Click here to download all references as Bib-File.•
| 2024-10-22
⋅
Twitter (@threatinsight)
⋅
Twitter Thread attributing Voldemort to TA415 (APT41, BrassTyphoon) Voldemort |
| 2023-07-14
⋅
Proofpoint
⋅
Tweets on Discovery of WikiLoader WikiLoader |
| 2023-04-18
⋅
Twitter (@threatinsight)
⋅
Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware BumbleBee |
| 2023-03-30
⋅
Proofpoint
⋅
Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe Winter Vivern |
| 2022-05-11
⋅
HP
⋅
Threat Insights Report Q1 - 2022 AsyncRAT Emotet Mekotio Vjw0rm |
| 2021-10-20
⋅
Proofpoint
⋅
TA551 Uses ‘SLIVER’ Red Team Tool in New Activity |
| 2021-10-01
⋅
HP
⋅
Threat Insights Report Q3 - 2021 STRRAT CloudEyE NetWire RC Remcos TrickBot Vjw0rm |
| 2021-03-17
⋅
HP
⋅
Threat Insights Report Q4-2020 Agent Tesla BitRAT ComodoSec Dridex Emotet Ficker Stealer Formbook Zloader |
| 2020-03-16
⋅
Proofpoint
⋅
New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign RedLine Stealer |
| 2019-11-14
⋅
Proofpoint
⋅
TA2101 plays government imposter to distribute malware to German, Italian, and US organizations Maze TA2101 |
| 2019-10-16
⋅
Proofpoint
⋅
TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader Get2 SDBbot TA505 |
| 2019-10-14
⋅
Proofpoint
⋅
Threat Actor Profile: TA407, the Silent Librarian Silent Librarian |
| 2019-09-26
⋅
Proofpoint
⋅
New WhiteShadow downloader uses Microsoft SQL to retrieve malware WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos |
| 2019-09-22
⋅
Proofpoint
⋅
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs Lookback TA410 |
| 2019-09-06
⋅
Proofpoint
⋅
PsiXBot Now Using Google DNS over HTTPS and Possible New Sexploitation Module PsiX |
| 2019-09-05
⋅
Proofpoint
⋅
Seems Phishy: Back to School Lures Target University Students and Staff Silent Librarian |
| 2019-08-12
⋅
Proofpoint
⋅
PsiXBot Continues to Evolve with Updated DNS Infrastructure PsiX |
| 2019-08-01
⋅
Proofpoint
⋅
LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards GUP Proxy Tool Lookback TA410 |
| 2019-07-31
⋅
Proofpoint
⋅
SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits SystemBC |
| 2019-07-23
⋅
Proofpoint
⋅
Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia 8.t Dropper Cotx RAT Poison Ivy TA428 |
| 2019-07-22
⋅
Proofpoint
⋅
BrushaLoader still sweeping up victims one year later BrushaLoader NARWHAL SPIDER |
| 2019-07-11
⋅
Proofpoint
⋅
Threat Actor Profile: TA544 targets geographies from Italy to Japan with a range of malware ISFB PandaBanker UrlZone NARWHAL SPIDER |
| 2019-07-02
⋅
Proofpoint
⋅
TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States AndroMut FlawedAmmyy |
| 2019-06-19
⋅
Proofpoint
⋅
URLZone top malware in Japan, while Emotet and LINE Phishing round out the landscape ISFB UrlZone NARWHAL SPIDER |
| 2019-05-15
⋅
Proofpoint
⋅
Threat Actor Profile: TA542, From Banker to Malware Distribution Service Emotet MUMMY SPIDER |
| 2019-05-09
⋅
Proofpoint
⋅
New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials KPOT Stealer |
| 2019-05-02
⋅
Proofpoint
⋅
2019: The Return of Retefe Dok Retefe SmokeLoader |
| 2019-03-13
⋅
Proofpoint
⋅
DanaBot control panel revealed DanaBot |
| 2019-02-21
⋅
Proofpoint
⋅
Fake Jobs: Campaigns Delivering More_eggs Backdoor via Fake Job Offers More_eggs |