Click here to download all references as Bib-File.•
2024-09-26
⋅
Palo Alto Networks Unit 42
⋅
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy FPSpy KLogEXE |
2024-08-28
⋅
Talos Intelligence
⋅
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks BlackByte |
2024-07-23
⋅
Hunt.io
⋅
A Simple Approach to Discovering Oyster Backdoor Infrastructure Broomstick |
2024-07-10
⋅
Akamai
⋅
CVE-2024-4577 Exploits in the Wild One Day After Disclosure Tsunami Ghost RAT xmrig |
2024-06-28
⋅
cocomelonc
⋅
Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example. |
2024-06-20
⋅
Cleafy
⋅
Medusa Reborn: A New Compact Variant Discovered Medusa TangleBot |
2024-06-19
⋅
AT&T
⋅
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations SquidLoader |
2024-06-17
⋅
Trellix
⋅
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion HijackLoader Lumma Stealer |
2024-06-05
⋅
Cisco Talos
⋅
DarkGate switches up its tactics with new payload, email templates DarkGate |
2024-05-30
⋅
Cisco Talos
⋅
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader purpleink LilacSquid |
2024-05-01
⋅
Microsoft
⋅
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps |
2024-04-30
⋅
Intrinsec
⋅
Matanbuchus & Co: Code Emulation and Cybercrime Infrastructure Discovery FAKEUPDATES Matanbuchus |
2024-04-24
⋅
Cisco
⋅
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices ArcaneDoor Storm-1849 |
2024-04-24
⋅
NCSC UK
⋅
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices. |
2024-04-24
⋅
NCSC UK
⋅
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices. |
2024-04-11
⋅
Microsoft
⋅
How Microsoft discovers and mitigates evolving attacks against AI guardrails |
2024-03-29
⋅
Openwall
⋅
Initial email disclosing suspected backdoor in xz tarballs xzbot |
2024-02-29
⋅
SANS ISC
⋅
Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service DarkGate |
2024-02-15
⋅
Cisco Talos
⋅
TinyTurla Next Generation - Turla APT spies on Polish NGOs TinyTurlaNG |
2024-02-08
⋅
Cisco Talos
⋅
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization HTran reGeorg Venom Proxy ZarDoor |