Malware Research Online
This lecture discusses researching malware online, and provides some resources for doing so.
In my opinion, the best resource available for educating oneself on security incidents and attacks is the APTnotes archive:
The ThreatMiner project has built a nice user interface to this, as well as other, cyber security reporting:
Additionally, I deep dive into Malware Analysis reports published by security research firms for two cyber threats:
2016 - OilRig
This is an alleged Iranian threat actor that launches complex targeted attacks. They’ve been tracked since 2015, according to the source
- Iranian Threat Agent OilRig Delivers Digitally Signed Malware, Impersonates University of Oxford _ ClearSky Cybersecurity
2014 - Operations Clandestine Fox and Double Tap
This is alleged to have been carried out by a Chinese threat group with ties going back at least a few years as of the publication of the report. The connecting relationships between the Spring 2014 attacks and the Fall 2014 attacks are described in the malware analysis in Operation Double Tap
Slides: lecture-w03-2.pdf (PDF)
P.S.: One Additional Recommendation
Below is a link to another report, from Symantec in 2011, which I feel has a good amount of malware analysis describing a group which used the Poison Ivy RAT heavily around that time.