Click here to download all references as Bib-File.•
| 2025-04-16
⋅
SpyCloud
⋅
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats Black Basta Black Basta |
| 2025-04-08
⋅
Trustwave
⋅
A deep Dive into the Leaked Black Basta Chat Logs Black Basta Black Basta |
| 2025-03-31
⋅
Seqrite
⋅
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs Cobalt Strike HollowQuill |
| 2025-03-31
⋅
Trend Micro
⋅
The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques Godzilla Webshell Cobalt Strike RAILSETTER Earth Alux |
| 2025-03-18
⋅
Expel
⋅
Code-signing certificate abuse in the Black Basta chat leaks (and how to fight back) Black Basta Black Basta |
| 2025-03-12
⋅
Youtube (AhmedS Kasmani)
⋅
Initial Analysis of Black Basta Chat Leaks Black Basta Black Basta |
| 2025-03-11
⋅
Hunt.io
⋅
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure |
| 2025-03-11
⋅
Trend Micro
⋅
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution Lumma Stealer SmartLoader |
| 2025-03-06
⋅
Medium SarvivaMalwareAnalyst
⋅
XWorm Attack Chain: Leveraging Steganography from Phishing Email to Keylogging via C2 Communication XWorm |
| 2025-03-05
⋅
eSentire
⋅
Initial Takeaways from the Black Basta Chat Leaks Black Basta Black Basta |
| 2025-02-28
⋅
Intel 471
⋅
Black Basta exposed: A look at a cybercrime data leak Black Basta Black Basta |
| 2025-02-15
⋅
⋅
Youtube (greenplan)
⋅
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of a custom obfuscation algorithm Emmenhtal |
| 2025-02-02
⋅
Team82
⋅
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated… CMS8000 Backdoor |
| 2025-01-13
⋅
⋅
Cert-AgID
⋅
Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso Lumma Stealer |
| 2025-01-07
⋅
SOCRadar
⋅
Turla Cyber Campaign Targeting Pakistan’s Critical Infrastructure |
| 2025-01-07
⋅
Hunt.io
⋅
Golang Beacons and VS Code Tunnels: Tracking a Cobalt Strike Server Leveraging Trusted Infrastructure Cobalt Strike |
| 2024-12-29
⋅
cocomelonc
⋅
Malware and cryptography 38 - Encrypt/decrypt payload via Camellia cipher. S-box analyses examples. Simple C example. |
| 2024-11-19
⋅
Palo Alto Networks Unit 42
⋅
FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications FrostyGoop |
| 2024-11-19
⋅
CrowdStrike
⋅
Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector LIMINAL PANDA |
| 2024-11-06
⋅
Sophos
⋅
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign GootLoader |