SYMBOL | COMMON_NAME | aka. SYNONYMS |
Crowdstrike tarcks the operators behind the Qbot as MALLARD SPIDER
2025-03-10
⋅
LevelBlue
⋅
Prevent, Detect, Contain: LevelBlue MDR’s Guide Against Black Basta Affiliates’ Attacks Black Basta Black Basta ReedBed |
2025-03-03
⋅
Trend Micro
⋅
Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal Black Basta Black Basta Cactus ReedBed |
2025-02-20
⋅
Reliaquest
⋅
48 Minutes: How Fast Phishing Attacks Exploit Weaknesses ReedBed |
2025-01-31
⋅
ConnectWise
⋅
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks Black Basta Black Basta ReedBed |
2025-01-30
⋅
eSentire
⋅
Ongoing Email Bombing Campaigns leading to Remote Access and Post-Exploitation Black Basta ReedBed UNC4393 |
2025-01-25
⋅
Sophos
⋅
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing” ReedBed STAC5143 UNC4393 |
2025-01-23
⋅
Github (PaloAltoNetworks)
⋅
Cluster of Infrastructure likely used by Affiliate of Dark Scorpius (Black Basta) ReedBed |
2025-01-21
⋅
Twitter (@MsftSecIntel)
⋅
Twitter Thread describing spotting of ReedBed in a Storm-1811 campaign ReedBed UNC4393 |
2025-01-20
⋅
Medium walmartglobaltech
⋅
Qbot is Back.Connect ReedBed UNC4393 |
2021-01-01
⋅
Secureworks
⋅
Threat Profile: GOLD LAGOON QakBot MALLARD SPIDER |
2020-10-01
⋅
CrowdStrike
⋅
Duck Hunting with Falcon Complete: Analyzing a Fowl Banking Trojan, Part 1 QakBot MALLARD SPIDER |