Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-22The RegisterJeff Burt
What does Go-written malware look like? Here's a sample under the microscope
Arid Gopher
2022-03-22The RegisterJeff Burt
This is a BlackCat you don't want crossing your path
BlackCat BlackMatter
2022-03-16The RegisterJeff Burt
BlackBerry says extortionists erase documents if ransom unpaid
LokiLocker
2022-03-11propublicaCraig Silverman, Jeff Kao
Infamous Russian Troll Farm Appears to Be Source of Anti-Ukraine Propaganda
2022-02-180x00secjeff
Dynamically extracting the encryption key from a simple ransomware
2021-12-29Github (jeFF0Falltrades)Jeff Archer
AsyncRAT Configuration Parser
AsyncRAT
2021-11-07Palo Alto Networks Unit 42Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite
2021-11-02CyberScoopJeff Stone
US seeks extradition of alleged Ukrainian scammer arrested at Polish border stop
2021-11-01Software Engineering InstituteJeffrey Gennari
Two Tools for Malware Analysis and Reverse Engineering in Ghidra
2021-06-16Palo Alto Networks Unit 42Jeff White, Kyle Wilhoit
Matanbuchus: Malware-as-a-Service with Demonic Intentions
Matanbuchus BelialDemon
2021-03-26AccentureEric Welling, Jeff Beley, Ryan Leininger
It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims
Hades
2021-03-08Palo Alto Networks Unit 42Jeff White
Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells
CHINACHOPPER
2020-11-17CyberScoopJeff Stone
FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme
2020-11-04FireEyeJacob Thompson, Jeffrey Martin, Rapid7
In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871
2020-06-10James_inthe_box, jeFF0Falltrades, _re_fox
FRat Reporting, YARA, and IoCs
FRat Loader FRat
2020-05-07The CitizenlabChristopher Parsons, Jedidiah Crandall, Jeffrey Knockel, Lotus Ruan, Ron Deibert, Ruohan Xiong
We Chat, They Watch: How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus
2020-02-11Github (jeFF0Falltrades)Jeff Archer
Metamorfo (aka Casbaneiro)
Metamorfo Unidentified 072 (Metamorfo Loader)
2019-12-05Github (jeFF0Falltrades)Jeff Archer
PoshC2 (specifically as used by APT33)
PoshC2
2019-11-03Github (jeFF0Falltrades)Jeff Archer
DTrack
Dtrack
2019-09-14Github (jeFF0Falltrades)Jeff Archer
WSH RAT (A variant of H-Worm/Houdini)
Houdini