Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-26Trend MicroPaul John Bardon, Sarah Pearl Camiling
New Info Stealer Bandit Stealer Targets Browsers, Wallets
Bandit Stealer
2023-01-19MandiantCristiana Kittner, Mark Lechtik, Sarah Hawley, Scott Henderson
Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)
BOLDMOVE BOLDMOVE
2023-01-05MandiantEduardo Mattos, Gabby Roncone, John Wolfram, Sarah Hawley, Tyler McLellan
Turla: A Galaxy of Opportunity
KopiLuwak Andromeda QUIETCANARY
2022-11-29MandiantDoug Bienstock, Luke Jenkins, Parnian Najafi, Sarah Hawley
Suspected Russian Activity Targeting Government and Business Entities Around the Globe
CEELOADER
2022-04-29MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
BEATDROP VaporRage
2022-04-28MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
Cobalt Strike
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-05-27FireEyeDan Perez, Emiel Haeghebaert, Greg Wood, Sarah Jones, Stephen Eckels
Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices
UNC2630 UNC2717
2021-04-20FireEyeDan Perez, Dimiter Andonov, Greg Wood, Jacob Thompson, Jonathan Lepore, Josh Triplett, Joshua Villanueva, Regina Elwell, Sarah Jones, Stephen Eckels, Stroz Friedberg
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-02GoSecureMasarah Paquet-Clouston
Deep Dive into an Obfuscation-as-a-Service for Android Malware
Geost
2020-04-22FireEyeBen Read, Gabby Roncone, John Hultquist, Sarah Jones, Scott Henderson
Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
METALJACK
2020-03-25FireEyeChristopher Glyer, Dan Perez, Sarah Jones, Steve Miller
This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits
Speculoos Cobalt Strike
2019-01-29FireEyeAndrew Thompson, Ben Read, Cristiana Brafman-Kittner, Nalani Fraser, Sanaz Yashar, Sarah Hawley, Yuri Rozhansky
APT39: An Iranian Cyber Espionage Group Focused on Personal Information
APT39
2019-01-10FireEyeBen Read, Muks Hirani, Sarah Jones
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
DNSpionage DNSpionage
2019-01-09MandiantBen Read, Muks Hirani, Sarah Jones
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
DNSpionage Sea Turtle
2018-10-03Virus BulletinMasarah Paquet-Clouston, Olivier Bilodeau
Uncovering the Wholesale Industry of Social Media Fraud: From Botnets to Bulk Reseller Panels
Moose
2018-09-18The CitizenlabBahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Sarah McKune
Hide and Seek: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
Chrysaor
2018-03-09Adam Senft, Bill Marczak, Jakub Dalek, John Scott-Railton, Ron Deibert, Sarah McKune
Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?
StrongPity
2017-12-06The Citizen LabBill Marczak, Geoffrey Alexander, John Scott-Railton, Ron Deibert, Sarah McKune
Champing at the Cyberbit Ethiopian Dissidents Targeted with New Commercial Spyware
PC Surveillance System
2016-11-02GoSecureMasarah Paquet-Clouston
Exposing the EGO MARKET: the cybercrime performed by the Linux/Moose botnet
Moose
2016-06-29EmsisoftSarah
Apocalypse: Ransomware which targets companies through insecure RDP
Apocalypse
2016-01-01EmsisoftSarah
Die erste Ransomware in JavaScript: Ransom32
Enrume
2015-06-23ReutersJoseph Menn, Sarah N. Lynch
Exclusive: SEC hunts hackers who stole corporate emails to trade stocks
WOLF SPIDER