Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-19Medium (@DCSO_CyTec)Johann Aydinbas
@online{aydinbas:20230919:shortandmalicious:a0cff0b, author = {Johann Aydinbas}, title = {{#ShortAndMalicious — DarkGate}}, date = {2023-09-19}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/shortandmalicious-darkgate-d9102a457232}, language = {English}, urldate = {2023-09-20} } #ShortAndMalicious — DarkGate
DarkGate
2023-09-07Medium (@simone.kraus)Simone Kraus
@online{kraus:20230907:critical:0746f72, author = {Simone Kraus}, title = {{Critical Energy Infrastructure Facility Attack In Ukraine}}, date = {2023-09-07}, organization = {Medium (@simone.kraus)}, url = {https://medium.com/@simone.kraus/critical-engergy-infrastructure-facility-in-ukraine-attack-b15638f6a402}, language = {English}, urldate = {2023-09-11} } Critical Energy Infrastructure Facility Attack In Ukraine
2023-08-30Medium walmartglobaltechJason Reaves
@online{reaves:20230830:gazavat:1f8a081, author = {Jason Reaves}, title = {{Gazavat / Expiro DMSniff connection and DGA analysis}}, date = {2023-08-30}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/gazavat-expiro-dmsniff-connection-and-dga-analysis-8b965cc0221d}, language = {English}, urldate = {2023-08-31} } Gazavat / Expiro DMSniff connection and DGA analysis
DMSniff Expiro
2023-08-02Medium (@morimolymoly)morimolymoly
@online{morimolymoly:20230802:hui:99bb65d, author = {morimolymoly}, title = {{HUI Loader — Malware Analysis Note}}, date = {2023-08-02}, organization = {Medium (@morimolymoly)}, url = {https://medium.com/@morimolymoly/hui-loader-malware-analysis-note-4fa0e1c791d3}, language = {English}, urldate = {2023-08-25} } HUI Loader — Malware Analysis Note
HUI Loader
2023-07-31Medium (csg-govtech)Greg Jefferson
@online{jefferson:20230731:chinabacked:b3e5da9, author = {Greg Jefferson}, title = {{China-Backed Hackers Threaten Texas Military Sites, Utilities}}, date = {2023-07-31}, organization = {Medium (csg-govtech)}, url = {https://www.govtech.com/security/china-backed-hackers-threaten-texas-military-sites-utilities}, language = {English}, urldate = {2023-08-25} } China-Backed Hackers Threaten Texas Military Sites, Utilities
2023-07-18Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
@online{reaves:20230718:nemesisproject:daa35d0, author = {Jason Reaves and Jonathan Mccay and Joshua Platt}, title = {{NemesisProject}}, date = {2023-07-18}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/nemesisproject-816ed5c1e8d5}, language = {English}, urldate = {2023-07-19} } NemesisProject
Nemesis
2023-06-23Medium (Cryptax)Axelle Apvrille
@online{apvrille:20230623:inside:80ab43b, author = {Axelle Apvrille}, title = {{Inside KangaPack: the Kangaroo packer with native decryption}}, date = {2023-06-23}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/inside-kangapack-the-kangaroo-packer-with-native-decryption-3e7e054679c4}, language = {English}, urldate = {2023-06-26} } Inside KangaPack: the Kangaroo packer with native decryption
FluHorse
2023-06-23MediumTaisiia Garkava
@online{garkava:20230623:observerstealer:5699a93, author = {Taisiia Garkava}, title = {{ObserverStealer: Unmasking the New Contender in Cyber Crime}}, date = {2023-06-23}, organization = {Medium}, url = {https://medium.com/@cyberhust1er/observerstealer-unmasking-the-new-contender-in-cyber-crime-6e54a40d801d}, language = {English}, urldate = {2023-06-27} } ObserverStealer: Unmasking the New Contender in Cyber Crime
ObserverStealer
2023-05-17Medium (@DCSO_CyTec)Johann Aydinbas, Emilia Neuber, Kritika Roy, Axel Wauer, Jiro Minier
@online{aydinbas:20230517:andariels:517dbe2, author = {Johann Aydinbas and Emilia Neuber and Kritika Roy and Axel Wauer and Jiro Minier}, title = {{Andariel’s “Jupiter” malware and the case of the curious C2}}, date = {2023-05-17}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/andariels-jupiter-malware-and-the-case-of-the-curious-c2-dbfe29f57499}, language = {English}, urldate = {2023-05-21} } Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter
2023-05-14MediumDenshi Yūrei
@online{yrei:20230514:silent:9e16bf5, author = {Denshi Yūrei}, title = {{Silent Echoes: The Hidden Dialogue among Malware Entities — Spotlight on AMOS InfoStealer}}, date = {2023-05-14}, organization = {Medium}, url = {https://denshiyurei.medium.com/silent-echoes-the-hidden-dialogue-among-malware-entities-spotlight-on-amos-infostealer-6d7cd70e3219}, language = {English}, urldate = {2023-05-15} } Silent Echoes: The Hidden Dialogue among Malware Entities — Spotlight on AMOS InfoStealer
AMOS Aurora Stealer TitanStealer
2023-05-09Medium walmartglobaltechJason Reaves, Joshua Platt, Jonathan Mccay
@online{reaves:20230509:metastealer:11ef397, author = {Jason Reaves and Joshua Platt and Jonathan Mccay}, title = {{MetaStealer string decryption and DGA overview}}, date = {2023-05-09}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/metastealer-string-decryption-and-dga-overview-5f38f76830cd}, language = {English}, urldate = {2023-05-11} } MetaStealer string decryption and DGA overview
MetaStealer
2023-04-19Medium (@simone.kraus)Simone Kraus
@online{kraus:20230419:rorschach:835da83, author = {Simone Kraus}, title = {{Rorschach Ransomware Analysis with Attack Flow}}, date = {2023-04-19}, organization = {Medium (@simone.kraus)}, url = {https://medium.com/@simone.kraus/rorschach-ransomware-analysis-with-attack-flow-7fa5ff613a75}, language = {English}, urldate = {2023-04-25} } Rorschach Ransomware Analysis with Attack Flow
Rorschach Ransomware
2023-04-13Medium Invictus Incident ResponseInvictus Incident Response
@online{response:20230413:ransomware:d516cc9, author = {Invictus Incident Response}, title = {{Ransomware in the cloud}}, date = {2023-04-13}, organization = {Medium Invictus Incident Response}, url = {https://invictus-ir.medium.com/ransomware-in-the-cloud-7f14805bbe82}, language = {English}, urldate = {2023-04-22} } Ransomware in the cloud
2023-04-05Medium IlanduIlan Duhin
@online{duhin:20230405:portdoor:e39d907, author = {Ilan Duhin}, title = {{PortDoor - APT Backdoor analysis}}, date = {2023-04-05}, organization = {Medium Ilandu}, url = {https://medium.com/@Ilandu/portdoor-malware-afc9d0796cba}, language = {English}, urldate = {2023-04-06} } PortDoor - APT Backdoor analysis
ACBackdoor 8.t Dropper PortDoor
2023-03-23Medium s2wlabBLKSMTH, S2W TALON
@online{blksmth:20230323:scarcruft:82ba4d6, author = {BLKSMTH and S2W TALON}, title = {{Scarcruft Bolsters Arsenal for targeting individual Android devices}}, date = {2023-03-23}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/scarcruft-bolsters-arsenal-for-targeting-individual-android-devices-97d2bcef4ab}, language = {English}, urldate = {2023-03-27} } Scarcruft Bolsters Arsenal for targeting individual Android devices
RambleOn RokRAT
2023-03-20Medium s2wlabHOTSAUCE, S2W TALON
@online{hotsauce:20230320:detailed:d141765, author = {HOTSAUCE and S2W TALON}, title = {{Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking}}, date = {2023-03-20}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/detailed-analysis-of-cryptocurrency-phishing-through-famous-youtube-channel-hacking-cd40de8dce6f}, language = {Korean}, urldate = {2023-03-21} } Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking
2023-03-17Medium s2wlabBLKSMTH, S2W TALON
@online{blksmth:20230317:kimsuky:984e133, author = {BLKSMTH and S2W TALON}, title = {{Kimsuky group appears to be exploiting OneNote like the cybercrime group}}, date = {2023-03-17}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/kimsuky-group-appears-to-be-exploiting-onenote-like-the-cybercrime-group-3c96b0b85b9f}, language = {English}, urldate = {2023-03-20} } Kimsuky group appears to be exploiting OneNote like the cybercrime group
2023-03-10Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20230310:from:6bceb30, author = {Jason Reaves and Joshua Platt}, title = {{From Royal With Love}}, date = {2023-03-10}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/from-royal-with-love-88fa05ff7f65}, language = {English}, urldate = {2023-03-13} } From Royal With Love
Cobalt Strike Conti PLAY Royal Ransom Somnia
2023-02-27Medium s2wlabJiho Kim, Lee Sebin
@online{kim:20230227:lumma:9f3f99f, author = {Jiho Kim and Lee Sebin}, title = {{Lumma Stealer targets YouTubers via Spear-phishing Email}}, date = {2023-02-27}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/lumma-stealer-targets-youtubers-via-spear-phishing-email-ade740d486f7}, language = {English}, urldate = {2023-03-13} } Lumma Stealer targets YouTubers via Spear-phishing Email
Lumma Stealer
2023-02-26Medium IlanduIlan Duhin, Yossi Poberezsky
@online{duhin:20230226:emotet:b21451d, author = {Ilan Duhin and Yossi Poberezsky}, title = {{Emotet Campaign}}, date = {2023-02-26}, organization = {Medium Ilandu}, url = {https://medium.com/@Ilandu/emotet-campaign-6f240f7a5ed5}, language = {English}, urldate = {2023-02-27} } Emotet Campaign
Emotet