Click here to download all references as Bib-File.
2022-01-15 ⋅ Huntress Labs ⋅ Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401) Cobalt Strike |
2022-01-11 ⋅ Twitter (@cglyer) ⋅ Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware Cobalt Strike NightSky |
2021-12-23 ⋅ vmware ⋅ Introducing DARTH: Distributed Analysis for Research and Threat Hunting |
2021-12-03 ⋅ vmware ⋅ TigerRAT – Advanced Adversaries on the Prowl Tiger RAT |
2021-11-16 ⋅ vmware ⋅ Monitoring Winnti 4.0 C2 Servers for Two Years Winnti |
2021-11-11 ⋅ vmware ⋅ Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer Phorpiex QakBot |
2021-09-21 ⋅ vmware ⋅ VMSA-2021-0020: What You Need to Know (CVE-2021-22005) |
2021-08-05 ⋅ Bleeping Computer ⋅ Linux version of BlackMatter ransomware targets VMware ESXi servers BlackMatter |
2021-07-26 ⋅ vmware ⋅ Hunting IcedID and unpacking automation with Qiling IcedID |
2021-07-15 ⋅ Bleeping Computer ⋅ Linux version of HelloKitty ransomware targets VMware ESXi servers HelloKitty |
2021-07-08 ⋅ vmware ⋅ IcedID: Analysis and Detection IcedID |
2021-07-01 ⋅ Threatpost ⋅ Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices REvil |
2021-06-04 ⋅ Bleeping Computer ⋅ FreakOut malware worms its way into vulnerable VMware servers N3Cr0m0rPh |
2021-03-29 ⋅ VMWare Carbon Black ⋅ Dridex Reloaded: Analysis of a New Dridex Campaign Dridex |
2021-03-25 ⋅ VMWare Carbon Black ⋅ Memory Forensics for Virtualized Hosts |
2021-02-24 ⋅ VMWare Carbon Black ⋅ Knock, knock, Neo. - Active C2 Discovery Using Protocol Emulation Cobalt Strike |
2021-02-23 ⋅ vmware ⋅ Iron Rain: Understanding Nation-State Motives and APT Groups |
2020-12-21 ⋅ US Court of Appeals for the Ninth Court ⋅ Case: 20-16408: WhatsApp et al. vs NSO Group |
2020-12-07 ⋅ NSA ⋅ Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials |
2020-07-24 ⋅ VMWare Carbon Black ⋅ TAU Threat Discovery: Cryptocurrency Clipper Malware Evolves Poulight Stealer |