| 1. |
Amatas |
Cyber Threat Report - May 2023 |
| 2. |
Aqua |
GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking |
| 3. |
Check Point |
Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives |
| 4. |
CISA (Cybersecurity and Infrastructure Security Agency, United States of America) |
#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability |
| 5. |
CISA (Cybersecurity and Infrastructure Security Agency, United States of America), FBI (Federal Bureau of Investigation, United States of America), MS-ISAC (Multi-State Information Sharing and Analysis Center, United States of America), ACSC (Australian Cyber Security Centre, Australia), NCSC-UK (National Cyber Security Centre, United Kingdom), CCCS (Canadian Centre for Cyber Security, Canada), ANSSI (National Cybersecurity Agency, France), BSI (Federal Office for Information Security, Germany), CERT NZ (Computer Emergency Response Team, New Zealand), NCSC-NZ (National Cyber Security Centre, New Zealand) |
Understanding Ransomware Threat Actors: LockBit |
| 6. |
CrowdStrike |
Adversaries Go Hands-On in Japan: Know the Threat and Know the Solution |
| 7. |
CrowdStrike |
Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft |
| 8. |
CSA Singapore (Cyber Security Agency Singapore) |
Singapore Cyber Landscape 2022 |
| 9. |
CybelAngel |
2023 State of the External Attack Surface: Annual Threat Trends Analysis |
| 10. |
Cyble |
Trojanized Super Mario Game Installer Spreads SupremeBot Malware |
| 11. |
Dragos |
Dragos Analysis Determines COSMICENERGY Is Not an Immediate Threat |
| 12. |
FBI (Federal Bureau of Investigation, United States of America) |
Malicious Actors Manipulating Photos and Videos to Create Explicit Content and Sextortion Schemes |
| 13. |
FBI (Federal Bureau of Investigation, United States of America), DOS (Department of State, United States of America), NSA (National Security Agency, United States of America), NIS (National Intelligence Service, Republic of Korea), NPA (National Police Agency, Republic of Korea), MOFA (Ministry of Foreign Affairs, Republic of Korea) |
North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media |
| 14. |
Group-IB |
Group-IB Discovers 100K+ Compromised ChatGPT Accounts on Dark Web Marketplaces; Asia-Pacific region tops the list |
| 15. |
Huntress |
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response |
| 16. |
IBM /IBM X-Force |
IBM X-Force Definitive Guide to Ransomware |
| 17. |
Kaspersky |
LockBit Green and phishing that targets organizations |
| 18. |
Kaspersky |
Dissecting TriangleDB, a Triangulation spyware implant |
| 19. |
Mandiant |
VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors |
| 20. |
Mandiant |
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China |
| 21. |
Mandiant |
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft |
| 22. |
Microsoft / Microsoft Incident Response |
Guidance for investigating attacks using CVE-2023-23397 |
| 23. |
Microsoft / Microsoft Threat Intelligence |
Cadet Blizzard emerges as a novel and distinct Russian threat actor |
| 24. |
Mnemonic |
Exposing covert surveillance backdoors in children’s smartwatches |
| 25. |
Momentum |
Cybersecurity Snapshot - May 2023 |
| 26. |
NCSC (National Cyber Security Centre, United Kingdom) |
Cyber Threat Report: UK Legal Sector |
| 27. |
NSA (National Security Agency, United States of America) |
BlackLotus Mitigation Guide |
| 28. |
Orange / Orange Cyber Defense |
World Watch Ransomware Ecosystem |
| 29. |
Recorded Future |
North Korea-Aligned TAG-71 Spoofs Financial Institutions in Asia and US |
| 30. |
Recorded Future |
Private Eyes: China’s Embrace of Open-Source Military Intelligence |
| 31. |
Recorded Future / Insikt Group |
North Korea’s Cyber Strategy |
| 32. |
Security Joes |
Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution |
| 33. |
The DFIR Report |
A Truly Graceful Wipe Out |
| 34. |
ThreatMon |
Technical Analysis of RDPCredentialStealer: Uncovering Malware Targeting RDP Credentials with API Hooking |
| 35. |
ThreatMon |
Cyber Threat Report: Analyzing Ransomware and Apt Attacks Targeting Türkiye – May 2023 |
| 36. |
ThreatMon |
Threat Analysis: SharpPanda APT’s Attack Chain Targeting G20 Nations |
| 37. |
ThreatMon |
Reverse Engineering RokRAT: A Closer Look at APT37’s Onedrive-Based Attack Vector |
| 38. |
ThreatMon |
Behind the Breaches: Mapping Threat Actors and Their CVE Exploits |
| 39. |
ThreatMon |
Zaraza Bot: The New Russian Credential Stealer |
| 40. |
ThreatMon |
Anonymous Sudan: In-Depth Analysis Beyond Hacktivist Attacks |
| 41. |
ThreatMon |
APT41’s Attack Chain: Exe-LolBins Leads to Powershell Backdoor with Telegram C2 |
| 42. |
ThreatMon |
APT Blind Eagles Malware Arsenal Technical Analysis |
| 43. |
ThreatMon |
The Rise of Dark Power: A Close Look at the Group and their Ransomware |
| 44. |
ThreatMon |
IT Army of Ukraine: Analysis of Threat Actors In The Ukraine-Russia War |
| 45. |
ThreatMon |
Anonymous Russia: Analysis of Threat Actors in Ukraine-Russia War |
| 46. |
ThreatMon |
Chinotto Backdoor Technical Analysis of the APT Reaper’s Powerful Weapon |
| 47. |
ThreatMon |
Report on Data Leaks Reported in Social Media |
| 48. |
ThreatMon |
The Roles of Threat Actors in The Ukraine-Russian War: Noname057(16) |
| 49. |
ThreatMon |
KillNet: In-Depth Analysis on The Roles of Threat Actors and Attacks In The Ukraine-Russia War |
| 50. |
ThreatMon |
Cybergun: Technical Analysis of the Armageddon’s Infostealer |
| 51. |
ThreatMon |
Beyond Bullets and Bombs: An Examination of Armageddon Group’s Cyber Warfare Against Ukraine |
| 52. |
ThreatMon |
Threat Actors, Phishing Attacks and 2022 Phishing Preview |
| 53. |
ThreatMon |
APT SideCopy Targeting Indian Government Entities |
| 54. |
ThreatMon |
SwiftSlicer Wiper Malware Analysis Report |
| 55. |
ThreatMon |
DoNot Team (APT-C-35) Analysis of Latest Campaign |
| 56. |
ThreatMon |
The Global Cyber Security Intelligence Risk Report 2023 |
| 57. |
ThreatMon |
ThreatMon Ransomware Group Activity Report: 13.01.2023-27.01.2023 |
| 58. |
ThreatMon |
ThreatMon Ransomware Group Activity Report: 01.01.2023-13.01.2023 |
| 59. |
ThreatMon |
ThreatMon Ransomware Group Activity Report: 18.12.2022– 01.01.2022 |
| 60. |
Trellix |
Skuld: The Infostealer that Speaks Golang |
| 61. |
Trellix |
The Trellix CyberThreat Report (Q1 2023) |
| 62. |
Trop Chaud |
Link Analysis of 2023 Clop & Related 0Day Exploit Activity |
| 63. |
Verizon |
2023 Data Breach Investigations Report (DBIR) |
| 64. |
Volexity |
Charming Kitten Updates POWERSTAR with an InterPlanetary Twist |
| 65. |
Volexity |
3CX Supply Chain Compromise Leads to ICONIC Incident |
| 66. |
WIRED |
The Untold Story of the Boldest Supply-Chain Hack Ever |