Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-06-09Sentinel LABSAleksandar Milenkoski, Tom Hegel
Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
GOREshell Nimbo-C2 ShadowPad
2025-05-28Rapid7Anna Širokova, Ivan Feigl
NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign
Winos
2025-05-28TrustwaveCris Tomboc, King Orande
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations
2025-05-27Trend MicroJoseph C Chen
Earth Lamia Develops Custom Arsenal to Target Multiple Industries
BypassBoss Cobalt Strike JuicyPotato PULSEPACK STOWAWAY Vshell
2025-05-22ESET ResearchTomáš Procházka
Danabot: Analyzing a fallen empire
DanaBot
2025-05-20Luigi Martire, Pierluigi Paganini
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang
Sarcoma
2025-04-28SentinelOneAleksandar Milenkoski, Jim Walter, Tom Hegel
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
PurpleHaze
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355
2025-04-14Palo Alto Networks Unit 42Prashil Pattni
Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
RN Stealer
2025-03-31Wiz.ioAvigayil Mechtinger, Gili Tikochinski, Yaara Shriki
CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims
JINX-0126
2025-03-13EclecticIQArda Büyükkaya
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Black Basta
2025-03-11Hunt.ioHunt.io
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure
2025-02-27Palo Alto Networks Unit 42Lior Rochberger, Tom Fakterman
Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations
FINALDRAFT FINALDRAFT REF7707
2025-02-25Sentinel LABSTom Hegel
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition
2025-02-15Youtube (greenplan)greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of a custom obfuscation algorithm
Emmenhtal
2025-02-13VolexityCharlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
2025-02-03SentinelOnePhil Stokes, Tom Hegel
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
FlexibleFerret FriendlyFerret FrostyFerret
2025-01-29SecurityScorecardSecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret
2025-01-27SecurityScorecardSTRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
2024-12-11JPCERT/CCTomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace