Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-02-07MalwarebytesMark Stockley
How to tell if your toothbrush is being used in a DDoS attack
2024-02-07CrowdStrikeDonato Onofri, Emanuele Calvelli
HijackLoader Expands Techniques to Improve Defense Evasion
HijackLoader
2023-10-23SarlackLabJohn Faria
Advice For Catching a RedLine Stealer
RedLine Stealer
2023-09-28HarfangLabClaudio Teixeira
Loader Galore - TaskLoader at the start of a Pay-per-Install Infection Chain
CustomerLoader Fabookie LgoogLoader SmokeLoader
2023-09-18Alpine SecurityBorja Merino
HijackLoader Targets Hotels: A Technical Analysis
HijackLoader
2023-09-08ZscalerZscaler
Technical Analysis of HijackLoader
HijackLoader
2023-08-30NisosVincas Čižiūnas
Trickbot in Light of Trickleaks Data
TrickBot
2023-07-27X (@BlackLotusLabs)Black Lotus Labs
Tweet on update on AVrecon bot's migration to new infrastructure
AVrecon
2023-07-15MSSP Labcocomelonc
Malware source code investigation: BlackLotus - part 1
BlackLotus
2023-06-13Outpost24Beatriz Pimenta Klein
ICS attack classifications: differentiating between cyberwarfare, cyberterrorism, and hacktivism
UAC-0118
2023-05-29kn0s-organization
BlackLotus stage 2 bootkit-rootkit analysis
BlackLotus
2023-05-03unpac.meSean Wilson
UnpacMe Weekly: New Version of IcedId Loader
IcedID PhotoLoader
2023-04-19SophosAndreas Klopsch
‘AuKill’ EDR killer malware abuses Process Explorer driver
AuKill
2023-04-11MicrosoftMicrosoft Incident Response
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
BlackLotus
2023-03-09binarlyAleksandr Matrosov
The Untold Story of the BlackLotus UEFI Bootkit
BlackLotus
2023-03-04ThreatZeroRaphael Mendonça
KL Remota -  Brazilian Malware Bank
2023-03-01ESET ResearchMartin Smolár
BlackLotus UEFI bootkit: Myth confirmed
BlackLotus
2023-01-09Twitter (@SethKingHi)SKII
Tweet on HuskLoader
HuskLoader
2022-12-13SophosAndreas Klopsch, Andrew Brandt
Signed driver malware moves up the software trust chain
KillAV
2022-10-04SophosAndreas Klopsch
Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse
BlackByte