Click here to download all references as Bib-File.•
| 2022-04-07
⋅
splunk
⋅
You Bet Your Lsass: Hunting LSASS Access Cobalt Strike MimiKatz |
| 2022-04-07
⋅
Blackberry
⋅
Threat Thursday: AvosLocker Prompts Advisory from FBI and FinCEN Avoslocker AvosLocker |
| 2022-04-07
⋅
clearskysec
⋅
Exposing the Iranian EvilNominatus Ransomware |
| 2022-04-07
⋅
Team Cymru
⋅
MoqHao Part 2: Continued European Expansion MoqHao |
| 2022-04-07
⋅
Sekoia
⋅
Mars, a red-hot information stealer Mars Stealer |
| 2022-04-06
⋅
Github (infinitumlabs)
⋅
Karakurt Hacking Team Indicators of Compromise (IOC) Cobalt Strike |
| 2022-04-05
⋅
AhnLab
⋅
Malicious Word Documents Using MS Media Player (Impersonating AhnLab) |
| 2022-04-05
⋅
Secureworks
⋅
Azure Active Directory Exposes Internal Information |
| 2022-04-05
⋅
Symantec
⋅
Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity MimiKatz SodaMaster |
| 2022-04-05
⋅
Intel 471
⋅
Move fast and commit crimes: Conti’s development teams mirror corporate tech BazarBackdoor TrickBot |
| 2022-04-01
⋅
splunk
⋅
Threat Update: CaddyWiper CaddyWiper |
| 2022-03-31
⋅
Blackberry
⋅
Threat Thursday: Malicious Macros Still Causing Chaos |
| 2022-03-31
⋅
nccgroup
⋅
Conti-nuation: methods and techniques observed in operations post the leaks Cobalt Strike Conti QakBot |
| 2022-03-30
⋅
CrowdStrike
⋅
Who is EMBER BEAR? WhisperGate |
| 2022-03-30
⋅
ASEC
⋅
Malicious Word File Targeting Corporate Users Being Distributed |
| 2022-03-29
⋅
⋅
ASEC
⋅
APT Attack Impersonating Defector Resume Form (VBS SCRIPT) |
| 2022-03-29
⋅
Symantec
⋅
Verblecon: Sophisticated New Loader Used in Low-level Attacks Verblecon |
| 2022-03-28
⋅
Avast
⋅
Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool Unidentified 091 |
| 2022-03-28
⋅
splunk
⋅
Threat Update DoubleZero Destructor DoubleZero |
| 2022-03-24
⋅
Blackberry
⋅
Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts SunSeed |