Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-06SpamhausRaashid Bhat
Neutralizing Tofsee Spambot – Part 3 | Network-based kill switch
Tofsee
2023-04-06SpamhausRaashid Bhat
Neutralizing Tofsee Spambot – Part 2 | InMemoryConfig store vaccine
Tofsee
2023-04-06SpamhausRaashid Bhat
Neutralizing Tofsee Spambot – Part 1 | Binary file vaccine
Tofsee
2023-04-05GoogleAdam Weidemann, Google Threat Analysis Group
How we’re protecting users from government-backed attacks from North Korea
BabyShark
2023-04-05velociraptorMatt Green
Automating Qakbot Decode At Scale
QakBot
2023-04-05Outpost24Alberto Marín
Everything you need to know about the LummaC2 Stealer: Leveraging IDA Python and Unicorn to deobfuscate Windows API Hashing
Lumma Stealer
2023-04-05Medium IlanduIlan Duhin
PortDoor - APT Backdoor analysis
ACBackdoor 8.t Dropper PortDoor
2023-04-04Team CymruS2 Research Team, Team Cymru
A Blog with NoName
Dosia
2023-04-04SymantecThreat Hunter Team
Mantis: New Tooling Used in Attacks Against Palestinian Targets
Arid Gopher Micropsia
2023-04-04Group-IBAndrey Zhdanov, Vladislav Azersky
The old way: BabLock, new ransomware quietly cruising around Europe, Middle East, and Asia
Rorschach Ransomware
2023-04-04Cisco TalosEdmund Brumaghin
Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities
Typhon Stealer
2023-04-04Check Point ResearchJiří Vinopal
Rorschach – A New Sophisticated and Fast Ransomware
Rorschach Ransomware
2023-04-03MandiantEduardo Mattos, JASON DEYALSINGH, Nick Richard, NICK SMITH, Tyler McLellan
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
LaZagne BlackCat MimiKatz
2023-04-03Twitter (@kucher1n)Georgy Kucherin
Tweet on an alternative Guporam sample
Gopuram
2023-04-03Kaspersky LabsGeorgy Kucherin
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
Gopuram
2023-04-03TrellixAlexandre Mundo, Max Kersten
A Royal Analysis of Royal Ransom
Royal Ransom
2023-04-03Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
Malware Analysis - 3CX SmoothOperator ffmpeg.dll with Binary Ninja
3CX Backdoor
2023-04-03The DFIR ReportThe DFIR Report
Malicious ISO File Leads to Domain Wide Ransomware
Cobalt Strike IcedID Mount Locker
2023-04-02OALabsSergei Frankoff
AresLoader Taking a closer look at this new loader
AresLoader
2023-04-01Objective-SeePatrick Wardle
Ironing out (the macOS) details of a Smooth Operator (Part II)
3CX Backdoor