Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-03-31Twitter (@fr0gger)Thomas Roccia
Tweet with visual summary of the execution flow
xzbot
2024-03-30Twitter (@embee_research)Embee_research
Uncovering APT Infrastructure with Passive DNS Pivoting
2024-03-27Twitter (@embee_research)Embee_research
Uncovering Malicious Infrastructure with DNS Pivoting
LokiBot XWorm
2024-03-18Twitter (@juanandres_gs)Juan Andrés Guerrero-Saade
Twitter thread on the sample identified
AcidPour
2024-03-07Twitter (@H4ckManac)HackManac
Duvel reportedly compromised by Stormous ransomware group
Stormous
2024-03-02Twitter (@SinghSoodeep)Sudeep Singh
Tweet on WINELOADER targeting with German embassy themed lure
WINELOADER
2024-02-28Twitter (@haxrob)haxrob
Tweet series regarding GTPDOOR
GTPDOOR
2024-02-27Twitter (@greglesnewich)Greg Lesnewich
Tweet with context on TA421 / APT29 / Midnight Blizzard / BlueBravo / Cozy Bear
WINELOADER
2024-02-26Twitter (@embee_research)Embee_research
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples
NetSupportManager RAT
2024-01-05Twitter (@X__Junior)Mohamed Ashraf
Tweet about a SpectralBlur Linux sample
SpectralBlur
2024-01-05Twitter (@greglesnewich)Greg Lesnewich
Tweets about a SpectralBlur a macOS sample
SpectralBlur
2023-12-20Twitter (@embee_research)Embee_research
Defeating Obfuscated Malware Scripts - Cobalt Strike
Cobalt Strike
2023-12-19Twitter (@embee_research)Embee_research
Free Ghidra Tutorials for Beginners
Cobalt Strike DarkGate
2023-12-08Twitter (@embee_research)Embee_research
Ghidra Basics - Manual Shellcode Analysis and C2 Extraction
Cobalt Strike
2023-12-08Twitter (@Myrtus0x0)Myrtus 0x0
Tweet naming the family
Latrodectus
2023-12-06Twitter (@embee_research)Embee_research
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings
Vidar
2023-12-03Twitter (@vxunderground)VX-Underground
Tweet about ALPHV group compromising Tipalti to pressure its clients.
BlackCat BlackCat
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-30Twitter (@embee_research)Embee_research
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates
QakBot
2023-11-27Twitter (@embee_research)Embee_research
Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian)
BianLian