Click here to download all references as Bib-File.•
2024-10-23
⋅
Cisco Talos
⋅
Highlighting TA866/Asylum Ambuscade Activity Since 2021 WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie |
2024-10-23
⋅
Cisco Talos
⋅
Threat Spotlight: WarmCookie/BadSpace Cobalt Strike csharp-streamer RAT WarmCookie |
2024-10-22
⋅
Cisco Talos
⋅
Threat actor abuses Gophish to deliver new PowerRAT and DCRAT PowerRAT |
2024-10-17
⋅
Cisco Talos
⋅
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants MeltingClaw ROMCOM RAT ShadyHammock RomCom |
2024-09-10
⋅
Talos Intelligence
⋅
DragonRank, a Chinese-speaking SEO manipulator service provider IISpy PlugX DragonRank |
2024-08-28
⋅
Talos Intelligence
⋅
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks BlackByte |
2024-08-21
⋅
Cisco Talos
⋅
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure MoonPeak XenoRAT UAT-5394 |
2024-06-13
⋅
Cisco Talos
⋅
Operation Celestial Force employs mobile and desktop malware to target Indian entities Gravity RAT Gravity RAT |
2024-06-05
⋅
Cisco Talos
⋅
DarkGate switches up its tactics with new payload, email templates DarkGate |
2024-05-30
⋅
Cisco Talos
⋅
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader purpleink LilacSquid |
2024-04-24
⋅
Cisco
⋅
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices ArcaneDoor Storm-1849 |
2024-02-15
⋅
Cisco Talos
⋅
TinyTurla Next Generation - Turla APT spies on Polish NGOs TinyTurlaNG |
2024-02-08
⋅
Cisco Talos
⋅
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization HTran reGeorg Venom Proxy ZarDoor |
2024-01-09
⋅
Avast Decoded
⋅
Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police Babuk |
2023-12-11
⋅
Cisco Talos
⋅
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang BottomLoader DLRAT HazyLoad NineRAT |
2023-11-17
⋅
Cisco Talos
⋅
A deep dive into Phobos ransomware, recently deployed by 8Base group 8Base Phobos |
2023-11-17
⋅
Cisco Talos
⋅
Understanding the Phobos affiliate structure and activity Phobos |
2023-10-25
⋅
Cisco Talos
⋅
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan Ave Maria Loda YoroTrooper |
2023-10-05
⋅
Talos
⋅
Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown QakBot |
2023-09-28
⋅
Cisco Talos
⋅
The security pitfalls of social media sites offering ID-based authentication RansomVC |