Click here to download all references as Bib-File.
2022-11-16 ⋅ Medium (@DCSO_CyTec) ⋅ HZ RAT goes China HZ RAT |
2022-11-14 ⋅ Twitter (@embee_research) ⋅ Twitter thread on Yara Signatures for Qakbot Encryption Routines IcedID QakBot |
2022-11-02 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on Azov Wiper Azov Wiper |
2022-10-12 ⋅ Twitter (@embee_research) ⋅ Tweets on detection of Brute Ratel via API Hashes Brute Ratel C4 |
2022-10-11 ⋅ Twitter (@embee_research) ⋅ Tweet on Havoc C2 - Static Detection Via Ntdll API Hashes Havoc |
2022-10-11 ⋅ Medium (@DCSO_CyTec) ⋅ Tracking down Maggie Maggie |
2022-10-04 ⋅ Medium (@DCSO_CyTec) ⋅ MSSQL, meet Maggie Maggie |
2022-10-04 ⋅ Twitter (@sekoia_io) ⋅ Tweets detailing operation of Erbium stealer Erbium Stealer |
2022-09-22 ⋅ Twitter (@sekoia_io) ⋅ Tweets on Lumma stealer Lumma Stealer |
2022-09-16 ⋅ Group-IB ⋅ Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer Raccoon Vidar |
2022-08-30 ⋅ Medium the_abjuri5t ⋅ NanoCore RAT Hunting Guide Nanocore RAT |
2022-08-25 ⋅ Expel ⋅ MORE_EGGS and Some LinkedIn Resumé Spearphishing More_eggs |
2022-08-16 ⋅ Twitter (@fumik0_) ⋅ Tweet on Lumma Stealer based on Mars Stealer Lumma Stealer |
2022-08-01 ⋅ Twitter (@sekoia_io) ⋅ Tweet on Turla's CyberAzov activity CyberAzov |
2022-07-26 ⋅ Cert-UA ⋅ UAC-0010 (Armageddon) cyberattacks using the GammaLoad.PS1_v2 malware (CERT-UA#5003,5013,5069,5071) Gamaredon Group |
2022-06-28 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on malware used against Steel Industry in Iran Meteor Predatory Sparrow |
2022-06-28 ⋅ Twitter (@_icebre4ker_) ⋅ Revive and Coper are using similar phishing template and app Coper |
2022-05-12 ⋅ Cert-UA ⋅ Uac-0010 (Armageddon) cyberattacks using GammaLoad.PS1_v2 malware (CERT-UA#4634,4648) Gamaredon Group |
2022-04-27 ⋅ Binary Defense ⋅ Detecting Ransomware’s Stealthy Boot Configuration Edits |
2022-04-21 ⋅ eSentire ⋅ Hackers Spearphish Corporate Hiring Managers with Poisoned Resumes, Infecting Them with the More_Eggs Malware, Warns eSentire More_eggs TerraLoader VenomLNK |