Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-03Trend MicroMohamad Mokbel
The State of SSL/TLS Certificate Usage in Malware C&C Communications
AdWind ostap AsyncRAT BazarBackdoor BitRAT Buer Chthonic CloudEyE Cobalt Strike DCRat Dridex FindPOS GootKit Gozi IcedID ISFB Nanocore RAT Orcus RAT PandaBanker Qadars QakBot Quasar RAT Rockloader ServHelper Shifu SManager TorrentLocker TrickBot Vawtrak Zeus Zloader
2021-09-03Twitter (@ESETresearch)ESET Research
Twitter thread on SPARKLOG, a launcher component for PRIVATELOG along with STASHLOG
PRIVATELOG STASHLOG
2021-09-03Seguranca InformaticaPedro Tavares
Netwalker ransomware full analysis
Mailto
2021-09-03IBMAndrew Gorecki, Camille Singleton, John Dwyer
Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight
Valak QakBot REvil
2021-09-03SophosAnand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti
2021-09-02MandiantMandiant
Advanced Persistent Threats (APTs)
APT9
2021-09-02AhnLabASEC Analysis Team
Attacks using metasploit meterpreter
Appleseed Meterpreter
2021-09-02MalwareBookReportsmuzi
Cross-Platform Java Dropper: Snake and XLoader (Mac Version)
Xloader 404 Keylogger
2021-09-02LIFARSVlad Pasca
Vjw0rm Worm/RAT
Vjw0rm
2021-09-02US Department of Health and Human ServicesHealth Sector Cybersecurity Coordination Center (HC3)
Demystifying BlackMatter
BlackMatter BlackMatter DarkSide
2021-09-02KrCertKrCERT
TTPs#6 Targeted Watering Hole Attack Strategy Analysis (SILENT CHOLLIMA)
Tiger RAT
2021-09-02nvisoMaxime Thiebaut
Anatomy and Disruption of Metasploit Shellcode
2021-09-02Twitter (@th3_protoCOL)Colin, GaborSzappanos
Tweet on Confluence Server exploitation (CVE-2021-26084) in the wild and cobaltsrike activity (mentioned in replies by GaborSzappanos)
Cobalt Strike
2021-09-02JuniperAlex Burt, Asher Langton
Attacks Continue Against Realtek Vulnerabilities
Dark
2021-09-02Bleeping ComputerSergiu Gatlan
Autodesk reveals it was targeted by Russian SolarWinds hackers
SUNBURST
2021-09-02TalosAzim Khodjibaev, Caitlin Huey, David Liebenberg, Dmytro Korzhevin
Translated: Talos' insights from the recently leaked Conti ransomware playbook
Conti
2021-09-01YouTube (Black Hat)Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment
2021-09-01YouTube (Black Hat)Junyu Zhou, Tianze Ding
Domain Borrowing: Catch My C2 Traffic if You Can
2021-09-01YouTube (Black Hat)Aragorn Tseng, Charles Li
Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network
Cobalt Strike PlugX Waterbear
2021-09-01YouTube (Black Hat)Christian Doerr, Tsuyoshi Taniguchi
How Did the Adversaries Abusing the Bitcoin Blockchain Evade Our Takeover?
Cerber Pony