Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-07SANS ISCBrad Duncan
Emotet infection with Cobalt Strike
Cobalt Strike Emotet
2022-06-30Trend MicroEmmanuel Panopio, James Panlilio, John Kenneth Reyes, Kenneth Adrian Apostol, Melvin Singwa, Mirah Manlapig, Paolo Ronniel Labrador
Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit
Black Basta Cobalt Strike QakBot
2022-06-17SANS ISCBrad Duncan
Malspam pushes Matanbuchus malware, leads to Cobalt Strike
Cobalt Strike Matanbuchus
2022-06-09InfoSec Handlers Diary BlogBrad Duncan
TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)
QakBot
2022-05-19InfoSec Handlers Diary BlogBrad Duncan
Bumblebee Malware from TransferXL URLs
BumbleBee Cobalt Strike
2022-05-19InfoSec Handlers Diary BlogBrad Duncan
Bumblebee Malware from TransferXL URLs
BumbleBee Cobalt Strike
2022-05-17Palo Alto Networks Unit 42Brad Duncan
Emotet Summary: November 2021 Through January 2022
Emotet
2022-05-16Jamf BlogJaron Bradley, Matt Benyo, Stuart Ashenbrenner
UpdateAgent Adapts Again
UpdateAgent
2022-05-11SANS ISCBrad Duncan
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware
BumbleBee
2022-05-11InfoSec Handlers Diary BlogBrad Duncan
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware
BumbleBee Cobalt Strike IcedID PhotoLoader
2022-04-20SANS ISCBrad Duncan
'aa' distribution Qakbot (Qbot) infection with DarkVNC traffic
QakBot
2022-04-06SANS ISCBrad Duncan
Windows MetaStealer Malware
2022-04-06InfoSec Handlers Diary BlogBrad Duncan
Windows MetaStealer Malware
MetaStealer
2022-03-23InfoSec Handlers Diary BlogBrad Duncan
Arkei Variants: From Vidar to Mars Stealer
Arkei Stealer Mars Stealer Oski Stealer Vidar
2022-03-23InfoSec Handlers Diary BlogBrad Duncan
Arkei Variants: From Vidar to Mars Stealer
Arkei Stealer Mars Stealer Vidar
2022-03-16InfoSec Handlers Diary BlogBrad Duncan
Qakbot infection with Cobalt Strike and VNC activity
Cobalt Strike QakBot
2022-03-16SANS ISCBrad Duncan
Qakbot infection with Cobalt Strike and VNC activity
Cobalt Strike QakBot
2022-02-15Palo Alto Networks Unit 42Brad Duncan, Micah Yates, Saqib Khanzada, Tyler Halfpop
New Emotet Infection Method
Emotet
2022-01-25SANS ISCBrad Duncan
Emotet Stops Using 0.0.0.0 in Spambot Traffic
Emotet
2022-01-19InfoSec Handlers Diary BlogBrad Duncan
0.0.0.0 in Emotet Spambot Traffic
Emotet