Click here to download all references as Bib-File.•
2024-09-03
⋅
Twitter (@embee_research)
⋅
Advanced Cyberchef Techniques - Defeating Nanocore Obfuscation With Math and Flow Control Nanocore RAT |
2024-08-15
⋅
Kaspersky
⋅
Tusk campaign uses infostealers and clippers for financial gain DanaBot HijackLoader Stealc |
2024-07-11
⋅
sysdig
⋅
CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools CRYSTALRAY |
2024-06-26
⋅
SentinelOne
⋅
ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware CatB Chamelgang |
2024-06-19
⋅
AT&T
⋅
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations SquidLoader |
2024-06-10
⋅
The Hacker News
⋅
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack More_eggs |
2024-05-14
⋅
ESET Research
⋅
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain Ebury |
2024-05-13
⋅
ESET Research
⋅
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain Ebury |
2024-05-01
⋅
Trend Micro
⋅
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks SSHDoor |
2024-04-03
⋅
Resecurity
⋅
The New Version Of JsOutProx Is Attacking Financial Institutions In APAC And MENA Via GitLab Abuse JSOutProx |
2024-04-02
⋅
Kaspersky
⋅
APT and financial attacks on industrial organizations in H2 2023 HellHounds |
2024-03-18
⋅
Twitter (@juanandres_gs)
⋅
Twitter thread on the sample identified AcidPour |
2024-03-09
⋅
Asobancaria
⋅
New Backdoor Activity Socks5Systemz Socks5 Systemz |
2024-01-31
⋅
Trend Micro
⋅
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets Mocky LNK Unidentified 114 (APT28 InfoStealer) |
2024-01-25
⋅
JSAC 2024
⋅
Lazarus Group’s Large-scale Threats via Watering Hole and Financial Software |
2024-01-23
⋅
Trend Micro
⋅
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver Kasseika |
2024-01-05
⋅
AlienLabs
⋅
AsyncRAT loader: Obfuscation, DGAs, decoys and Govno AsyncRAT |
2023-12-12
⋅
Microsoft
⋅
Threat actors misuse OAuth applications to automate financially driven attacks Storm-1283 Storm-1286 |
2023-11-21
⋅
Checkpoint
⋅
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks Gwisin |
2023-11-21
⋅
Trellix
⋅
The Continued Evolution of the DarkGate Malware-as-a-Service DarkGate |