Click here to download all references as Bib-File.
2022-12-09 ⋅ Positive Technologies ⋅ APT Cloud Atlas: Unbroken Threat |
2022-08-04 ⋅ PTSecurity ⋅ Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage Stealer0x3401 YaRAT |
2022-08-04 ⋅ PTSecurity ⋅ Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage Stealer0x3401 YaRAT |
2022-05-27 ⋅ PTSecurity ⋅ How bootkits are implemented in modern firmware and how UEFI differs from Legacy BIOS LoJax MoonBounce |
2021-09-30 ⋅ PTSecurity ⋅ Masters of Mimicry: new APT group ChamelGang and its arsenal DoorMe |
2021-09-30 ⋅ PTSecurity ⋅ Masters of Mimicry: new APT group ChamelGang and its arsenal Cobalt Strike |
2021-08-03 ⋅ PTSecurity ⋅ APT31 new dropper. Target destinations: Mongolia, Russia, the U.S., and elsewhere |
2021-07-08 ⋅ PTSecurity ⋅ How winnti APT grouping works Korlia ShadowPad Winnti |
2021-04-12 ⋅ PTSecurity ⋅ PaaS, or how hackers evade antivirus software Amadey Bunitu Cerber Dridex ISFB KPOT Stealer Mailto Nemty Phobos Pony Predator The Thief QakBot Raccoon RTM SmokeLoader Zloader |
2021-02-18 ⋅ PTSecurity ⋅ https://www.ptsecurity.com/ww-en/analytics/antisandbox-techniques/ Poet RAT Gravity RAT Ketrican Okrum OopsIE Remcos RogueRobinNET RokRAT SmokeLoader |
2021-01-14 ⋅ PTSecurity ⋅ Higaisa or Winnti? APT41 backdoors, old and new Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad |
2021-01-14 ⋅ PTSecurity ⋅ Higaisa or Winnti? APT41 backdoors, old and new FunnySwitch |
2020-11-27 ⋅ PTSecurity ⋅ Investigation with a twist: an accidental APT attack and averted data destruction TwoFace CHINACHOPPER HyperBro MegaCortex MimiKatz |
2020-09-08 ⋅ PTSecurity ⋅ ShadowPad: new activity from the Winnti group CCleaner Backdoor Korlia ShadowPad TypeHash |
2020-07-23 ⋅ PTSecurity ⋅ Attacking MS Exchange Web Interfaces |
2020-06-16 ⋅ PTSecurity ⋅ Cobalt: tactics and tools update CobInt |
2020-06-04 ⋅ PTSecurity ⋅ COVID-19 and New Year greetings: an investigation into the tools and methods used by the Higaisa group Ghost RAT |
2020-05-20 ⋅ PTSecurity ⋅ Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet FlawedAmmyy |
2020-04-17 ⋅ Youtube (Positive Technologies) ⋅ Mlw #41: новый сложный загрузчик APT-группировки TA505 SnatchLoader |
2019-11-11 ⋅ PTSecurity ⋅ Operation TA505, part four. Twins |