Duqu
2011-06-11 - The Duqu 2 - Technical Details v2.12011-10-14 - Duqu A Stuxnet-like malware found in the wild
2011-10-17 - W32.Duqu v1.0
2011-10-20 - W32.Duqu v1.2
2011-11-01 - W32.Duqu v1.3
2012-03-20 - W32.Duqu Threat Analysis
2012-11-06 - The Cousins of Stuxnet -Duqu, Flame, and Gauss
2015-06-10 - Duqu 2.0 - A comparison with Duqu
2015-06-10 - Kaspersky - Duqu2 FAQ
2015-06-10 - Kaspersky - Duqu2 Yara Rules
GreyEnergy and BlackEnergy
2014-11-03 - BE2 custom plugins, router abuse, and target profiles2015-02-17 - BE2 extraordinary plugins, Siemens targeting, dev fails
2016-01-28 - BlackEnergy APT Attacks in Ukraine employ
2016-03-18 - Analysis of the Cyber Attack on the Ukrainian Power Grid
2016-10-07 - BlackEnergy – What we really know about the notorious cyber attacks
2018-10-17 - GreyEnergy - A successor to Black Energy
2019-01-18 - Black Energy – Analysis
2019-01-24 - GreyEnergys overlap with Zebrocy
2021-05-27 - Attacks Against Critical Infrastructure
2021-10-25 - Russian cyber attack campaigns and actors
2022-04-20 - Russian State-Sponsored and Criminal Cyber
Havex
2014-01-13 - Targeted Attacks Against the Energy Sector2014-06-23 - Havex Hunts for ICS_SCADA Systems
2014-06-30 - Security Response - Dragonfly v1.0
2014-07-02 - Security Response - Dragonfly v1.2
2014-07-08 - Cyberespionage Campaign Hits Energy Companies
2014-07-31 - Energetic Bear - Crouching Yeti - Appendices
2014-07-31 - Energetic Bear - Crouching Yeti
2014-10-27 - Full Disclosure of Havex Trojans
2014-11-12 - Observing the Havex RAT
2014-12-10 - Defending Against the Dragonfly Cyber Security Attacks v3.0
Industroyer
2017-06-12 - Win32_Industroyer A New Threat for Industrial Control Systems2022-04-12 - Industroyer2 Industroyer Reloaded
2022-04-23 - Industroyer2 in Perspective
2022-04-25 - INDUSTROYERV2 Old Malware Learns New Tricks
2022-06-01 - Industroyer vs. Industroyer2
2022-07-14 - Industroyer2 and INCONTROLLER In-depth Technical Analysis of the Most Recent ICS-specific Malware
Other
2010-06-02 - The Downadup Codex v2.02011-02-10 - Night Dragon - Global Energy Cyberattacks
2011-08-02 - Operation Shady RAT
2011-11-01 - The Nitro Attacks
2012-07-19 - DHS - Targeted Cyber Intrusion Detection and Mitigation Strategies
2012-09-06 - The Elderwood Project
2013-02-19 - Mandiant APT1 Report
2014-10-27 - APT28 - A Window into Russias Cyber Espionage Ops
2014-11-24 - Security Response - Regin v1.0
2014-12-02 - Operation Cleaver Report
2014-12-10 - Defending Against the Dragonfly Cyber Security Attacks v3.0
2015-05-24 - Operation Oil Tanker - The Phantom Menace
2015-07-28 - Security Response - Black Vine Cyberespionage Group
2016-05-11 - Exploitation on SAP Business Apps
2016-06-02 - Irongate ICS Malware
2019-02-27 - DHS-CISA - MAR-17-352-01 HatMan - Safety System Targeted Malware (Update B)
2019-12-16 - USCG - Cyberattack Impacts MTSA Facility Operations - MSIB 10-19 2019-12-16
Stuxnet
2010-08-23 - Stuxnet Worm and Options for Remediation2010-10-14 - Analysis of Siemens Malware Attacks v3.1
2010-10-20 - Stuxnet Under the Microscope v1.1
2010-11-01 - Stuxnet Dossier v1.3
2011-02-15 - Stuxnet Dossier v1.4
2011-02-22 - How Stuxnet Spreads v1.0
2012-11-01 - Stuxnet Under the Microscope v1.31
2012-12-01 - Stuxnet, Schmitt Analysis, and the Cyber “Use-of-Force” Debate
2013-02-26 - Stuxnet 0.5 - The Missing Link v1.0
2013-11-19 - To Kill a Centrifuge
2015-02-17 - A Fanny Equation - I am your father Stuxnet
2015-03-22 - Stuxnet and Its Hidden Lessons on the Ethics of Cyberweapons
2016-03-01 - Shadows of Stuxnet
2017-04-13 - Stuxnet Drivers - A Detailed Analysis
2017-05-01 - A case study of Stuxnet within the theory of new and old wars
2017-10-05 - WAVE YOUR FALSE FLAGS - Deception Tactics Muddying Attribution in Targeted Attacks
2017-10-18 - Hot Spot - Analysis of Stuxnet
2018-03-08 - NSA’s perspective on APT landscape
2019-09-02 - How a secret Dutch mole aided the US-Israeli Stuxnet cyberattack on Iran
2021-07-01 - Attacks Against Critical Infrastructrure - A Global Concern
2021-09-04 - Fractional Dynamics of Stuxnet Virus Propagation
2021-12-01 - Jumping the Air Gap
2022-03-01 - A Realistic Analysis of the Stuxnet Cyber-attack
Triton
2017-12-14 - Attackers Deploy New ICS Attack Framework - TRITON - and Cause Operational Disruption to Critical Infrastructure2017-12-14 - TRISIS Malware - Analysis of Safety System Targeted Malware
2017-12-18 - HatMan - Safety System Targeted Malware (MAR-17-352-01)
2018-01-16 - Analyzing the TRITON industrial malware
2018-04-10 - HatMan - Safety System Targeted Malware (Update A) (MAR-17-352-01)
2018-08-08 - TRITON - The First ICS Cyberattack on Safety Instrument Systems
2018-10-23 - TRITON Attribution - Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
2020-10-23 - Treasury Sanctions Russian Government Research Institution Connected to the TRITON Malware
2020-12-21 - Russian Cyber Attack campaigns and actors - NOBELIUM has struck again
2021-02-11 - Visibility, Monitoring and Critical Infrastructure Security
2022-03-24 - TRITON Malware Remains Threat to Global Critical Infrastructure Industrial Control Systems (ICS) (20220324-001)
2022-03-24 - TTPs of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector (AA22-083A)
2022-09-30 - Zeroing in on Xenotime: Analysis of the entities responsible for the Triton event
2022-10-20 - Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure (AA22-110A)
Other VXUG Links
Official vx-underground Twitter
Official vx-underground Threat Intelligence feed
Support vx-underground monthly
Sponsor
World's Best Penis Enhancement PillsSponsor
Execute your malware here
Sponsor
Phantom Overlay, the best COD cheat available!Want to sponsor vx-underground?
Your information could go here