Click here to download all references as Bib-File.
2022-09-22 ⋅ Twitter (@sekoia_io) ⋅ Tweets on Lumma stealer Lumma Stealer |
2022-09-21 ⋅ Twitter (@0xToxin) ⋅ doenerium phishing campaign doenerium |
2022-09-16 ⋅ Group-IB ⋅ Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer Raccoon Vidar |
2022-08-16 ⋅ Twitter (@fumik0_) ⋅ Tweet on Lumma Stealer based on Mars Stealer Lumma Stealer |
2022-08-09 ⋅ SUCURI ⋅ Fake Instagram Verification & Twitter Badge Phishing |
2022-08-09 ⋅ Twitter (@Katechondic) ⋅ Tweet on malware, suspected to be from China based actor, targeting Taiwan Unidentified 094 |
2022-08-05 ⋅ 0xIvan ⋅ LokiBot Analysis Loki Password Stealer (PWS) |
2022-08-01 ⋅ Twitter (@sekoia_io) ⋅ Tweet on Turla's CyberAzov activity CyberAzov |
2022-07-08 ⋅ Twitter (@billyleonard) ⋅ Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users. |
2022-06-28 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on malware used against Steel Industry in Iran Meteor Predatory Sparrow |
2022-06-28 ⋅ Twitter (@_icebre4ker_) ⋅ Revive and Coper are using similar phishing template and app Coper |
2022-06-17 ⋅ Github (NtQuerySystemInformation) ⋅ A reverse engineer primer on Qakbot Dll Stager: From initial execution to multithreading. QakBot |
2022-06-14 ⋅ Twitter (@3xp0rtblog) ⋅ Tweet on Keona Clipper Keona |
2022-06-02 ⋅ Twitter (@sysopfb) ⋅ Tweets on UpdateAgent - GolangVersion UpdateAgent |
2022-05-08 ⋅ Twitter (@CraigHRowland) ⋅ Twitter Thread with description of functionality for BPFDoor BPFDoor |
2022-05-08 ⋅ Twitter (@cyb3rops) ⋅ Tweet on source code for BPFDoor found on VT BPFDoor |
2022-05-06 ⋅ Twitter (@MsftSecIntel) ⋅ Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity FAKEUPDATES Blister Cobalt Strike LockBit |
2022-05-04 ⋅ Twitter (@ESETresearch) ⋅ Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication IsaacWiper |
2022-05-04 ⋅ Twitter (@felixw3000) ⋅ Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC. Cobalt Strike IcedID PhotoLoader |
2022-04-28 ⋅ Twitter (@vinopaljiri) ⋅ #ONYX Ransomware is based on #Chaos Ransomware Builderv4 Chaos |