9e4763a, author = {Insikt Group®}, title = {{The Business of Fraud: An Overview of How Cybercrime Gets Monetized}}, date = {2021-02-25}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0224.pdf}, language = {English}, urldate = {2021-02-26} } The Business of Fraud: An Overview of How Cybercrime Gets Monetized
2021-01-07Recorded FutureInsikt Group®
@techreport{group:20210107:aversary:9771829, author = {Insikt Group®}, title = {{Aversary Infrastructure Report 2020: A Defender's View}}, date = {2021-01-07}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0107.pdf}, language = {English}, urldate = {2021-01-11} } Aversary Infrastructure Report 2020: A Defender's View
Octopus pupy Cobalt Strike Empire Downloader Meterpreter PoshC2
2020-12-30Recorded FutureJohn Wetzel
@techreport{wetzel:20201230:solarwinds:59c847b, author = {John Wetzel}, title = {{SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution}}, date = {2020-12-30}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/pov-2020-1230.pdf}, language = {English}, urldate = {2021-01-05} } SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution
SUNBURST
2020-12-10Recorded FutureInsikt Group®
@techreport{group:20201210:exploit:9c6663c, author = {Insikt Group®}, title = {{Exploit Kits though in Decline, Remain Powerful Tool for Delivering Malware}}, date = {2020-12-10}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1210.pdf}, language = {English}, urldate = {2020-12-14} } Exploit Kits though in Decline, Remain Powerful Tool for Delivering Malware
2020-12-04Recorded FutureInsikt Group®
@online{group:20201204:tibet:42fc885, author = {Insikt Group®}, title = {{Tibet and Taiwan Targeted in Spearphishing Campaigns Using MESSAGEMANIFOLD Malware}}, date = {2020-12-04}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/messagemanifold-malware-spearphishing-campaigns/}, language = {English}, urldate = {2020-12-08} } Tibet and Taiwan Targeted in Spearphishing Campaigns Using MESSAGEMANIFOLD Malware
2020-12-03Recorded FutureInsikt Group®
@techreport{group:20201203:egregor:a56f637, author = {Insikt Group®}, title = {{Egregor Ransomware, Used in a String of High-Profile Attacks, Shows Connections to QakBot}}, date = {2020-12-03}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1203.pdf}, language = {English}, urldate = {2020-12-08} } Egregor Ransomware, Used in a String of High-Profile Attacks, Shows Connections to QakBot
Egregor QakBot
2020-11-10Recorded FutureInsikt Group®
@techreport{group:20201110:new:97e5657, author = {Insikt Group®}, title = {{New APT32 Malware Campaign Targets Cambodian Government}}, date = {2020-11-10}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1110.pdf}, language = {English}, urldate = {2020-11-11} } New APT32 Malware Campaign Targets Cambodian Government
KerrDown METALJACK SOUNDBITE
2020-11-04Recorded FutureInsikt Group®
@techreport{group:20201104:ransomwareasaservice:5ccfc55, author = {Insikt Group®}, title = {{Ransomware-as-a-Service Becomes Increasingly Accessible via Social Media and Open Sources}}, date = {2020-11-04}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1104.pdf}, language = {English}, urldate = {2020-11-06} } Ransomware-as-a-Service Becomes Increasingly Accessible via Social Media and Open Sources