Click here to download all references as Bib-File.•
| 2021-08-05
⋅
Twitter (@AltShiftPrtScn)
⋅
Tweet on Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access Conti |
| 2021-08-05
⋅
Twitter (@AltShiftPrtScn)
⋅
Tweet on Lorenz ransomware tricking user into allowing OAuth permissions to "Thunderbird with ExQuilla" for O365 Lorenz |
| 2021-08-05
⋅
⋅
Twitter (@BaoshengbinCumt)
⋅
Attacks on NCGSA, MOITT, MOD, NSCP and SCO in Pakistan NetWire RC |
| 2021-08-03
⋅
Twitter (@sysopfb)
⋅
Tweet on python script to decode the blob from Blackmatter ransomware DarkSide |
| 2021-08-03
⋅
Twitter (@ValthekOn)
⋅
Tweet on blacklisted extensions & names of BlackMatter ransomware making the check against custom hashes values DarkSide |
| 2021-08-03
⋅
Twitter (@sisoma2)
⋅
Python script for recovering the hashes hardcoded in different samples of the BlackMatter ransomware DarkSide |
| 2021-07-30
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability BazarBackdoor Cobalt Strike |
| 2021-07-27
⋅
Twitter (@fwosar)
⋅
Tweet on new REvil variant REvil |
| 2021-07-26
⋅
Twitter (@alex_lanstein)
⋅
Tweet on BITTER group widely targeting diplomats in Yangon |
| 2021-07-24
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro Metamorfo |
| 2021-07-22
⋅
Twitter (@HackSysTeam)
⋅
Tweet on analysis of Pegasus Chrysaor |
| 2021-07-21
⋅
Twitter (@bkMSFT)
⋅
Tweet on an ANSSI report detailing APT31 intrusions in France SoWaT APT31 |
| 2021-07-21
⋅
Twitter (@billyleonard)
⋅
Tweet on APT31 using a router implant. SoWaT |
| 2021-07-21
⋅
Twitter (@AltShiftPrtScn)
⋅
Tweet on Conti ransomware actor installing AnyDesk for remote access in victim environment Conti |
| 2021-07-20
⋅
Twitter (@alexanderjaeger)
⋅
Tweet on timesketch timeline for Pegasus related activities Chrysaor |
| 2021-07-18
⋅
Twitter (@billmarczak)
⋅
Twitter thread with a couple of interesting bits from AmnestyTech's new report on Pegasus Chrysaor |
| 2021-07-17
⋅
Twitter (@_icebre4ker_)
⋅
Tweet: new version of Teabot targeting also Portugal banks Anatsa |
| 2021-07-16
⋅
Twitter (@benkow_)
⋅
Tweet on DeepRAT DeepRAT |
| 2021-07-16
⋅
Twitter (@alex_lanstein)
⋅
Tweet on attacks from UNC2652/NOBELIUM |
| 2021-07-16
⋅
Twitter (@MBThreatIntel)
⋅
Tweet on Magecart skimmer using steganography magecart |