Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-12loginsoftBhargav koduru
Maximizing Threat Detections of Qakbot with Osquery
QakBot
2023-04-11CitizenLabAstrid Perry, Bahr Abdul Razzak, Bill Marczak, Emma Lyon, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis, Zoe Panday
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers
Carmine Tsunami
2023-04-11China Cybersecurity Industry AllianceChina Cybersecurity Industry Alliance
Review of Cyberattacks from US Intelligence Agencies - Based on Global Cybersecurity Communities' Analyses
DuQu Flame Gauss Stuxnet
2023-04-11CoalitionLeeann Nicolo
Security Alert: Royal Ransomware Targeting Firewalls
Royal Ransom
2023-04-11MicrosoftMicrosoft Threat Intelligence
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Carmine Tsunami
2023-04-11MicrosoftMicrosoft Incident Response
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
BlackLotus
2023-04-11Twitter (@Unit42_Intel)Unit42
Tweet on change of IcedID backconnect traffic port from 8080 to 443
IcedID
2023-04-11SEC ConsultAngelo Violetti
BumbleBee hunting with a Velociraptor
BumbleBee
2023-04-10Twitter (@embee_research)Matthew
Redline Stealer - Static Analysis and C2 Extraction
Amadey RedLine Stealer
2023-04-10SequretekSequretek
Kutaki Stealer - Analysis
Kutaki
2023-04-10Check PointCheck Point
March 2023’s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files
Agent Tesla CloudEyE Emotet Formbook Nanocore RAT NjRAT QakBot Remcos Tofsee
2023-04-09LianSecurityLianSecurity
Nexus Android Trojan Analysis Report
Nexus S.O.V.A.
2023-04-09@0xToxin
LummaC2 BreakDown
Lumma Stealer
2023-04-08Twitter (@embee_research)Embee_research
Dcrat - Manual De-obfuscation of .NET Malware
DCRat
2023-04-08Team CymruScott Fisher
Deriving Insight from Threat Actor Infrastructure
Raccoon
2023-04-08cocomelonccocomelonc
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.
2023-04-08kienmanowar Blogm4n0w4r, Tran Trung Kien
[QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam
AsyncRAT DCRat WorldWind
2023-04-07ElasticSalim Bitam
Attack chain leads to XWORM and AGENTTESLA
Agent Tesla XWorm
2023-04-07MicrosoftMicrosoft Threat Intelligence
MERCURY and DEV-1084: Destructive attack on hybrid environment
DarkBit Storm-1084
2023-04-06OALabsSergei Frankoff
PhotoLoader ICEDID
PhotoLoader