Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-12Medium Sapphirex00Sapphire
@online{sapphire:20201112:diving:6b388eb, author = {Sapphire}, title = {{Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia}}, date = {2020-11-12}, organization = {Medium Sapphirex00}, url = {https://medium.com/@sapphirex00/diving-into-the-sun-suncrypt-a-new-neighbour-in-the-ransomware-mafia-d89010c9df83}, language = {English}, urldate = {2020-11-23} } Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia
SunCrypt
2020-10-23Medium HorkosAlex Orleans
@online{orleans:20201023:last:c05dd4d, author = {Alex Orleans}, title = {{A Last Clever Knot?}}, date = {2020-10-23}, organization = {Medium Horkos}, url = {https://horkos.medium.com/a-last-clever-knot-26fd26765e8d}, language = {English}, urldate = {2020-10-29} } A Last Clever Knot?
2020-10-16Medium DoublepulsarKevin Beaumont
@online{beaumont:20201016:second:197ec38, author = {Kevin Beaumont}, title = {{Second Zerologon attacker seen exploiting internet honeypot}}, date = {2020-10-16}, organization = {Medium Doublepulsar}, url = {https://doublepulsar.com/second-zerologon-attacker-seen-exploiting-internet-honeypot-c7fb074451ef}, language = {English}, urldate = {2020-10-23} } Second Zerologon attacker seen exploiting internet honeypot
RemCom
2020-10-14Medium CyCraftCyCraft Technology Corp
@online{corp:20201014:taiwan:7628b24, author = {CyCraft Technology Corp}, title = {{Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 2: Owlproxy Malware}}, date = {2020-10-14}, organization = {Medium CyCraft}, url = {https://medium.com/cycraft/taiwan-government-targeted-by-multiple-cyberattacks-in-april-2020-3b20cea1dc20}, language = {English}, urldate = {2020-10-23} } Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 2: Owlproxy Malware
Owlproxy
2020-10-08Medium CyCraftCyCraft Technology Corp
@online{corp:20201008:taiwan:3a6afa1, author = {CyCraft Technology Corp}, title = {{Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 1: Waterbear Malware}}, date = {2020-10-08}, organization = {Medium CyCraft}, url = {https://medium.com/cycraft/taiwan-government-targeted-by-multiple-cyberattacks-in-april-2020-1980acde92b0}, language = {English}, urldate = {2020-10-23} } Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 1: Waterbear Malware
2020-10-03Medium vishal_thakurVishal Thakur
@online{thakur:20201003:grinju:175a605, author = {Vishal Thakur}, title = {{Grinju Downloader: Anti-analysis (on steroids) | Part 2}}, date = {2020-10-03}, organization = {Medium vishal_thakur}, url = {https://medium.com/@vishal_thakur/grinju-downloader-anti-analysis-on-steroids-part-2-8d76f427c0ce}, language = {English}, urldate = {2020-10-05} } Grinju Downloader: Anti-analysis (on steroids) | Part 2
Grinju Downloader
2020-09-25Medium cryptaxAxelle Apvrille
@online{apvrille:20200925:into:cf7b514, author = {Axelle Apvrille}, title = {{Into Android Meterpreter and how the malware launches it - part 2}}, date = {2020-09-25}, organization = {Medium cryptax}, url = {https://medium.com/@cryptax/into-android-meterpreter-and-how-the-malware-launches-it-part-2-ef5aad2ebf12}, language = {English}, urldate = {2020-09-25} } Into Android Meterpreter and how the malware launches it - part 2
Meterpreter
2020-09-22Medium (@vishal_thakur)Vishal Thakur
@online{thakur:20200922:grinju:c4a6229, author = {Vishal Thakur}, title = {{Grinju Downloader}}, date = {2020-09-22}, organization = {Medium (@vishal_thakur)}, url = {https://medium.com/@vishal_thakur/grinju-malware-anti-analysis-on-steroids-part-1-535e72e650b8}, language = {English}, urldate = {2020-09-22} } Grinju Downloader
Grinju Downloader
2020-09-18Medium cryptaxAxelle Apvrille
@online{apvrille:20200918:locating:56e0b57, author = {Axelle Apvrille}, title = {{Locating the Trojan inside an infected COVID-19 contact tracing app}}, date = {2020-09-18}, organization = {Medium cryptax}, url = {https://medium.com/@cryptax/locating-the-trojan-inside-an-infected-covid-19-contact-tracing-app-21e23f90fbfe}, language = {English}, urldate = {2020-09-25} } Locating the Trojan inside an infected COVID-19 contact tracing app
Meterpreter
2020-09-10Medium mariohenkelMario Henkel
@online{henkel:20200910:decrypting:2bcb10d, author = {Mario Henkel}, title = {{Decrypting NanoCore config and dump all plugins}}, date = {2020-09-10}, organization = {Medium mariohenkel}, url = {https://medium.com/@mariohenkel/decrypting-nanocore-config-and-dump-all-plugins-f4944bfaba52}, language = {English}, urldate = {2020-09-10} } Decrypting NanoCore config and dump all plugins
Nanocore RAT
2020-09-03Medium mariohenkelMario Henkel
@online{henkel:20200903:decrypting:16cd7a9, author = {Mario Henkel}, title = {{Decrypting AgentTesla strings and config}}, date = {2020-09-03}, organization = {Medium mariohenkel}, url = {https://medium.com/@mariohenkel/decrypting-agenttesla-strings-and-config-b9000b18c996?sk=fcead9538516eeb3daa7b53cb537f6f4}, language = {English}, urldate = {2020-09-03} } Decrypting AgentTesla strings and config
Agent Tesla
2020-08-18Medium mariohenkelMario Henkel
@online{henkel:20200818:decrypt:e395f6d, author = {Mario Henkel}, title = {{Decrypt MassLogger 2.4.0.0 configuration}}, date = {2020-08-18}, organization = {Medium mariohenkel}, url = {https://medium.com/@mariohenkel/decrypt-masslogger-2-4-0-0-configuration-eff3ee0720a7}, language = {English}, urldate = {2020-08-18} } Decrypt MassLogger 2.4.0.0 configuration
MASS Logger
2020-07-28Medium (@vishal_thakur)Vishal Thakur
@online{thakur:20200728:lolsnif:33c59cf, author = {Vishal Thakur}, title = {{LOLSnif Malware}}, date = {2020-07-28}, organization = {Medium (@vishal_thakur)}, url = {https://medium.com/@vishal_thakur/lolsnif-malware-e6cb2e731e63}, language = {English}, urldate = {2020-08-05} } LOLSnif Malware
LOLSnif
2020-07-24Medium (@velasco.l.n)Leandro Velasco
@online{velasco:20200724:exorcist:45ecdee, author = {Leandro Velasco}, title = {{Exorcist Ransomware - From triaging to deep dive}}, date = {2020-07-24}, organization = {Medium (@velasco.l.n)}, url = {https://medium.com/@velasco.l.n/exorcist-ransomware-from-triaging-to-deep-dive-5b7da4263d81}, language = {English}, urldate = {2020-07-30} } Exorcist Ransomware - From triaging to deep dive
Exorcist
2020-07-24Medium tom_rockThomas Roccia
@online{roccia:20200724:fifty:3778c61, author = {Thomas Roccia}, title = {{Fifty Shades of Malware Strings}}, date = {2020-07-24}, organization = {Medium tom_rock}, url = {https://medium.com/@tom_rock/fifty-shades-of-malware-strings-d33b0c7bee99}, language = {English}, urldate = {2020-08-18} } Fifty Shades of Malware Strings
2020-07-08Medium (@sevdraven)Sébastien Larinier
@online{larinier:20200708:how:7d692bb, author = {Sébastien Larinier}, title = {{How to unpack Chinoxy backdoor and decipher the configuration of the backdoor}}, date = {2020-07-08}, organization = {Medium (@sevdraven)}, url = {https://medium.com/@Sebdraven/how-to-unpack-chinoxy-backdoor-and-decipher-the-configuration-of-the-backdoor-4ffd98ca2a02}, language = {English}, urldate = {2020-07-11} } How to unpack Chinoxy backdoor and decipher the configuration of the backdoor
Chinoxy
2020-06-25Medium CSIS TechblogAleksejs Kuprins
@online{kuprins:20200625:roamingmantis:256a9f9, author = {Aleksejs Kuprins}, title = {{The RoamingMantis Group’s Expansion to European Apple Accounts and Android Devices}}, date = {2020-06-25}, organization = {Medium CSIS Techblog}, url = {https://medium.com/csis-techblog/the-roamingmantis-groups-expansion-to-european-apple-accounts-and-android-devices-e6381723c681}, language = {English}, urldate = {2020-06-25} } The RoamingMantis Group’s Expansion to European Apple Accounts and Android Devices
FakeSpy FunkyBot MoqHao
2020-06-18Medium Huntress LabsJohn Ferrell
@online{ferrell:20200618:hiding:c2db03f, author = {John Ferrell}, title = {{Hiding In Plain Sight}}, date = {2020-06-18}, organization = {Medium Huntress Labs}, url = {https://blog.huntresslabs.com/hiding-in-plain-sight-556469e0a4e}, language = {English}, urldate = {2020-06-19} } Hiding In Plain Sight
2020-06-14Medium (Andy Piazza)Andy Piazza
@online{piazza:20200614:cti:4c27701, author = {Andy Piazza}, title = {{CTI is Better Served with Context: Getting better value from IOCs}}, date = {2020-06-14}, organization = {Medium (Andy Piazza)}, url = {https://klrgrz.medium.com/cti-is-better-served-with-context-getting-better-value-from-iocs-496343741f80}, language = {English}, urldate = {2021-11-02} } CTI is Better Served with Context: Getting better value from IOCs
2020-06-08Medium shantanukhandeShantanu Khandelwal
@online{khandelwal:20200608:red:ff4aae7, author = {Shantanu Khandelwal}, title = {{Red Team: Using SharpChisel to exfil internal network}}, date = {2020-06-08}, organization = {Medium shantanukhande}, url = {https://medium.com/@shantanukhande/red-team-using-sharpchisel-to-exfil-internal-network-e1b07ed9b49}, language = {English}, urldate = {2020-08-18} } Red Team: Using SharpChisel to exfil internal network