Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-09Twitter(@michalmalik)Michal Malík
Tweet on HabitsRAT for Linux
HabitsRAT
2021-09-03Twitter (@ESETresearch)ESET Research
Twitter thread on SPARKLOG, a launcher component for PRIVATELOG along with STASHLOG
PRIVATELOG STASHLOG
2021-09-02Twitter (@th3_protoCOL)Colin, GaborSzappanos
Tweet on Confluence Server exploitation (CVE-2021-26084) in the wild and cobaltsrike activity (mentioned in replies by GaborSzappanos)
Cobalt Strike
2021-08-30Twitter (@Arkbird_SOLG)Arkbird
Tweet on MercurialGrabber
MercurialGrabber
2021-08-26Twitter (@ViriBack)Dee
Tweet on Vulturi Stealer and it's c2 panel
Vulturi
2021-08-25Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on Hydra-variant with Dutch ransom note
Nitro
2021-08-22Twitter (@ViriBack)ViriBack
Tweet on Colibri Loader and Vertex malware
2021-08-20Twitter (@VirITeXplorer)TG Soft
Tweet about LockFile attacks in Italy
LockFile
2021-08-12Twitter (@r3c0nst)Frank Boldewin
Tweet on StealBit malware as used by LockBit 2.0
StealBit
2021-08-05Twitter (@VK_intel)Vitali Kremez
Tweet on Linux variant of BlackMatter
BlackMatter
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access
Conti
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Lorenz ransomware tricking user into allowing OAuth permissions to "Thunderbird with ExQuilla" for O365
Lorenz
2021-08-05Twitter (@BaoshengbinCumt)2ero
Attacks on NCGSA, MOITT, MOD, NSCP and SCO in Pakistan
NetWire RC
2021-08-03Twitter (@sysopfb)Jason Reaves
Tweet on python script to decode the blob from Blackmatter ransomware
DarkSide
2021-08-03Twitter (@ValthekOn)Valthek
Tweet on blacklisted extensions & names of BlackMatter ransomware making the check against custom hashes values
DarkSide
2021-08-03Twitter (@sisoma2)sisoma2
Python script for recovering the hashes hardcoded in different samples of the BlackMatter ransomware
DarkSide
2021-07-30Twitter (@Unit42_Intel)Unit 42
Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability
BazarBackdoor Cobalt Strike
2021-07-27Twitter (@fwosar)Fabian Wosar
Tweet on new REvil variant
REvil
2021-07-26Twitter (@alex_lanstein)Alex Lanstein
Tweet on BITTER group widely targeting diplomats in Yangon
2021-07-24Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro
Metamorfo