Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-05ProofpointGreg Lesnewich, Crista Giering, Proofpoint Threat Research Team
@online{lesnewich:20231205:ta422s:a757704, author = {Greg Lesnewich and Crista Giering and Proofpoint Threat Research Team}, title = {{TA422’s Dedicated Exploitation Loop—the Same Week After Week}}, date = {2023-12-05}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta422s-dedicated-exploitation-loop-same-week-after-week}, language = {English}, urldate = {2023-12-05} } TA422’s Dedicated Exploitation Loop—the Same Week After Week
2023-11-30BlackberryBlackBerry Research & Intelligence Team, Dmitry Bestuzhev
@online{team:20231130:aeroblade:725b5e6, author = {BlackBerry Research & Intelligence Team and Dmitry Bestuzhev}, title = {{AeroBlade on the Hunt Targeting the U.S. Aerospace Industry}}, date = {2023-11-30}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/11/aeroblade-on-the-hunt-targeting-us-aerospace-industry}, language = {English}, urldate = {2023-12-05} } AeroBlade on the Hunt Targeting the U.S. Aerospace Industry
2023-11-13Twitter (@malwrhunterteam)MalwareHunterTeam
@online{malwarehunterteam:20231113:qilin:ebf1cb5, author = {MalwareHunterTeam}, title = {{Tweet on Qilin Linux Locker}}, date = {2023-11-13}, organization = {Twitter (@malwrhunterteam)}, url = {https://twitter.com/malwrhunterteam/status/1724521714845937822}, language = {English}, urldate = {2023-12-04} } Tweet on Qilin Linux Locker
Qilin
2023-11-13Twitter (@malwrhunterteam)MalwareHunterTeam
@online{malwarehunterteam:20231113:linux:f0f5f71, author = {MalwareHunterTeam}, title = {{Tweet on Linux version of Rhysida}}, date = {2023-11-13}, organization = {Twitter (@malwrhunterteam)}, url = {https://twitter.com/malwrhunterteam/status/1724165711356993736}, language = {English}, urldate = {2023-11-14} } Tweet on Linux version of Rhysida
Rhysida
2023-11-10AhnLabASEC Analysis Team
@online{team:20231110:detection:6c90ee7, author = {ASEC Analysis Team}, title = {{Detection of attacks exploiting asset management software (Andariel Group)}}, date = {2023-11-10}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/58215/}, language = {Korean}, urldate = {2023-11-28} } Detection of attacks exploiting asset management software (Andariel Group)
Lilith Tiger RAT
2023-11-09CYBERWARZONETech Team
@online{team:20231109:tasnim:f8aadc5, author = {Tech Team}, title = {{Tasnim News Hacked By WeRedEvils}}, date = {2023-11-09}, organization = {CYBERWARZONE}, url = {https://cyberwarzone.com/tasnim-news-hacked-by-weredevils/}, language = {English}, urldate = {2023-11-17} } Tasnim News Hacked By WeRedEvils
2023-10-27Kaspersky LabsKaspersky Team
@online{team:20231027:security:84dd700, author = {Kaspersky Team}, title = {{Security Analyst Summit 2023: key research}}, date = {2023-10-27}, organization = {Kaspersky Labs}, url = {https://usa.kaspersky.com/blog/sas-2023-research/29254/}, language = {English}, urldate = {2023-12-04} } Security Analyst Summit 2023: key research
2023-10-26Avast DecodedThreat Research Team
@online{team:20231026:rhysida:08ca4b6, author = {Threat Research Team}, title = {{Rhysida Ransomware Technical Analysis}}, date = {2023-10-26}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatresearch/rhysida-ransomware-technical-analysis/}, language = {English}, urldate = {2023-10-30} } Rhysida Ransomware Technical Analysis
Rhysida
2023-10-19SymantecThreat Hunter Team
@online{team:20231019:crambus:9e0aec9, author = {Threat Hunter Team}, title = {{Crambus: New Campaign Targets Middle Eastern Government}}, date = {2023-10-19}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/crambus-middle-east-government}, language = {English}, urldate = {2023-10-20} } Crambus: New Campaign Targets Middle Eastern Government
Clipog
2023-10-18MicrosoftMicrosoft Threat Intelligence
@online{intelligence:20231018:multiple:1533f8e, author = {Microsoft Threat Intelligence}, title = {{Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability}}, date = {2023-10-18}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/}, language = {English}, urldate = {2023-10-20} } Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
FeedLoad ForestTiger HazyLoad RollSling
2023-10-16SekoiaThreat & Detection Research Team, sekoia
@online{team:20231016:clearfake:79236a9, author = {Threat & Detection Research Team and sekoia}, title = {{ClearFake: a newcomer to the “fake updates” threats landscape}}, date = {2023-10-16}, organization = {Sekoia}, url = {https://blog.sekoia.io/clearfake-a-newcomer-to-the-fake-updates-threats-landscape/}, language = {English}, urldate = {2023-10-17} } ClearFake: a newcomer to the “fake updates” threats landscape
ClearFake
2023-10-13AhnLabASEC Analysis Team
@online{team:20231013:analysis:ff83513, author = {ASEC Analysis Team}, title = {{Analysis Report on Lazarus Threat Group’s Volgmer and Scout Malware}}, date = {2023-10-13}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/57685/}, language = {English}, urldate = {2023-10-20} } Analysis Report on Lazarus Threat Group’s Volgmer and Scout Malware
JessieConTea Scout Volgmer
2023-10-12Cluster25Cluster25 Threat Intel Team
@online{team:20231012:cve202338831:6b50b62, author = {Cluster25 Threat Intel Team}, title = {{CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations}}, date = {2023-10-12}, organization = {Cluster25}, url = {https://blog.cluster25.duskrise.com/2023/10/12/cve-2023-38831-russian-attack}, language = {English}, urldate = {2023-10-13} } CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations
Agent Tesla Crimson RAT Nanocore RAT SmokeLoader
2023-10-12TrendmicroTrend Micro Research
@online{research:20231012:darkgate:10d712d, author = {Trend Micro Research}, title = {{DarkGate Opens Organizations for Attack via Skype, Teams}}, date = {2023-10-12}, organization = {Trendmicro}, url = {https://www.trendmicro.com/en_us/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams.html}, language = {English}, urldate = {2023-10-18} } DarkGate Opens Organizations for Attack via Skype, Teams
DarkGate
2023-10-10SymantecThreat Hunter Team
@online{team:20231010:grayling:ebc3b74, author = {Threat Hunter Team}, title = {{Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan}}, date = {2023-10-10}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/grayling-taiwan-cyber-attacks}, language = {English}, urldate = {2023-10-11} } Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan
Cobalt Strike Havoc MimiKatz Grayling
2023-09-20ProofpointProofpoint Threat Research Team
@online{team:20230920:chinese:25abe7e, author = {Proofpoint Threat Research Team}, title = {{Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape}}, date = {2023-09-20}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/chinese-malware-appears-earnest-across-cybercrime-threat-landscape}, language = {English}, urldate = {2023-09-22} } Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
FatalRat PurpleFox ValleyRAT
2023-09-12SymantecThreat Hunter Team
@online{team:20230912:redfly:b57156b, author = {Threat Hunter Team}, title = {{Redfly: Espionage Actors Continue to Target Critical Infrastructure}}, date = {2023-09-12}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/critical-infrastructure-attacks}, language = {English}, urldate = {2023-12-04} } Redfly: Espionage Actors Continue to Target Critical Infrastructure
ShadowPad
2023-09-08PolySwarm Tech TeamThe Hivemind
@online{hivemind:20230908:carderbee:f42e2a4, author = {The Hivemind}, title = {{Carderbee Targets Hong Kong in Supply Chain Attack}}, date = {2023-09-08}, organization = {PolySwarm Tech Team}, url = {https://blog.polyswarm.io/carderbee-targets-hong-kong-in-supply-chain-attack}, language = {English}, urldate = {2023-12-04} } Carderbee Targets Hong Kong in Supply Chain Attack
PlugX
2023-09-07DeformDeform Team
@online{team:20230907:infamous:fc56fcd, author = {Deform Team}, title = {{The Infamous Mirai Trojan Evolves: New “Pandora” Variant Targets Android TVs}}, date = {2023-09-07}, organization = {Deform}, url = {https://deform.co/the-infamous-mirai-trojan-evolves-new-pandora-variant-targets-android-tvs/}, language = {English}, urldate = {2023-09-11} } The Infamous Mirai Trojan Evolves: New “Pandora” Variant Targets Android TVs
Mirai
2023-09-06TRUESECJakob Nordenlund
@online{nordenlund:20230906:darkgate:cbe3f9b, author = {Jakob Nordenlund}, title = {{DarkGate Loader Malware Delivered via Microsoft Teams}}, date = {2023-09-06}, organization = {TRUESEC}, url = {https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams}, language = {English}, urldate = {2023-09-08} } DarkGate Loader Malware Delivered via Microsoft Teams
DarkGate