Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-28vmwareBria Beathley, Dana Behling, Deborah Snyder, Fae Carlisle
8Base Ransomware: A Heavy Hitting Player
8Base Phobos SmokeLoader SystemBC
2023-06-28MandiantAlexander Marvi, Greg Blaum, Ron Craft
Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts
UNC3886
2023-06-28AhnLabSanseo
Kimsuky Attack Group Abusing Chrome Remote Desktop
Appleseed
2023-06-28Kaspersky LabsGReAT
Andariel’s silly mistakes and a new malware family
Jupiter
2023-06-28SpecterOpsCraig Wright
Sowing Chaos and Reaping Rewards in Confluence and Jira
2023-06-28VolexityAnkur Saini, Charlie Gardner
Charming Kitten Updates POWERSTAR with an InterPlanetary Twist
POWERSTAR
2023-06-28RussianPanda
Meduza Stealer or The Return of The Infamous Aurora Stealer
Meduza Stealer
2023-06-27Youtube (PROIDEA Events)Michał Łopacki, Piotr Zarzycki
Piotr Zarzycki, Michał Łopacki - Proxy dla przestępców na Twoim urządzeniu [OMH 2022]
2023-06-27ViuleeenzAlessandro Strino
IDA-Python - Locate a function independently from its offset
2023-06-27ZeroFoxZeroFox Dark Ops intelligence team
The Underground Economist: Volume 3, Issue 12
DarkGate Meduza Stealer
2023-06-27SecurityIntelligenceCharlotte Hammond, Ole Villadsen
The Trickbot/Conti Crypters: Where Are They Now?
Black Basta Conti Mount Locker PhotoLoader Royal Ransom SystemBC TrickBot
2023-06-26Github (cocomelonc)cocomelonc
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.
2023-06-26ThreatFabricThreatFabric
Anatsa banking Trojan hits UK, US and DACH with new campaign
Anatsa
2023-06-24Twitter (@embee_research)Embee_research
SmokeLoader - Malware Analysis and Decoding With Procmon
SmokeLoader
2023-06-23BluePurpleOllie Whitehouse
Bluepurple Pulse: week ending June 25th
APT28
2023-06-23SecuronixDen Iyzvyk, Oleg Kolesnikov, Tim Peck
Detecting New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities to Drop Multiple RAT Payloads With Security Analytics
Ave Maria
2023-06-23FourcoreJones Martin
Clop Ransomware: History, Timeline, And Adversary Simulation
Clop
2023-06-23PhylumPhylum Research Team
Phylum Discovers Sophisticated Ongoing Attack on NPM
2023-06-23KrollGeorge Glass, Keith Wojcieszek, Ryan Hicks
Deep Dive into GOOTLOADER Malware and Its Infection Chain
GootLoader
2023-06-23TrendmicroArianne Dela Cruz, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Nathaniel Morales, Paul Pajares
An Overview of the Different Versions of the Trigona Ransomware
Trigona