Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-04-19Spiegel OnlineChristoph Giesen, Hakan Tanriverdi, Simon Hage
VW-Konzern wurde jahrelang ausspioniert – von China?
CHINACHOPPER PlugX
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04Deep instinctSimon Kenin
DarkBeatC2: The Latest MuddyWater Attack Framework
MuddyC2Go
2024-03-17Technical EvolutionSimon
Carving the IcedId - Part 3
IcedID
2024-03-13Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
DarkGate
2024-02-13Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
DarkMe
2024-01-12Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
Phemedrone Stealer
2023-12-10Detect FYISimone Kraus
Rhysida Ransomware and the Detection Opportunities
PolyVice Rhysida Vanilla Tempest
2023-11-08Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel
PhonyC2 MuddyC2Go
2023-11-01Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyWater eN-Able spear-phishing with new TTPs
PhonyC2
2023-10-27ElasticJoe Desimone, Salim Bitam
GHOSTPULSE haunts victims using defense evasion bag o' tricks
HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar
2023-09-14Deep instinctMark Vaitzman, Ron Ben Yizhak, Simon Kenin
Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets
Unidentified 110 (RustyFlag)
2023-09-07Medium (@simone.kraus)Simone Kraus
Critical Energy Infrastructure Facility Attack In Ukraine
2023-06-29DeepInstinctDeep Instinct Threat Lab, Simon Kenin
PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
PhonyC2 POWERSTATS
2023-04-19Medium (@simone.kraus)Simone Kraus
Rorschach Ransomware Analysis with Attack Flow
Rorschach Ransomware
2023-03-30ElasticDaniel Stepanic, Devon Kerr, Joe Desimone, Remco Sprooten, Samir Bousseaden
Elastic users protected from SUDDENICON’s supply chain attack
3CX Backdoor
2023-03-22Atlantic CouncilSimon Handler
The 5x5—Conflict in Ukraine’s information environment
2023-03-09DeepInstinctSimon Kenin
DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL
2023-01-23zero day initiativeSimon Zuckerbraun
Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation
Denim Tsunami
2022-12-08DeepInstinctDeep Instinct Threat Lab, Simon Kenin
New MuddyWater Threat: Old Kitten; New Tricks