Click here to download all references as Bib-File.•
| 2021-06-10
⋅
Twitter (@passthehashbrwn)
⋅
Hiding your syscalls |
| 2021-06-09
⋅
Twitter (@alberto__segura)
⋅
Tweet on Flubt version 4.5 FluBot |
| 2021-06-09
⋅
Twitter (@RedDrip7)
⋅
Tweet on in the wild exploit of CVE-2021-26868 (according to @_clem1) Cobalt Strike |
| 2021-06-09
⋅
Twitter (@SecurityJoes)
⋅
Tweet on .NET builder of a Ryuk imposter malware Ryuk |
| 2021-06-07
⋅
Twitter (@James_inthe_box)
⋅
Tweet on characteristic strings in snake keylogger 404 Keylogger |
| 2021-06-04
⋅
Twitter (@alex_lanstein)
⋅
Tweet on UNC2652/NOBELIUM targeting IOS users exploiting CVE-2021-1879 Cobalt Strike |
| 2021-06-03
⋅
Twitter (@alberto__segura)
⋅
Tweet on decrypting FluBot strings FluBot |
| 2021-06-03
⋅
Twitter (@James_inthe_box)
⋅
Tweet on AskarLoader malware |
| 2021-06-02
⋅
Twitter (@xorhex)
⋅
Tweet on new variant of PlugX from RedDelta Group PlugX |
| 2021-06-02
⋅
xorhex blog
⋅
RedDelta PlugX Undergoing Changes and Overlapping Again with Mustang Panda PlugX Infrastructure PlugX |
| 2021-05-31
⋅
Twitter (@alberto__segura)
⋅
Tweet on Flubot version 4.4 FluBot |
| 2021-05-29
⋅
Twitter (@elisalem9)
⋅
Tweet on obfuscation mechanism and extraction procedure of COBALTSTRIKE beacon module used by NOBELIUM/UNC2452 Cobalt Strike |
| 2021-05-28
⋅
Twitter (@Jacob_Pimental)
⋅
Tweet on REvil ver 2.07 REvil |
| 2021-05-28
⋅
Twitter (@MBThreatIntel)
⋅
Tweet on web skimmer hiding JavaScript inside images for exfiltration |
| 2021-05-27
⋅
xorhex blog
⋅
Mustang Panda PlugX - Reused Mutex and Folder Found in the Extracted Config PlugX |
| 2021-05-21
⋅
Twitter (@alberto__segura)
⋅
Tweet on Flubot version 4.2 (p.php variant) with new AES strings encryption FluBot |
| 2021-05-20
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on Java-based STRRAT malware campaign distributed via email STRRAT |
| 2021-05-19
⋅
Twitter (@ThreatFabric)
⋅
Tweet on Anatsa android banking trojan targeting 7 more italian banks Anatsa |
| 2021-05-17
⋅
xorhex blog
⋅
Mustang Panda PlugX - 45.251.240.55 Pivot PlugX |
| 2021-05-15
⋅
Twitter (@xuy1202)
⋅
Tweet on Necro using hardcoded onion address as a gateway for TOR CC N3Cr0m0rPh |