Click here to download all references as Bib-File.•
| 2022-03-16
⋅
SANS ISC
⋅
Qakbot infection with Cobalt Strike and VNC activity Cobalt Strike QakBot |
| 2022-02-18
⋅
SANS ISC
⋅
Remcos RAT Delivered Through Double Compressed Archive Remcos |
| 2022-02-11
⋅
blog.rootshell.be
⋅
[SANS ISC] CinaRAT Delivered Through HTML ID Attributes Quasar RAT |
| 2022-01-25
⋅
SANS ISC
⋅
Emotet Stops Using 0.0.0.0 in Spambot Traffic Emotet |
| 2022-01-20
⋅
blog.rootshell.be
⋅
[SANS ISC] RedLine Stealer Delivered Through FTP RedLine Stealer |
| 2022-01-20
⋅
SANS ISC InfoSec Forums
⋅
RedLine Stealer Delivered Through FTP RedLine Stealer |
| 2021-12-03
⋅
SANS ISC InfoSec Forums
⋅
TA551 (Shathak) pushes IcedID (Bokbot) IcedID |
| 2020-11-19
⋅
SANS ISC InfoSec Forums
⋅
PowerShell Dropper Delivering Formbook Formbook |
| 2020-10-26
⋅
SANS ISC InfoSec Forums
⋅
Excel 4 Macros: "Abnormal Sheet Visibility" |
| 2020-09-10
⋅
SANS ISC InfoSec Forums
⋅
Recent Dridex activity Dridex |
| 2020-03-23
⋅
SANS ISC
⋅
KPOT Deployed via AutoIt Script KPOT Stealer |
| 2020-02-03
⋅
SANS ISC
⋅
Analysis of a triple-encrypted AZORult downloader Azorult |
| 2020-01-23
⋅
SANS ISC InfoSec Forums
⋅
German language malspam pushes Ursnif ISFB |
| 2019-05-07
⋅
SANS ISC InfoSec Forums
⋅
Vulnerable Apache Jenkins exploited in the wild kerberods |
| 2019-02-20
⋅
SANS ISC InfoSec Forums
⋅
More Russian language malspam pushing Shade (Troldesh) ransomware Troldesh |
| 2019-01-17
⋅
SANS ISC InfoSec Forums
⋅
Emotet infections and follow-up malware Emotet |
| 2018-01-17
⋅
SANS ISC
⋅
Reviewing the spam filters: Malspam pushing Gozi-ISFB ISFB |
| 2017-01-31
⋅
SANS ISC InfoSec Forums
⋅
Malicious Office files using fileless UAC bypass to drop KEYBASE malware KeyBase |
| 2017-01-21
⋅
SANS ISC InfoSec Forums
⋅
Sage 2.0 Ransomware SAGE |
| 2010-05-27
⋅
SANS ISC InfoSec Forums
⋅
Sasfis Propagation Sasfis |