| Datum | Název | Blog | Companies |
| 26.12.2020 | SUPERNOVA: A Novel .NET Webshell | Malware blog | Palo Alto Unity42 |
| 26.12.2020 | Amazon Gift Card Offer Serves Up Dridex Banking Trojan | Malware blog | Cybereason |
| 26.12.2020 | SUNBURST Additional Technical Details | Malware blog | FireEye |
| 26.12.2020 | SUNBURST, TEARDROP and the NetSec New Normal | Malware blog | Checkpoint |
| 26.12.2020 | 2020: The year in malware | Malware blog | Cisco Talos |
| 18.12.2020 | The dangers of Adrozek adware | Malware blog | Avast blog |
| 18.12.2020 | SUPERNOVA: SolarStorm’s Novel .NET Webshell | Malware blog | Palo Alto Unity42 |
| 18.12.2020 | PyMICROPSIA: New Information-Stealing Trojan from AridViper | Malware blog | Palo Alto Unity42 |
| 18.12.2020 | Additional Analysis into the SUNBURST Backdoor | Malware blog | Mcafee blog |
| 18.12.2020 | SUNBURST Malware and SolarWinds Supply Chain Compromise | Malware blog | Mcafee blog |
| 12.12.2020 | njRAT Spreading Through Active Pastebin Command and Control Tunnel | Malware blog | Palo Alto Unity42 |
| 12.12.2020 | New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign | Malware blog | Palo Alto Unity42 |
| 05.12.2020 | Using Speakeasy Emulation Framework Programmatically to Unpack Malware | Malware blog | FireEye |
| 28.11.2020 | Purgalicious VBA: Macro Obfuscation With VBA Purging | Malware blog | FireEye |
| 28.11.2020 | Bandook: Signed & Delivered | Malware blog | Checkpoint |
| 21.11.2020 | Purgalicious VBA: Macro Obfuscation With VBA Purging | Malware blog | FireEye |
| 21.11.2020 | Back from vacation: Analyzing Emotet’s activity in 2020 | Malware blog | Cisco Talos |
| 14.11.2020 | xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control | Malware blog | Palo Alto Unity42 |
| 14.11.2020 | CRAT wants to plunder your endpoints | Malware blog | Cisco Talos |
| 14.11.2020 | Hungry for data, ModPipe backdoor hits POS software used in hospitality sector | Malware blog | Eset |
| 07.11.2020 | McAfee Labs Report Reveals Continuing Surge of COVID-19 Threats and Malware | Malware blog | Mcafee blog |
| 30.10.2020 | Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee | Malware blog | Palo Alto Unity42 |
| 10.10.2020 | PoetRAT: Malware targeting public and private sector in Azerbaijan evolves | Malware blog | Cisco Talos |
| 03.10.2020 | Top Alexa Sites Infected With Malicious Coinminers and Web Skimmer | Malware blog | Palo Alto Unity42 |
| 03.10.2020 | Detecting Microsoft 365 and Azure Active Directory Backdoors | Malware blog | FireEye |
| 03.10.2020 | LodaRAT Update: Alive and Well | Malware blog | Cisco Talos |
| 03.10.2020 | XDSpy: Stealing government secrets since 2011 | Malware blog | Eset |
| 03.10.2020 | LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs | Malware blog | Eset |
| 26.09.2020 | Case Study: Emotet Thread Hijacking, an Email Attack Technique | Malware blog | Palo Alto Unity42 |
| 19.09.2020 | Introducing Actionable Threat Objects and Mitigations (ATOMs) | Malware blog | Palo Alto Unity42 |
| 19.09.2020 | Emotet strikes Quebec’s Department of Justice: An ESET Analysis | Malware blog | Eset |
| 12.09.2020 | NO REST FOR THE WICKED: EVILNUM UNLEASHES PYVIL RAT | Malware blog | Cybereason |
| 12.09.2020 | Who is calling? CDRThief targets Linux VoIP softswitches | Malware blog | Eset |
| 05.09.2020 | Beware of FritzFrog, a nasty piece of malware | Malware blog | Avast blog |
| 05.09.2020 | NO REST FOR THE WICKED: EVILNUM UNLEASHES PYVIL RAT | Malware blog | Cybereason |
| 05.09.2020 | KryptoCibule: The multitasking multicurrency cryptostealer | Malware blog | Eset |
| 30.08.2020 | Emulation of Malicious Shellcode With Speakeasy | Malware blog | FireEye |
| 30.08.2020 | Gozi: The Malware with a Thousand Faces | Malware blog | Checkpoint |
| 30.08.2020 | An Old Bot’s Nasty New Tricks: Exploring Qbot’s Latest Attack Methods | Malware blog | Checkpoint |
| 22.08.2020 | Grandoreiro banking trojan impersonates Spain’s tax agency | Malware blog | Eset |
| 15.08.2020 | Script-Based Malware: A New Attacker Trend on Internet Explorer | Malware blog | Palo Alto Unity42 |
| 15.08.2020 | Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach | Malware blog | FireEye |
| 26.07.2020 | Evolution of Valak, from Its Beginnings to Mass Distribution | Malware blog | Palo Alto Unity42 |
| 19.07.2020 | Qbot Banking Trojan Still Up to Its Old Tricks | Malware blog | F5 Labs |
| 19.07.2020 | A BAZAR OF TRICKS: FOLLOWING TEAM9’S DEVELOPMENT CYCLES | Malware blog | Cybereason |
| 17.07.2020 | capa: Automatically Identify Malware Capabilities | Malware blog | FireEye |
| 17.07.2020 | Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families | Malware blog | FireEye |
| 17.07.2020 | More evil: A deep look at Evilnum and its toolset | Malware blog | Eset |
| 17.07.2020 | Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game | Malware blog | Eset |
| 17.07.2020 | Digging up InvisiMole’s hidden arsenal | Malware blog | Eset |
| 13.07.2020 | FAKESPY MASQUERADES AS POSTAL SERVICE APPS AROUND THE WORLD | Malware blog | Cybereason |
| 13.07.2020 | NEXT-GENERATION ANTIVIRUS 101: LAYERS OF PREVENTION | Malware blog | Cybereason |
| 13.07.2020 | VALAK: MORE THAN MEETS THE EYE | Malware blog | Cybereason |
| 12.07.2020 | AcidBox: Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations | Malware blog | Palo Alto Unity42 |
| 12.07.2020 | Goodbye Mworm, Hello Nworm: TrickBot Updates Propagation Module | Malware blog | Palo Alto Unity42 |
| 12.07.2020 | Threat Spotlight: Valak Slithers Its Way Into Manufacturing and Transportation Networks | Malware blog | Cisco Talos |
| 30.05.2020 | VALAK: MORE THAN MEETS THE EYE | Malware blog | Cybereason |
| 30.05.2020 | From Agent.BTZ to ComRAT v4: A ten‑year journey | Malware blog | Eset |
| 23.05.2020 | How To Use McAfee ATP to Protect Against Emotet, LemonDuck and PowerMiner | Malware blog | Mcafee blog |
| 23.05.2020 | Analyzing Dark Crystal RAT, a C# backdoor | Malware blog | FireEye |
| 16.05.2020 | Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks | Malware blog | Eset |
| 10.05.2020 | Remembering the ILOVEYOU virus twenty years later | Malware blog | Avast blog |
| 10.05.2020 | New Android malware steals banking passwords | Malware blog | Avast blog |
| 09.05.2020 | EVENTBOT: A NEW MOBILE BANKING TROJAN IS BORN | Malware blog | Cybereason |
| 09.05.2020 | COVID-19 – Malware Makes Hay During a Pandemic | Malware blog | Mcafee blog |
| 09.05.2020 | Excelerating Analysis, Part 2 — X[LOOKUP] Gon’ Pivot To Ya | Malware blog | FireEye |
| 02.05.2020 | EVENTBOT: A NEW MOBILE BANKING TROJAN IS BORN | Malware blog | Cybereason |
| 02.05.2020 | Excelerating Analysis, Part 2 — X[LOOKUP] Gon’ Pivot To Ya | Malware blog | FireEye |
| 02.05.2020 | Upgraded Aggah malspam campaign delivers multiple RATs | Malware blog | Cisco Talos |
| 02.05.2020 | Grandoreiro: How engorged can an EXE get? | Malware blog | Eset |
| 25.04.2020 | IR Case: The Florentine Banker Group | Malware blog | Checkpoint |
| 19.04.2020 | Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns | Malware blog | Palo Alto Unity42 |
| 19.04.2020 | GuLoader: Malspam Campaign Installing NetWire RAT | Malware blog | Palo Alto Unity42 |
| 18.04.2020 | PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors | Malware blog | Cisco Talos |
| 11.04.2020 | MalBus Actor Changed Market from Google Play to ONE Store | Malware blog | Mcafee blog |
| 11.04.2020 | Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation | Malware blog | FireEye |
| 11.04.2020 | COVID-19 goes mobile: Coronavirus malicious applications discovered | Malware blog | Checkpoint |
| 05.04.2020 | GuLoader: Malspam Campaign Installing NetWire RAT | Malware blog | Palo Alto Unity42 |
| 04.04.2020 | FakeNet Genie: Improving Dynamic Malware Analysis with Cheat Codes for FakeNet-NG | Malware blog | FireEye |
| 04.04.2020 | AZORult brings friends to the party | Malware blog | Cisco Talos |
| 04.04.2020 | Trickbot: A primer | Malware blog | Cisco Talos |
| 21.03.2020 | GHOST IN THE MACHINE: RECONCILING AI AND TRUST IN THE CONNECTED WORLD | Malware blog | Cybereason |
| 21.03.2020 | Android/LeifAccess.A is the Silent Fake Reviewer Trojan | Malware blog | Mcafee blog |
| 15.03.2020 | Be Vigilant About Performing ‘Security Hygiene’ During Coronavirus Threat | Malware blog | Avast blog |
| 15.03.2020 | 5 tips to fight mobile adware | Malware blog | Avast blog |
| 15.03.2020 | Cortex XDR™ Detects New Phishing Campaign Installing NetSupport Manager RAT | Malware blog | Palo Alto Unity42 |
| 14.03.2020 | WHO'S HACKING THE HACKERS: NO HONOR AMONG THIEVES | Malware blog | Cybereason |
| 14.03.2020 | GHOST IN THE MACHINE: RECONCILING AI AND TRUST IN THE CONNECTED WORLD | Malware blog | Cybereason |
| 14.03.2020 | Vicious Panda: The COVID Campaign | Malware blog | Checkpoint |
| 07.03.2020 | CODE INTEGRITY IN THE KERNEL: A LOOK INTO CI.DLL | Malware blog | Cybereason |
| 07.03.2020 | Multi-tricks HiddenAds Malware | Malware blog | Mcafee blog |
| 07.03.2020 | Android/LeifAccess.A is the Silent Fake Reviewer Trojan | Malware blog | Mcafee blog |
| 07.03.2020 | Multi-tricks HiddenAds Malware | Malware blog | F5 Labs |
| 07.03.2020 | Is Your Organization Ready for COVID-19? | Malware blog | Cisco Talos |
| 01.03.2020 | Cortex XDR™ Detects New Phishing Campaign Installing NetSupport Manager RAT | Malware blog | Palo Alto Unity42 |
| 29.02.2020 | New Research Paper: Prevalence and impact of low-entropy packing schemes in the malware ecosystem | Malware blog | Cisco Talos |
| 22.02.2020 | The Missing LNK — Correlating User Search LNK files | Malware blog | FireEye |
| 22.02.2020 | ObliqueRAT: New RAT hits victims' endpoints via malicious documents | Malware blog | Cisco Talos |
| 22.02.2020 | Up close and personal with Linux malware | Malware blog | Eset |
| 22.02.2020 | Linux and malware: Should you worry? | Malware blog | Eset |
| 16.02.2020 | A tale of two phishes: coronavirus safety and W-9 forms | Malware blog | Avast blog |
| 16.02.2020 | Wireshark Tutorial: Examining Qakbot Infections | Malware blog | Palo Alto Unity42 |
| 15.02.2020 | Loda RAT Grows Up | Malware blog | Cisco Talos |
| 15.02.2020 | Almost 2 billion malware installs thwarted by Google Play Protect in 2019 | Malware blog | Eset |
| 08.02.2020 | THE HOLE IN THE BUCKET: ATTACKERS ABUSE BITBUCKET TO DELIVER AN ARSENAL OF MALWARE | Malware blog | Cybereason |
| 08.02.2020 | STOMP 2 DIS: Brilliance in the (Visual) Basics | Malware blog | FireEye |
| 02.02.2020 | Coronavirus Affecting Business as Remote Workforces Expand Beyond Expected Capacity | Malware blog | Sonicwall |
| 01.02.2020 | 6 OF THE BEST MALICIOUS LIFE CYBERSECURITY HISTORY STORIES FROM 2019 | Malware blog | Cybereason |
| 01.02.2020 | WHY IS EMOTET SO POPULAR AND WHO IS IT TARGETING NOW? | Malware blog | Cybereason |
| 18.01.2020 | 6 OF THE BEST MALICIOUS LIFE CYBERSECURITY HISTORY STORIES FROM 2019 | Malware blog | Cybereason |
| 18.01.2020 | Stolen emails reflect Emotet's organic growth | Malware blog | Cisco Talos |
| 11.01.2020 | SAIGON, the Mysterious Ursnif Fork | Malware blog | FireEye |
| 04.01.2020 | MOBILE MALWARE: FROM CONSUMER FRAUD TO ENTERPRISE ESPIONAGE | Malware blog | Cybereason |