Click here to download all references as Bib-File.•
2024-05-05
⋅
Github (VenzoV)
⋅
Latrodectus "littlehw" Unidentified 111 (Latrodectus) |
2024-05-04
⋅
Medium MITRE-Engenuity
⋅
Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion WIREFIRE |
2024-05-01
⋅
Trend Micro
⋅
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks SSHDoor |
2024-05-01
⋅
Trend Micro
⋅
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks SSHDoor |
2024-04-30
⋅
Trellix
⋅
Pouring Acid Rain AcidPour AcidRain |
2024-04-30
⋅
0x0d4y
⋅
Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement? Unidentified 111 (Latrodectus) |
2024-04-29
⋅
ThreatMon
⋅
Understanding the 'Kapeka' Backdoor: Detailed Analysis by APT44 (paywall) Kapeka |
2024-04-29
⋅
ThreatMon
⋅
Understanding the 'Kapeka' Backdoor: Detailed Analysis by APT44 (paywall) Kapeka |
2024-04-29
⋅
Twitter (@sekoia_io)
⋅
@sekoia_io's tweet about the (not so) new infostealer, named ACR Stealer win.acr_stealer |
2024-04-29
⋅
Zscaler
⋅
Zloader Learns Old Tricks Zloader |
2024-04-29
⋅
The DFIR Report
⋅
From IcedID to Dagon Locker Ransomware in 29 Days IcedID Mount Locker |
2024-04-25
⋅
Microsoft
⋅
Guidance for Incident Responders |
2024-04-24
⋅
kienmanowar Blog
⋅
[QuickNote] Qakbot 5.0 – Decrypt strings and configuration QakBot |
2024-04-24
⋅
kienmanowar Blog
⋅
[QuickNote] Qakbot 5.0 – Decrypt strings and configuration QakBot |
2024-04-24
⋅
Cisco
⋅
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices ArcaneDoor Storm-1849 |
2024-04-24
⋅
NCSC UK
⋅
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices. |
2024-04-24
⋅
NCSC UK
⋅
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices. |
2024-04-24
⋅
Securonix
⋅
Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover Cobalt Strike SSLoad |
2024-04-24
⋅
Securonix
⋅
Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover Cobalt Strike SSLoad |
2024-04-24
⋅
Securonix
⋅
Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover Cobalt Strike SSLoad |