Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-17Palo Alto Networks Unit 42Brad Duncan
Emotet Summary: November 2021 Through January 2022
Emotet
2022-05-11SANS ISCBrad Duncan
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware
BumbleBee
2022-05-11InfoSec Handlers Diary BlogBrad Duncan
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware
BumbleBee Cobalt Strike IcedID PhotoLoader
2022-04-20SANS ISCBrad Duncan
'aa' distribution Qakbot (Qbot) infection with DarkVNC traffic
QakBot
2022-04-06SANS ISCBrad Duncan
Windows MetaStealer Malware
2022-04-06InfoSec Handlers Diary BlogBrad Duncan
Windows MetaStealer Malware
MetaStealer
2022-03-23InfoSec Handlers Diary BlogBrad Duncan
Arkei Variants: From Vidar to Mars Stealer
Arkei Stealer Mars Stealer Oski Stealer Vidar
2022-03-23InfoSec Handlers Diary BlogBrad Duncan
Arkei Variants: From Vidar to Mars Stealer
Arkei Stealer Mars Stealer Vidar
2022-03-16InfoSec Handlers Diary BlogBrad Duncan
Qakbot infection with Cobalt Strike and VNC activity
Cobalt Strike QakBot
2022-03-16SANS ISCBrad Duncan
Qakbot infection with Cobalt Strike and VNC activity
Cobalt Strike QakBot
2022-02-15Palo Alto Networks Unit 42Brad Duncan, Micah Yates, Saqib Khanzada, Tyler Halfpop
New Emotet Infection Method
Emotet
2022-01-25SANS ISCBrad Duncan
Emotet Stops Using 0.0.0.0 in Spambot Traffic
Emotet
2022-01-19InfoSec Handlers Diary BlogBrad Duncan
0.0.0.0 in Emotet Spambot Traffic
Emotet
2022-01-17Github (pan-unit42)Brad Duncan
IOCs for Astaroth/Guildma malware infection
Astaroth
2021-12-30InfoSec Handlers Diary BlogBrad Duncan
Agent Tesla Updates SMTP Data Exfiltration Technique
Agent Tesla
2021-12-16InfoSec Handlers Diary BlogBrad Duncan
How the "Contact Forms" campaign tricks people
IcedID
2021-12-03SANS ISC InfoSec ForumsBrad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
IcedID
2021-11-16InfoSec Handlers Diary BlogBrad Duncan
Emotet Returns
Emotet
2021-10-18paloalto Netoworks: Unit42Brad Duncan
Case Study: From BazarLoader to Network Reconnaissance
BazarBackdoor Cobalt Strike
2021-09-29Malware Traffic AnalysisBrad Duncan
Hancitor with Cobalt Strike
Cobalt Strike Hancitor