Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-07-18MandiantJared Wilson, Jonathan Lepore, Luis Rocha, Mike Stokkel, Pierre Gerlings, RENATO FONTANA, Stephen Eckels
APT41 Has Arisen From the DUST
Cobalt Strike
2023-04-20MandiantADRIAN SANCHEZ, DANIEL SCOTT, Dimiter Andonov, Fred Plan, Jake Nicastro, JEFF JOHNSON, Marius Fodoreanu, RENATO FONTANA
3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible
POOLRAT IconicStealer UNC4736
2022-06-13SANS ISCRenato Marinho
Translating Saitama's DNS tunneling messages
Saitama Backdoor
2021-12-28Morphus LabsRenato Marinho
Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons
Cobalt Strike
2020-11-03InfoSec Handlers Diary BlogRenato Marinho
Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike
Cobalt Strike
2020-05-31InfoSec Handlers Diary BlogRenato Marinho
Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses
Astaroth
2019-05-07SANS ISC InfoSec ForumsRenato
Vulnerable Apache Jenkins exploited in the wild
kerberods
2017-12-06BotconfRaimir Holanda, Renato Marinho
Exploring a P2P Transient Botnet - From Discovery to Enumeration
Rakos
2017-09-26ISCRenato Marinho
XPCTRA Malware Steals Banking and Digital Wallet User's Credentials
XPCTRA
2017-08-29InfoSec Handlers Diary BlogRenato Marinho
Second Google Chrome Extension Banker Malware in Two Weeks
IDKEY