Click here to download all references as Bib-File.
2023-03-13 ⋅ Microsoft ⋅ DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit |
2022-12-06 ⋅ 360 Threat Intelligence Center ⋅ Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism AhMyth Meterpreter SpyNote AsyncRAT |
2022-11-30 ⋅ Qianxin Threat Intelligence Center ⋅ Analysis of APT29's attack activities against Italy Unidentified 098 (APT29 Slack Downloader) |
2022-10-10 ⋅ RiskIQ ⋅ DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns BlackCat Mount Locker SystemBC Zeppelin |
2022-08-25 ⋅ Microsoft ⋅ MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
2022-08-24 ⋅ Microsoft ⋅ MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone |
2022-08-17 ⋅ 360 ⋅ Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East SpyNote Loda Nanocore RAT NjRAT |
2022-08-15 ⋅ Microsoft ⋅ Disrupting SEABORGIUM’s ongoing phishing operations Callisto |
2022-08-15 ⋅ Microsoft ⋅ Disrupting SEABORGIUM’s ongoing phishing operations |
2022-07-27 ⋅ Microsoft ⋅ Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits Subzero |
2022-07-20 ⋅ Freebuf ⋅ Abused Slack Service: Analysis of APT29's Attack on Italy Unidentified 098 (APT29 Slack Downloader) |
2022-07-14 ⋅ Microsoft ⋅ North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware SiennaBlue SiennaPurple |
2022-07-12 ⋅ Microsoft ⋅ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
2022-07-05 ⋅ Microsoft ⋅ Hive ransomware gets upgrades in Rust Hive |
2022-06-08 ⋅ Qianxin Threat Intelligence Center ⋅ Operation Tejas: A dying elephant curled up in the Kunlun Mountains HAZY TIGER RAZOR TIGER |
2022-06-02 ⋅ Microsoft ⋅ Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |
2022-06-01 ⋅ Qianxin Threat Intelligence Center ⋅ Analysis of the attack activities of the Maha grass group using the documents of relevant government agencies in Pakistan as bait BadNews QUILTED TIGER |
2022-05-18 ⋅ Weixin ⋅ filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity |
2022-05-09 ⋅ Qianxin Threat Intelligence Center ⋅ Operation EviLoong: An electronic party of "borderless" hackers ZXShell |
2022-05-09 ⋅ Microsoft Security ⋅ Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |