Click here to download all references as Bib-File.•
| 2023-08-07
⋅
Team Cymru
⋅
Visualizing Qakbot Infrastructure Part II: Uncharted Territory QakBot |
| 2023-08-02
⋅
Medium (@morimolymoly)
⋅
HUI Loader — Malware Analysis Note HUI Loader |
| 2023-07-28
⋅
Team Cymru
⋅
Inside the IcedID BackConnect Protocol (Part 2) IcedID |
| 2023-07-18
⋅
Symantec
⋅
FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware BlackCat Unidentified 103 (FIN8) |
| 2023-06-30
⋅
K7 Security
⋅
Cobalt Strike’s Deployment with Hardware Breakpoint for AMSI Bypass Cobalt Strike |
| 2023-06-30
⋅
Github (itaymigdal)
⋅
Formbook unpacking Formbook |
| 2023-06-21
⋅
Symantec
⋅
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries Graphican |
| 2023-06-20
⋅
SOCRadar
⋅
Cyber Shadows Pact: Darknet Parliament (KillNet, Anonymous Sudan, REvil) UserSec |
| 2023-06-15
⋅
Team Cymru
⋅
Darth Vidar: The Aesir Strike Back Vidar |
| 2023-06-15
⋅
Symantec
⋅
Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine Pteranodon |
| 2023-05-17
⋅
Team Cymru
⋅
Visualizing QakBot Infrastructure QakBot |
| 2023-05-15
⋅
Symantec
⋅
Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors Merdoor PlugX ShadowPad ZXShell Lancefly |
| 2023-05-08
⋅
Blackberry
⋅
SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey |
| 2023-04-21
⋅
Symantec
⋅
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe VEILEDSIGNAL |
| 2023-04-20
⋅
Symantec
⋅
Daggerfly: APT Actor Targets Telecoms Company in Africa MgBot |
| 2023-04-19
⋅
Symantec
⋅
Play Ransomware Group Using New Custom Data-Gathering Tools PLAY SystemBC |
| 2023-04-19
⋅
Team Cymru
⋅
AllaKore(d) the SideCopy Train AllaKore |
| 2023-04-08
⋅
Team Cymru
⋅
Deriving Insight from Threat Actor Infrastructure Raccoon |
| 2023-04-04
⋅
Team Cymru
⋅
A Blog with NoName Dosia |
| 2023-04-04
⋅
Team Cymru
⋅
A Blog with NoName Dosia |