Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-13SyrionRaffaele Sabato
QAKBOT BB Configuration and C2 IPs List
QakBot
2022-10-13Bleeping ComputerSergiu Gatlan
Trend Micro warns of actively exploited Apex One RCE vulnerability (CVE-2022-40139)
2022-10-13MicrosoftMicrosoft Threat Hunting, MSRC Team
Hunting for Cobalt Strike: Mining and plotting for fun and profit
Cobalt Strike
2022-10-13SpamhausSpamhaus Malware Labs
Spamhaus Botnet Threat Update Q3 2022
FluBot Arkei Stealer AsyncRAT Ave Maria BumbleBee Cobalt Strike DCRat Dridex Emotet Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT QakBot RecordBreaker RedLine Stealer Remcos Socelars Tofsee Vjw0rm
2022-10-13FortinetJames Slaughter, Shunichi Imano
Ransomware Roundup: Royal Ransomware
Royal Ransom
2022-10-13HPPatrick Schläpfer
Magniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates
Magniber
2022-10-13Booz Allen HamiltonBooz Allen Hamilton
Same Cloak, More Dagger: Decoding how the People's Republic of China uses Cyberattacks
2022-10-13BlackberryThe BlackBerry Research & Intelligence Team
BianLian Ransomware Encrypts Files in the Blink of an Eye
BianLian
2022-10-12AhnLabASEC
Analysis on Attack Techniques and Cases Using RDP
CreateHiddenAccount
2022-10-12ThreatFabricThreatFabric
TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks
BRATA Copybara Joker
2022-10-12Trend MicroIan Kenefick, Lucas Silva, Nicole Hernandez
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
Black Basta Brute Ratel C4 Cobalt Strike QakBot
2022-10-12NetresecErik Hjelmvik
IcedID BackConnect Protocol
IcedID
2022-10-12Twitter (@embee_research)Embee_research, Huntress Labs
Tweets on detection of Brute Ratel via API Hashes
Brute Ratel C4
2022-10-12SentinelOneAmitai Ben Shushan Ehrlich, Joey Chen
WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware
Maggie ScreenCap WIP19
2022-10-12SpamhausRaashid Bhat
Dissecting the new shellcode-based variant of GuLoader (CloudEyE)
CloudEyE
2022-10-12AhnLabASEC Analysis Team
Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)
2022-10-11Twitter (@embee_research)Embee_research, Huntress Labs
Tweet on Havoc C2 - Static Detection Via Ntdll API Hashes
Havoc
2022-10-11Medium (@DCSO_CyTec)Axel Wauer, Denis Szadkowski, Johann Aydinbas
Tracking down Maggie
Maggie
2022-10-11DeepInstinctDeep Instinct Threat Lab
The Russian SpyAgent – a Decade Later and RAT Tools Remain at Risk
TeamSpy
2022-10-11BleepingComputerBill Toulas
Hacking group POLONIUM uses ‘Creepy’ malware against Israel
DeepCreep MegaCreep Unidentified 097 (Polonium Keylogger)