Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-22Twitter (@sekoia_io)sekoia
@online{sekoia:20220922:tweets:b2e9079, author = {sekoia}, title = {{Tweets on Lumma stealer}}, date = {2022-09-22}, organization = {Twitter (@sekoia_io)}, url = {https://twitter.com/sekoia_io/status/1572889505497223169}, language = {English}, urldate = {2022-10-14} } Tweets on Lumma stealer
Lumma Stealer
2022-09-21Twitter (@0xToxin)@0xToxin
@online{0xtoxin:20220921:doenerium:0441083, author = {@0xToxin}, title = {{doenerium phishing campaign}}, date = {2022-09-21}, organization = {Twitter (@0xToxin)}, url = {https://twitter.com/0xToxin/status/1572612089901993985}, language = {English}, urldate = {2022-09-22} } doenerium phishing campaign
doenerium
2022-09-16Group-IBTwitter (@GroupIB_GIB)
@online{groupibgib:20220916:uber:255f13d, author = {Twitter (@GroupIB_GIB)}, title = {{Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer}}, date = {2022-09-16}, organization = {Group-IB}, url = {https://twitter.com/GroupIB_GIB/status/1570821174736850945}, language = {English}, urldate = {2022-09-19} } Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer
Raccoon Vidar
2022-08-16Twitter (@fumik0_)fumik0
@online{fumik0:20220816:lumma:76d543a, author = {fumik0}, title = {{Tweet on Lumma Stealer based on Mars Stealer}}, date = {2022-08-16}, organization = {Twitter (@fumik0_)}, url = {https://twitter.com/fumik0_/status/1559474920152875008}, language = {English}, urldate = {2022-08-28} } Tweet on Lumma Stealer based on Mars Stealer
Lumma Stealer
2022-08-09SUCURILuke Leal
@online{leal:20220809:fake:2046fc6, author = {Luke Leal}, title = {{Fake Instagram Verification & Twitter Badge Phishing}}, date = {2022-08-09}, organization = {SUCURI}, url = {https://blog.sucuri.net/2022/08/fake-instagram-verification-twitter-badge-phishing.html}, language = {English}, urldate = {2022-08-17} } Fake Instagram Verification & Twitter Badge Phishing
2022-08-09Twitter (@Katechondic)Katechondic
@online{katechondic:20220809:malware:2d6d764, author = {Katechondic}, title = {{Tweet on malware, suspected to be from China based actor, targeting Taiwan}}, date = {2022-08-09}, organization = {Twitter (@Katechondic)}, url = {https://twitter.com/katechondic/status/1556940169483264000}, language = {English}, urldate = {2022-09-19} } Tweet on malware, suspected to be from China based actor, targeting Taiwan
Unidentified 094
2022-08-050xIvanTwitter (@viljoenivan)
@online{viljoenivan:20220805:lokibot:bb5fd5d, author = {Twitter (@viljoenivan)}, title = {{LokiBot Analysis}}, date = {2022-08-05}, organization = {0xIvan}, url = {https://ivanvza.github.io/posts/lokibot_analysis}, language = {English}, urldate = {2022-08-17} } LokiBot Analysis
Loki Password Stealer (PWS)
2022-08-01Twitter (@sekoia_io)sekoia
@online{sekoia:20220801:turlas:ec60a74, author = {sekoia}, title = {{Tweet on Turla's CyberAzov activity}}, date = {2022-08-01}, organization = {Twitter (@sekoia_io)}, url = {https://twitter.com/sekoia_io/status/1554086468104196096}, language = {English}, urldate = {2022-08-02} } Tweet on Turla's CyberAzov activity
CyberAzov
2022-07-08Twitter (@billyleonard)Billy Leonard
@online{leonard:20220708:twiiter:d77eb54, author = {Billy Leonard}, title = {{Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.}}, date = {2022-07-08}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1545461166377508865}, language = {English}, urldate = {2022-07-25} } Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.
2022-06-28Twitter (@_CPResearch_)Check Point Research
@online{research:20220628:malware:896fb41, author = {Check Point Research}, title = {{Tweet on malware used against Steel Industry in Iran}}, date = {2022-06-28}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_cpresearch_/status/1541753913732366338}, language = {English}, urldate = {2022-07-25} } Tweet on malware used against Steel Industry in Iran
Meteor Predatory Sparrow
2022-06-28Twitter (@_icebre4ker_)Fr4
@online{fr4:20220628:revive:7582d22, author = {Fr4}, title = {{Revive and Coper are using similar phishing template and app}}, date = {2022-06-28}, organization = {Twitter (@_icebre4ker_)}, url = {https://twitter.com/_icebre4ker_/status/1541875982684094465}, language = {English}, urldate = {2022-06-29} } Revive and Coper are using similar phishing template and app
Coper
2022-06-17Github (NtQuerySystemInformation)Twitter (@kasua02)
@techreport{kasua02:20220617:reverse:b218c67, author = {Twitter (@kasua02)}, title = {{A reverse engineer primer on Qakbot Dll Stager: From initial execution to multithreading.}}, date = {2022-06-17}, institution = {Github (NtQuerySystemInformation)}, url = {https://raw.githubusercontent.com/NtQuerySystemInformation/Malware-RE-papers/main/Qakbot%20report.pdf}, language = {English}, urldate = {2022-07-01} } A reverse engineer primer on Qakbot Dll Stager: From initial execution to multithreading.
QakBot
2022-06-14Twitter (@3xp0rtblog)3xp0rt
@online{3xp0rt:20220614:keona:a8f556d, author = {3xp0rt}, title = {{Tweet on Keona Clipper}}, date = {2022-06-14}, organization = {Twitter (@3xp0rtblog)}, url = {https://twitter.com/3xp0rtblog/status/1536704209760010241}, language = {English}, urldate = {2022-07-01} } Tweet on Keona Clipper
Keona
2022-06-02Twitter (@sysopfb)Jason Reaves
@online{reaves:20220602:tweets:b70da25, author = {Jason Reaves}, title = {{Tweets on UpdateAgent - GolangVersion}}, date = {2022-06-02}, organization = {Twitter (@sysopfb)}, url = {https://twitter.com/sysopfb/status/1532442456343691273}, language = {English}, urldate = {2022-06-04} } Tweets on UpdateAgent - GolangVersion
UpdateAgent
2022-05-08Twitter (@CraigHRowland)Craig Rowland
@online{rowland:20220508:twitter:bf58ca0, author = {Craig Rowland}, title = {{Twitter Thread with description of functionality for BPFDoor}}, date = {2022-05-08}, organization = {Twitter (@CraigHRowland)}, url = {https://twitter.com/CraigHRowland/status/1523266585133457408}, language = {English}, urldate = {2022-06-09} } Twitter Thread with description of functionality for BPFDoor
BPFDoor
2022-05-08Twitter (@cyb3rops)Florian Roth
@online{roth:20220508:source:86add3e, author = {Florian Roth}, title = {{Tweet on source code for BPFDoor found on VT}}, date = {2022-05-08}, organization = {Twitter (@cyb3rops)}, url = {https://twitter.com/cyb3rops/status/1523227511551033349}, language = {English}, urldate = {2022-05-09} } Tweet on source code for BPFDoor found on VT
BPFDoor
2022-05-06Twitter (@MsftSecIntel)Microsoft Security Intelligence
@online{intelligence:20220506:twitter:7a00df8, author = {Microsoft Security Intelligence}, title = {{Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity}}, date = {2022-05-06}, organization = {Twitter (@MsftSecIntel)}, url = {https://twitter.com/MsftSecIntel/status/1522690116979855360}, language = {English}, urldate = {2022-05-09} } Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity
FAKEUPDATES Blister Cobalt Strike LockBit
2022-05-04Twitter (@ESETresearch)Twitter (@ESETresearch)
@online{esetresearch:20220504:twitter:48f1a89, author = {Twitter (@ESETresearch)}, title = {{Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication}}, date = {2022-05-04}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1521910890072842240}, language = {English}, urldate = {2022-05-05} } Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper
2022-05-04Twitter (@felixw3000)Felix
@online{felix:20220504:twitter:0fb7e35, author = {Felix}, title = {{Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC.}}, date = {2022-05-04}, organization = {Twitter (@felixw3000)}, url = {https://twitter.com/felixw3000/status/1521816045769662468}, language = {English}, urldate = {2022-05-09} } Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC.
Cobalt Strike IcedID PhotoLoader
2022-04-28Twitter (@vinopaljiri)Jiří Vinopal
@online{vinopal:20220428:onyx:b2312e0, author = {Jiří Vinopal}, title = {{#ONYX Ransomware is based on #Chaos Ransomware Builderv4}}, date = {2022-04-28}, organization = {Twitter (@vinopaljiri)}, url = {https://twitter.com/vinopaljiri/status/1519645742440329216}, language = {English}, urldate = {2022-05-03} } #ONYX Ransomware is based on #Chaos Ransomware Builderv4
Chaos