Access All Threat Research
Search Post related with “Threat Research”
*Total Collection : 4264 Threat Research (auto update every day)
Last 100 Threat Research
- Campaign TrailDarktrace’s view on Operation Lunar Peek: Exploitation of Palo Alto firewall devices (CVE 2024-2012 and 2024-9474)byAdam Potter
- Dark Web Profile: Ymir Ransomware
- November 2024 Threat Trend Report on Ransomware
- Exploring the SideWinder APT Group’s DNS Footprint
- The Curious Case of an Egg-Cellent Resume
- Rare Watermark Links Cobalt Strike 4.10 Team Servers to Ongoing Suspicious Activity
- A Technical Look at the New ‘Termite’ Ransomware that Hit Blue Yonder
- Days Off and Data Exfiltration with Formbook
- Compromised ultralytics PyPI package delivers crypto coinminer
- Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows
- Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams
- Malicious Maven Package Impersonating ‘XZ for Java’ Library …
- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
- New WhoisXML API Study Highlights Business Insights from ASN and ISP Data
- Mauri Ransomware Threat Actors Exploiting Apache ActiveMQ Vulnerability (CVE-2023-46604)
- Uncovering Potential Black Friday and Thanksgiving Threats with DNS Data
- Zero-day Attack Uses Corrupted Files to Bypass Detection: Technical Analysis
- U.S. Organization in China Targeted by Attackers
- “Enhancing Red Team Assessments with App Security Testing”
- BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure
- Campaign TrailA snake in the net: Defending against AiTM phishing threats and Mamba 2FAbyPatrick Anjos
- PROXY.AM Powered by Socks5Systemz Botnet | Bitsight
- Snowblind: The Invisible Hand of Secret Blizzard
- Hunting Payroll Pirates: Silent Push Tracks HR Redirect Phishing Scam – Silent Push
- The Growing Threat of Docusign Phishing Attacks
- Threat Actor Targets the Manufacturing industry with Lumma Stealer and Amadey Bot
- November 2024: Security Issues in the Financial Industry
- “QR Coding: C2 in Browser Isolation”
- Trend Report on Phishing Malware Impersonating the National Tax Service (NTS)
- MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
- Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
- On the CaseBehind the veil: Darktrace’s detection of VPN exploitation in SaaS environmentsby Priya Thapa
- CrowdStrike Falcon Prevents Multiple Vulnerable Driver Attacks in Real-World Intrusion
- From a Regular Infostealer to its Obfuscated Version – SANS Internet Storm Center
- Crypto Mining Malware: Hijacking Your Resources for Profit
- Stellar Discovery of A New Cluster of Andromeda/Gamarue C2
- Gafgyt Malware Targeting Docker Remote API Servers
- Inside Akira Ransomware’s Rust Experiment
- Update: LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux
- Threat Assessment: Howling Scorpius (Akira Ransomware)
- Unveiling RevC2 and Venom Loader
- SmokeLoader Attack Targets Companies in Taiwan
- AgentTesla Campaign Resurfaces After Failed Attack: Updated Loader and New Encryption Techniques
- Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT
- Analysis of Email Phishing Campaigns by Threat Actor Kim Sooki
- APT-C-48(CNC)组织近期钓鱼攻击活动分析报告
- AutoIt Credential Flusher
- Zyxel Firewalls Exploited for Ransomware Attacks; 20 Security Flaws Discovered in Advantech Access Points – SOCRadar® Cyber Intelligence Inc.
- A DNS Deep Dive into FUNULL’s Triad Nexus
- Ransomware Roundup – Interlock
- Correlating Vidar Stealer Build IDs Based on Loader Tasks
- Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking – SOCRadar® Cyber Intelligence Inc.
- APT-C-60 Group – Utilizing malware disguised as job application emails – JPCERT/CC Eyes
- Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns
- Netflix Suspended Account Scam Active in 23 Countries – How to Stay Safe
- Malicious PyPI crypto pay package aiocpa implants infostealer code
- XWorm Malware: A Deep Dive into Its Evasive Techniques
- Arctic Wolf Observes Threat Campaign Targeting Palo Alto Networks Firewall Devices – Arctic Wolf
- Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
- Elevate Cyber Defense with Qualys Advanced Hunting | Qualys Security Blog
- Hacker in Snowflake Extortions May Be a U.S. Soldier – Krebs on Security
- Typosquatting Cryptographic Libraries: Malicious npm Package…
- Gaming Engines: An Undetected Playground for Malware Loaders
- New “CleverSoar” Installer Targets Chinese and Vietnamese Users
- Bootkitty: Analyzing the first UEFI bootkit for Linux
- Who Ordered the SMOKEDHAM? Backdoor Delicacies in the Wild
- Detection Opportunities — EDR Silencer, EDRSandblast, Kill AV…
- Know Thy Enemy: A Novel November Case | Huntress
- 2024 MSC Malware Trend Report
- Ransomware-driven data exfiltration: techniques and implications
- PSLoramyra: Technical Analysis of Fileless Malware Loader
- Uncovering Potential Black Friday and Thanksgiving Threats with DNS Data
- RomCom exploits Firefox and Windows zero days in the wild
- Scam Websites Take Advantage of Seasonal Openings and Established Methods to Maximize Impact
- Guess Who’s Back – The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024
- Analysis of Elpaco: a Mimic variant
- Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
- Supply Chain Attack Using Ethereum Smart Contracts to Distribute Multi-Platform Malware
- Matrix Unleashes A New Widespread DDoS Campaign
- AI, Data Security, and CISO Shifts: Top Cybersecurity Trends to Watch in 2025
- Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection
- Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions
- Increasing Use of PEC Mailboxes in Phishing for Banking Fraud
- Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft
- Warning Against Malware in SVG Format Distributed via Phishing Emails
- Dark Web Profile: Moonstone Sleet
- DarkPeony’s Trail: Certificate Patterns Point to Sustained Campaign Infrastructure
- Python Crypto Library Updated to Steal Private Keys
- Alert: XorBot Comes Back with Enhanced Tactics – NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
- Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell
- MUT-8694: An NPM and PyPI Malicious Campaign Targeting Windows Users | Datadog Security Labs
- HEXON STEALER: THE LONG JOURNEY OF COPYING, HIDING, AND REBRANDING – CYFIRMA
- New RomCom Variant Spotted: A Comparative and Expansion Analysis of IoCs
- Seeing Through a GLASSBRIDGE: Understanding the Digital Marketing Ecosystem Spreading Pro-PRC Influence
- Russia-Aligned TAG-110 Targets Asia and Europe with HATVIBE and CHERRYSPY
- The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
- Threat Actors Hijack Misconfigured Servers for Live Sports Streaming
- Stories from the SOC: Registry Clues to PDF Blues: A Tale of…
- XenoRAT Adopts Excel XLL Files and ConfuserEx as Access Method
- Financially Motivated Threat Actor Leveraged Google Docs and Weebly Services to Target Telecom and Financial Sectors
Reference for Threat Research
This Threat Research category section will FILTER and FETCH the POST (related with Analysis Report only) from the following sites:
- asec.ahnlab.com
- any.run/cybersecurity-blog/
- attackiq.com
- bitdefender.com/blog/labs/
- cadosecurity.com/blog/
- cisa.gov/news-events/cybersecurity-advisories/
- crowdstrike.com/blog/
- cybereason.com/blog/category/research/
- darktrace.com/blog/
- fortinet.com/blog/threat-research/
- harfanglab.io/en/insidethelab/
- malwarebytes.com/blog/threat-intelligence/
- mandiant.com/resources/blog/
- mcafee.com/blogs/other-blogs/mcafee-labs/
- proofpoint.com/us/blog
- securelist.com/tag/malware-descriptions/
- securityintelligence.com/category/x-force/threat-intelligence/
- blog.talosintelligence.com
- trendmicro.com/en_us/research/
- unit42.paloaltonetworks.com
- nextron-systems.com/blog/
- team-cymru.com/blog/categories/threat-research/
- zscaler.com/blogs/
- blog.sonicwall.com
- labs.k7computing.com/
- recordedfuture.com/blog
- blog.sekoia.io/category/research-threat-intelligence/
- embee-research.ghost.io
- netspi.com/blog/technical/
- huntress.com/blog
For the sites below, automatic FETCH cannot be performed
(i need to monitor it manual, will be delay 5-7 days)
Bellow are other reference, but for some reason i’m not fetching it automatically
(i need to review the article manually, will be delay 3-5 days)
- cleafy.com/labs (update 1-2 months)
- guidepointsecurity.com/blog/ > category: threat advisory
- research.openanalysis.net
- blog.phylum.io/tag/research/
- shadowstackre.com/analysis/
- mssplab.github.io
- farghlymal.github.io
- asec.ahnlab.com/ko/
- blog.bushidotoken.net
- kroll.com/en/insights/publications/cyber
- Sentinelone.com
- blog.lumen.com