Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-05Malwarebytes LabsThreat Intelligence Team
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla
2022-05-05BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: ZingoStealer – The Cost of “Free”
ZingoStealer
2022-05-05Troopers ConferenceBen Jackson, Will Bonner
Tinker Telco Soldier Spy (to be given 2022-06-27)
BPFDoor GALLIUM
2022-05-05Red CanaryLauren Podber, Stef Rand
Raspberry Robin gets the worm early
Raspberry Robin
2022-05-05YouTube (Chris Greer)Chris Greer
MALWARE Analysis with Wireshark // TRICKBOT Infection
TrickBot
2022-05-05Trend MicroAliakbar Zahravi, Leandro Froes, Trend Micro Research
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
NetDooka PrivateLoader
2022-05-05Intel 471Intel 471
Cybercrime loves company: Conti cooperated with other ransomware gangs
LockBit Maze RagnarLocker Ryuk
2022-05-05NCC GroupMichael Matthews, Nikolaos Pantazopoulos
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering
LCPDot
2022-05-04CywareCyware
Chinese Naikon Group Back with New Espionage Attack
APT30 Naikon
2022-05-04KasperskyDenis Legezo
A new secret stash for “fileless” malware
Cobalt Strike
2022-05-04CybereasonAkihiro Tomita, Assaf Dahan, Chen Erlich, Daniel Frank, Fusao Tanida, Niv Yona, Ofir Ozer
Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques
PRIVATELOG Spyder STASHLOG Winnti
2022-05-04Twitter (@felixw3000)Felix
Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC.
Cobalt Strike IcedID PhotoLoader
2022-05-04F-SecureRiccardo Ancarani
Scheduled Task Tampering
2022-05-04HPPatrick Schläpfer
Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware
GootLoader
2022-05-04CybereasonAkihiro Tomita, Assaf Dahan, Chen Erlich, Daniel Frank, Fusao Tanida, Niv Yona, Ofir Ozer
Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive
PRIVATELOG Spyder STASHLOG Winnti
2022-05-04CrowdStrikeSebastian Walla
Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack
2022-05-04MandiantBrandan Schondorfer, Jennifer Brito, Nader Zaveri, Tyler McLellan
Old Services, New Tricks: Cloud Metadata Abuse by UNC2903
WSO
2022-05-04Twitter (@ESETresearch)Twitter (@ESETresearch)
Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper
2022-05-04InkyRoger Kay
Fresh Phish: Britain’s National Health Service Infected by Massive Phishing Campaign
2022-05-04SophosAndreas Klopsch
Attacking Emotet’s Control Flow Flattening
Emotet