Click here to download all references as Bib-File.
2022-04-14 ⋅ Medium (@DCSO_CyTec) ⋅ 404 — File still found SideWinder |
2022-04-04 ⋅ The DFIR Report ⋅ Stolen Images Campaign Ends in Conti Ransomware Conti IcedID |
2022-03-12 ⋅ Twitter (@ET_Labs) ⋅ A quick thread examining the network artifacts of the HermeticWizard spreading HermeticWizard |
2022-03-10 ⋅ Twitter (@teamcymru_S2) ⋅ Tweet on Crimson RAT infrastructure used by APT36 Crimson RAT |
2022-02-28 ⋅ Twitter (@M_haggis) ⋅ Tweet on parsing Daxin driver metadata using powershell Daxin |
2022-02-26 ⋅ Atomic Matryoshka ⋅ Infographic: APTs in South America Imminent Monitor RAT Machete |
2022-02-21 ⋅ Atomic Matryoshka ⋅ Ousaban MSI Installer Analysis Ousaban |
2022-02-17 ⋅ Twitter (@Honeymoon_IoC) ⋅ Tweets on win.prometei caught via Cowrie Prometei |
2022-01-28 ⋅ Atomic Matryoshka ⋅ Malware Headliners: LokiBot Loki Password Stealer (PWS) |
2022-01-24 ⋅ Twitter (@_icebre4ker_) ⋅ Vultur Dropper on Google Play Store Vultur |
2022-01-22 ⋅ Atomic Matryoshka ⋅ Malware Headliners: Emotet Emotet |
2022-01-21 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on WhiteLambert malware Lambert |
2022-01-20 ⋅ Cybleinc ⋅ Deep Dive Into Ragnar_locker Ransomware Gang RagnarLocker |
2022-01-15 ⋅ Atomic Matryoshka ⋅ Malware Headliners: Qakbot QakBot |
2022-01-13 ⋅ Twitter (@8th_grey_owl) ⋅ Tweet on SelfMake Loader SelfMake Loader |
2022-01-09 ⋅ Atomic Matryoshka ⋅ Malware Headliners: Dridex Dridex |
2022-01-02 ⋅ Atomic Matryoshka ⋅ "Cracking Open the Malware Piñata" Series: Intro to Dynamic Analysis with RedLineStealer RedLine Stealer |
2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |
2021-11-16 ⋅ Twitter (@_icebre4ker_) ⋅ Tweet about Aberebot source code put up for sale by the developer Aberebot |
2021-11-16 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group |