This report reflects on the key threats that emerged or expanded in the 4th quarter of 2020.

This report provides a look into FIN11, a financially motivated threat group that has conducted some of the largest and longest running malware distribution campaigns to date. (more available)

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

This is the threat landscape report from Fortinet for the 4th quarter of 2019. It goes into changes in this quarter, including threat detection changes and attack changes. (more available)

This report takes a look at a new global campaign targeting nuclear, defense, energy, and financial companies.

Fidelis Threat Research analysts have discovered a new version of ThreadKit, malware notorious for it’s use by the cybercrime organization known as Cobalt Group. (more available)

Unit 42 has discovered a persistent attack campaign operating primarily in the Middle East dating back to at least mid-2016 which we have named Magic Hound. (more available)

Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. (more available)

This post discusses the reports of open-source developers receiving malicious emails.

In this blog we will detail our discovery of the next two versions of MM Core, namely “BigBoss” (2.2-LNK) and “SillyGoose” (2. (more available)

CyberX has discovered a new, large-scale cyber-reconnaissance operation targeting a broad range of targets in the Ukraine. Because it eavesdrops on sensitive conversations by remotely controlling PC microphones – in order to surreptitiously “bug” its targets – and uses Dropbox to store exfiltrated data, CyberX has named it “Operation BugDrop. (more available)

From April 2016 until at least February 2017, attackers have been spreading malware via fake Facebook profiles and pages, breached websites, self-hosted and cloud based websites. (more available)

Released in 2017, this report details the cyberthreats that Minerva dealt with in 2016.

The Blackmoon Banking Trojan was thought to be shut down in 2016. However, it has re-emerged. This paper provides a brief analysis of the revamped trojan. (more available)

This special report analyzes Email and the threats that occur in that environment.

This report takes a look at ATP28 a recognized state sponsored threat actor operating out of Russia.

This report takes a look at a North Korean CyberEspionage Groub.

Get a threat outlook for high tech and IT sectors as their relevance to economic, intelligence and security concerns make them more valuable targets. (more available)

This report from the Ahn Lab Security Emergency Response Center provides a review of various Cyber events that took place in the 1st QTR of 2017. (more available)

This monthly threat report takes a look at the month of January 2018. Specifically, it looks at two VULNS, the hacking of nuclear weapons, and the increase in suspected Chinese Cyber activity. (more available)

This report provides analysis and information related to Joao Malware which has attacked video gamers.