Click here to download all references as Bib-File.
2022-06-02 ⋅ Twitter (@sysopfb) ⋅ Tweets on UpdateAgent - GolangVersion UpdateAgent |
2022-05-25 ⋅ Medium walmartglobaltech ⋅ SocGholish Campaigns and Initial Access Kit FAKEUPDATES Blister Cobalt Strike NetSupportManager RAT |
2022-04-15 ⋅ Medium walmartglobaltech ⋅ Revisiting BatLoader C2 structure |
2022-03-28 ⋅ Medium walmartglobaltech ⋅ CobaltStrike UUID stager Cobalt Strike |
2022-03-10 ⋅ Medium walmartglobaltech ⋅ Diavol the Enigma of Ransomware Diavol |
2022-02-14 ⋅ Medium walmartglobaltech ⋅ PrivateLoader to Anubis Loader Anubis Loader PrivateLoader |
2022-02-01 ⋅ Medium walmartglobaltech ⋅ Sugar Ransomware, a new RaaS Sugar |
2022-01-11 ⋅ Medium walmartglobaltech ⋅ Signed DLL campaigns as a service Cobalt Strike ISFB Zloader |
2021-10-14 ⋅ Medium walmartglobaltech ⋅ Investigation into the state of NIM malware Part 2 Cobalt Strike NimGrabber Nimrev Unidentified 088 (Nim Ransomware) |
2021-09-07 ⋅ Medium walmartglobaltech ⋅ Decoding SmartAssembly strings, a Haron ransomware case study Haron Ransomware |
2021-08-19 ⋅ Medium walmartglobaltech ⋅ Looking at the new Krypton crypter and recent Data Exfiltrator Samples |
2021-08-03 ⋅ Twitter (@sysopfb) ⋅ Tweet on python script to decode the blob from Blackmatter ransomware DarkSide |
2021-07-30 ⋅ Medium walmartglobaltech ⋅ Decrypting BazarLoader strings with a Unicorn BazarBackdoor |
2021-07-08 ⋅ Medium walmartglobaltech ⋅ Amadey stealer plugin adds Mikrotik and Outlook harvesting Amadey |
2021-07-06 ⋅ Medium walmartglobaltech ⋅ TA505 adds GoLang crypter for delivering miners and ServHelper ServHelper |
2021-06-07 ⋅ Medium walmartglobaltech ⋅ Inside the SystemBC Malware-As-A-Service Ryuk SystemBC TrickBot |
2021-05-03 ⋅ Medium walmartglobaltech ⋅ BuerLoader Updates Buer |
2021-04-20 ⋅ Medium walmartglobaltech ⋅ CobaltStrike Stager Utilizing Floating Point Math Cobalt Strike |
2021-04-09 ⋅ Medium walmartglobaltech ⋅ A Relook at the TerraLoader Dropper DLL TerraLoader |
2021-04-07 ⋅ Medium walmartglobaltech ⋅ Not your same old adware anymore, PBOT updates |