Reading Room

H  Papers & Reports  Conference

DateName

Category

Subcategories
19.3.21Foreign Threats to the 2020 US Federal ElectionsReportBigBrother
19.3.21Internet Crime Report 2020ReportCyberCrime
19.3.21T e c h n i c a l A n a l y s i s o f O p e r a t i o n DiànxùnOperationOperation
16.3.2021Sex in the digital era: How secure are smart sex toys?White PapersWhite Papers
16.3.2021A wild Kobalos appears: Tricksy Linux malware goes after HPCsWhite PapersWhite Papers
16.3.2021Cybersecurity Trends 2021: Staying secure in uncertain timesWhite PapersWhite Papers
16.3.2021LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs

White Papers

White Papers

16.3.2021InvisiMole: The hidden part of the storyWhite PapersWhite Papers
16.3.2021Operation In(ter)ception: Targeted attacks against European aerospace and military companiesWhite PapersWhite Papers
16.3.2021From Agent.BTZ to ComRAT v4: A ten‑year journeyWhite PapersWhite Papers
16.3.2021KrØØk – CVE‑2019‑15126: Serious vulnerability deep inside your Wi‑Fi encryption

White Papers

White Papers

16.3.2021ESET Deep Behavioral InspectionWhite PapersWhite Papers
16.3.2021Cybersecurity Trends 2020: Technology is getting smarter – are we?White PapersWhite Papers
16.3.2021ESET Advanced Machine LearningWhite PapersWhite Papers
16.3.2021Operation Ghost: The Dukes aren’t back – they never left

White Papers

White Papers

16.3.2021Connecting the dots: Exposing the arsenal and methods of the Winnti GroupWhite PapersWhite Papers
16.3.2021AT commands, TOR‑based communications: Meet Attor, a fantasy creature and also a spy platformWhite PapersWhite Papers
16.3.2021A machine‑learning method to explore the UEFI landscapeWhite PapersWhite Papers
16.3.2021Machete just got sharper: Venezuelan government institutions under attack

White Papers

White Papers

16.3.2021Okrum and Ketrican: An overview of recent Ke3chang group activityWhite PapersWhite Papers
16.3.2021Turla LightNeuron: One email away from remote code executionWhite PapersWhite Papers
16.3.2021Machine Learning era in cybersecurity: A step towards a safer world or the brink of chaos?White PapersWhite Papers
16.3.2021Android banking malware: Sophisticated Trojans vs. Fake banking apps

White Papers

White Papers

16.3.21Exploitation and Sanitization of Hidden Data in PDF Files PapersMultiple
16.3.21State of Malware  2021ReportMalware
12.3.21Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScriptPapersMultiple
11.3.21Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses PapersMultiple
11.3.21Practical Keystroke Timing Attacks in Sandboxed JavaScript PapersMultiple
6.3.21SPEAR PHISHING TARGETING ICS SUPPLY CHAIN – ANALYSISReportICS
5.3.21RANSOMWARE UNCOVERED 2020—2021ReportRansomware
2.3.21Embracing a Zero Trust Security Model ReportBigBrother
2.3.21China-Linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border TensionsReportBigBrother
2.3.21A Global Perspective of the SideWinder APT ReportAPT
27.02.2021Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill EcosystemPapersMultiple
27.02.2021The State of Stalkerware in 2020ReportCyber
27.02.2021RYUK RANSOMWARE ReportRansomware
26.02.2021Lazarus targets defense industry with ThreatNeedleReportICS
25.02.2021ICS CYBERSECURITY YEAR IN REVIEW 2020ReportICS
25.02.2021ICS CYBERSECURITY YEAR IN REVIEW 2020 EXECUTIVE SUMMARYReportICS
25.02.2021Characterizing CNAME Cloaking-Based Tracking on the Web PapersMultiple
25.02.2021Click and Bait: Vietnamese Human Rights Defenders Targeted with Spyware AttacksPapersMultiple
25.02.2021LazyScripter: From Empire to double RATPapersMultiple
24.02.2021Attacks bypassing the signature validation in PDF PapersMultiple
24.02.2021Zoom on the Keystrokes: Exploiting Video Calls for Keystroke Inference Attacks PapersMultiple
24.02.2021Shadow Attacks: Hiding and Replacing Content in Signed PDFs PapersMultiple
20.02.2021The EMV Standard: Break, Fix, VerifyPapersMultiple
20.02.2021Card Brand Mixup Attack: Bypassing the PIN in non-Visa Cards by Using Them for Visa Transactions∗PapersMultiple
18.02.2021SANDWORM INTRUSION SET CAMPAIGN TARGETING CENTREON SYSTEMSReportAPT
18.02.2021The Modern Hacker's Outreach - PaperPapersMultiple
17.02.2021Encrypted Linux x86-64 Loadable Kernel Modules - PaperPapersLinux
16.02.2021Firmware Analysis and Simulation - PaperPapersMultiple
16.02.2021API Security Overview - PaperPapersMultiple
15.02.2021Mobile App Security Overview - PaperPapersMultiple
14.02.2021Exploit WordPress Plugin Vulnerabilities Using Static Source Code Analysis - PaperPapersPHP
13.02.2021Secure Coding References - PaperPapersMultiple
12.02.2021HeartBleed Attack - PaperPapersMultiple
11.02.2021Object Prototype Pollution - PaperPapersMultiple
10.02.2021Parallels Remote Application Server (RAS) 18 IP Disclosure - PaperPapersWindows
09.02.2021A Hands-On Introduction to Insecure Deserialization - PaperPapersPython
08.02.2021Understanding and Exploiting Zerologon - PaperPapersWindows
07.02.2021Practical PHP Security - PaperPapersPHP
06.02.2021Wireshark for Noobs - PaperPapersMultiple
05.02.2021Ethical Hacking and Penetration Testing Guide - Paper (Turkish)PapersMultiple
04.02.2021A hands-on approach to Linux Privilege Escalation - PaperPapersLinux
03.02.2021Practical Insight Into Injections - PaperPapersMultiple
02.02.2021Deep Insight into Social Engineering - PaperPapersMultiple
01.02.2021Who is targeted by email-based phishing and malware?PapersMultiple
14.01.2021DNS Cache Poisoning Attack Reloaded: Revolutions with Side ChannelsReportAttack
13.01.2021PLATYPUS: Software-based Power Side-Channel Attacks on x86ReportAttack
12.01.2021Dissecting a Chinese APT Targeting South Eastern Asian Government InstitutionsReportAPT
11.01.2021A GLOBAL RESET Cyber Security Predictions 2021ReportCyber
10.01.2021Advisory: APT29 targets COVID-19 vaccine developmentReportAPT
09.01.2021MOLERATS IN THE CLOUDReportCyberSpy
08.01.2021RANSOMWARE IN ICS ENVIRONMENTSReportICS
07.01.2021NSA CYBERSECURITY 2020 YEAR IN REVIEWReportBigBrother
06.01.2021TENABLE’S 2020 THREAT LANDSCAPE RETROSPECTIVEReportCyber
05.01.20212019 GLOBAL THREAT REPORT ADVERSARY TRADECRAFT AND THE IMPORTANCE OF SPEEDReportCyber
04.01.2021“Winnti”ReportMalware
03.01.2021“Lebanese Cedar” APTReportAPT
02.01.2021How China Detects and Blocks Shadowsocks ReportBigBrother
01.01.2021Securing the Pandemic-Disrupted WorkplaceReportCyber
2020-10-17Overlapping IP Fragments - PaperPapersMultiple
2020-10-17Spraying owa & Abusing MSSQL - PaperPapersWindows
2020-10-17iOS Swift Anti-Jailbreak Bypass with Frida - PaperPapersiOS
2020-10-17Nos-Santos-Izquierdo Field - PaperPapersMultiple
2020-10-17Abusing COM & DCOM objects - PaperPapersMultiple
2020-10-17SMB Enumeration&Exploitation&Hardening - PaperPapersMultiple
2020-10-17Bypass Certificate Pinning in modern Android application via custom Root CA - PaperPapersMultiple
2020-09-17UEFI Secure Boot Customization PapersBoot
2020-09-16Zerologon: Unauthenticated domain controller compromise by subverting Netlogon cryptography (CVE-2020-1472)PapersVulnerebility
2020-09-13CVE-2018-17145: Bitcoin Inventory Out-of-Memory Denial-of-Service AttackPapersAttack
2020-09-10Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)PapersAttack
2020-08-28The EMV Standard: Break, Fix, VerifyPapersAttack
2020-07-27CVE 2020-6418 - PaperPapersMultiple
2020-07-26I Got My EyeOn You - Security Vulnerabilities in D-Link's Baby Monitor - PaperPapersHardware
2020-07-26Assembly “wrapping”: a technique for anti-disassembly - PaperPapersMultiple
2020-07-14I Got My EyeOn You_Security Vulnerabilities in D-Link Baby Monitor - PaperPapersHardware
2020-07-14APK Testing Report - PaperPapersAndroid
2020-07-06Assembly wrapping: anti-disassembly technique - PaperPapersMultiple
2020-07-02WhatsApp Remote Code Execution - PaperPapersAndroid
2020-06-27Sony Playstation 2 (PS2): FreeDVDBoot - Hacking the PlayStation 2 through its DVD playerPapersHardware
2020-06-25Exploit Command Injection Router via reverse firmware technique - PaperPapersHardware
2020-06-18Writing an Quick Packet Sniffer with ​Python​ & ​Scapy - PaperPapersMultiple
2020-06-16English paper Abusing Windows Data Protection APIPapersWindows
2020-06-15Detect SQL Injection WordPress Plugin using regexPapersPHP
2020-06-15Reverse Engineering Android Application - PaperPapersAndroid
2020-06-09Exploiting Unrestricted File Upload via Plugin Uploader in WordPress - PaperPapersPHP
2020-06-09Firmware AnalysisPapersHardware
2020-06-04Sniffing VoIP calls using Raspberry pi - PaperPapersMultiple
2020-05-21OAuth 2.0 Implementation and Security - PaperPapersMultiple
2020-05-21Hunting Red Team Activities with Forensic Artifacts - PaperPapersMultiple
2020-05-12Command Execution Using Silver Tickets - PaperPapersWindows
2020-05-01Bypassing Root Detection Mechanism - Paper [Persian]PapersAndroid
2020-05-01@luigi_auriemma: Security Vulnerabilities In Multiplayer Games From 2001 to 2012PapersMultiple
2020-04-15Exploiting CAN-Bus using Instrument Cluster Simulator - PaperPapersHardware

30.7.20

BootHolePapersVulnerebility
5.7.20DABANGG: Time for Fearless Flush based Cache AttacksPapersCPU

27.5.20

The “Silent Night” Zloader/ZbPapersMalware
22.5.2020NXNSAttack: Recursive DNS Inefficiencies and VulnerabilityPapersAttack
2020-05-20BIAS attackPapersVulnerebility
2020-05-14Attacks on Smart Manufacturing SystemsPapersICS
2020-04-10Azure Cloud Penetration Testing - PaperPapersWindows
2020-04-06Active Directory DCSync - PaperPapersWindows
2020-04-03From Zero Credentials to Full Domain Compromise - PaperPapersWindows
2020-03-30Pentesting Zen Load Balancer - PaperPapersMultiple
2020-03-25Solving Computer Forensic Case using Autopsy - PaperPapersMultiple
2020-03-18Manually Exploiting Intel AMT Vulnerability CVE 2017-5689 [Paper]PapersHardware
2020-03-09Windows Account Penetration Testing - [Persian]PapersWindows
2020-03-06Skippipe _ Skipping the watermark in digital content - PaperPapersMultiple
2020-03-05Fuzzing VIM with AFL++ - PaperPapersLinux
2020-03-04BlueTeam vs RedTeam: How to run encrypted elf binary in memory and go undetectedPapersLinux
2020-03-02Research on DevSecOps Approach - PaperPapersMultiple
2020-03-02Deciphering the SWIFT DRIDEX relationship in Bank - PaperPapersMultiple
2020-02-24The ShellShock Attack [Paper]PapersLinux
2020-02-24Network Protocol Cheatsheet [Paper]PapersMultiple
2020-02-24SCADA Modbus Vulns - [Turkish]PapersHardware
2020-02-24Java Deserialization - [Paper]PapersJava
2020-02-21WordPress Security [Turkish]PapersPHP
2020-02-20Penetration Testing Labs (Turkish)PapersMultiple
2020-02-20Paper work on MQTT and CoAP ProtocolsPapersMultiple
2020-02-20Android Pentest Tutorial Step by Step [Persian]PapersAndroid
2020-02-19Paper on MQTT ProtocolPapersHardware
2020-02-19Nmap Scanning - Getting started in windows OSPapersWindows
2020-02-17Whitepaper about Pegasus attack on WhatsAppPapersMultiple
2020-02-17[Whitepaper] WAF bypass via Bluecoat security appliancePapersMultiple
2020-02-17[Paper] Windows ForensicsPapersWindows
9.3.20Take A Way: Exploring the Security Implications of AMD’s Cache Way PredictoPapersCPU
3.3.20SurfingAttackPapersAttack

26.2.20

Kr00k VulnerebilityPapersWifi

25.2.20

IMP4GT: IMPersonation Attacks in 4G NeTworkPapers4G
2020-02-14HTTP_DoS_DDoS Usage_Guide Article (Turkish)PapersMultiple
2020-02-13Packet Sniffer to Sniff Secret Credentials OnlyPapersMultiple
2020-02-10Apache2 Web Server Hardening Article (Turkish)PapersMultiple
2020-01-30Hunting Windows Process Injection by API CallsPapersWindows
2019DLL SIDE-LOADINGPapersHacking
2019Attacks on industrial enterprises using RMS and TeamViewer: new data PapersICS
2019Chinese State-Sponsored Actors Exploit Publicly Known VulnerabilitieReportAPT
2019ESET_Threat_Report_Q3 2020ReportCyber
2019Connected Medical Device Securit A Deep Dive into Healthcare NetworkReportCyber
2019Iranian Nation-State APT Groups 'Black Box' LeakReportAPT
2019NEW MALWARE SAMPLES IDENTIFIED IN POINT-OF-SALE COMPROMISES ReportMalware
2019From January 2019 to April 2020 The year in review ReportCyber
2019

MosaicRegressor: Lurking in the Shadows of UEFI

Report

Malware

2019

Threat landscape for industrial automation systems H1 2020

Report

ICS

2019

Compromised Personal Network Indicators and Mitigations

Report

Cyber

2019

2020 FERC, NERC and REs Report Cyber Planning for Response and Recovery Study (CYPRES)

Report

Cyber

2019

Kybernetické bezpečnosti České republiky za rok 2019

Report

BigBrother

2019

Digital Education: The cyberrisks of the online classroom

Report

Cyber

2019

More Evidence of APT Hackers-for-Hire Used for Industrial Espionage

Report

APT

2019

SELECT COMMITTEE ON INTELLIGENCE UNITED STATES SENATE ON RUSSIAN ACTIVE MEASURES CAMPAIGNS AND INTERFERENCE IN THE 2016 U.S. ELECTION VOLUME 5: COUNTERINTELLIGENCE THREATS AND VULNERABILITIES

Papers

BigBrother

2019

Incident Response Analyst Report 2019

Papers

Incidenty

2019

Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia

Papers

APT

2019

2020-data-breach-investigations-report

Report

Incidenty

2019

Five Clear Steps to Enhance SecOps with MITRE ATT&CK

Report

Report

2019

2019 APPLICATION PROTECTION REPORT 2ND EDITION

Report

Report

2019

THE STATE OF RANSOMWARE 2020

Report

Report

2019

2019 TLS TELEMETRY REPORT

Report

Report

2019

M-TRENDS 2020 FIREEYE MANDIANT SERVICES | SPECIAL REPORT

Report

Report

2019

M-TRENDS 2019

Report

Report

2019

M-TRENDS 2018

Report

Report

2019

M-TRENDS 2017

Report

Report

2019

M-TRENDS 2016

Report

Report

2019

M-TRENDS 2015

Report

Report

2019

M-TRENDS 2014

Report

Report

2019

M-TRENDS 2013

Report

Report

2019

M-TRENDS 2012

Report

Report

2019

M-TRENDS 2011

Report

Report

2019

M-TRENDS 2010

Report

Report

2019

2019 YEAR IN REVIEW ICS VULNERABILITIES

Report

ICS

2019

2019 YEAR IN REVIEW THE ICS L ANDSCAPE AND THREAT ACTIVIT Y GROUPS

Report

ICS

2019

2019 YEAR IN REVIEW LESSONS LEARNED FROM THE FRONT LINES OF ICS CYBERSECURITY

Report

ICS

2019

2019 Year End Report Vulnerability QuickView

Report

Vulnerebility

2019

2020 State of Malware Report

Report

Cyber

2019

2020 SONICWALL CYBER THREAT REPORT

Report

Cyber

2019

2019 INTERNET CRIME REPORT

Report

CyberCrime

2019

A LANDSCAPE OF MALWARE USED ON THE PORTUGUESE TOP LEVEL DOMA

Report

Malware

2019

2019 Website Threat Research Report

Report

Spam

2019

NIST PRIVACY FRAMEWORK

Report

Cyber

2019

The Global Risks Report 2020

Report

Cyber