Click here to download all references as Bib-File.
2022-02-17 ⋅ Twitter (@Honeymoon_IoC) ⋅ Tweets on win.prometei caught via Cowrie Prometei |
2022-02-14 ⋅ Morphisec ⋅ Journey of a Crypto Scammer - NFT-001 AsyncRAT BitRAT Remcos |
2022-02-09 ⋅ Cisco ⋅ What’s with the shared VBA code between Transparent Tribe and other threat actors? |
2022-02-08 ⋅ GuidePoint Security ⋅ Using Hindsight to Close a Cuba Cold Case Cuba |
2022-01-27 ⋅ BleepingComputer ⋅ Taiwanese Apple and Tesla contractor hit by Conti ransomware Conti |
2022-01-25 ⋅ Palo Alto Networks Unit 42 ⋅ Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies Agent Tesla |
2022-01-24 ⋅ Trend Micro ⋅ Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant LockBit LockBit |
2022-01-24 ⋅ Proofpoint ⋅ DTPacker – a .NET Packer with a Curious Password Agent Tesla |
2022-01-18 ⋅ Trend Micro ⋅ New Ransomware Spotted: White Rabbit and Its Evasion Tactics |
2022-01-16 ⋅ forensicitguy ⋅ Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike CACTUSTORCH Cobalt Strike |
2022-01-11 ⋅ Twitter (@cglyer) ⋅ Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware Cobalt Strike NightSky |
2021-12-14 ⋅ Kaspersky Labs ⋅ Owowa: the add-on that turns your OWA into a credential stealer and remote access panel Owowa |
2021-12-09 ⋅ Microsoft ⋅ A closer look at Qakbot’s latest building blocks (and how to knock them down) QakBot |
2021-12-09 ⋅ Trend Micro ⋅ The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs Dark Nexus QSnatch |
2021-12-07 ⋅ Mandiant ⋅ FIN13: A Cybercriminal Threat Actor Focused on Mexico jspRAT win.rekoobe FIN13 |
2021-12-01 ⋅ Avast ⋅ Toss a Coin to your Helper (Part 2 of 2) |
2021-11-23 ⋅ Morphisec ⋅ Babadeda Crypter targeting crypto, NFT, and DeFi communities BitRAT LockBit Remcos |
2021-11-19 ⋅ IronNet ⋅ Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict? |
2021-11-17 ⋅ Mandiant ⋅ ProxyNoShell: A Change in Tactics Exploiting ProxyShell Vulnerabilities |
2021-11-17 ⋅ Investigative reporting project Italy ⋅ Sorveglianza: l’azienda italiana che vuole sfidare i colossi NSO e Palantir Chrysaor |