Click here to download all references as Bib-File.•
2024-04-03
⋅
Bleeping Computer
⋅
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack |
2024-04-03
⋅
Wired
⋅
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind xzbot |
2024-04-03
⋅
Trend Micro
⋅
Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption LockBit |
2024-04-02
⋅
Darktrace
⋅
The Early Bird Catches the Worm: Darktrace’s Hunt for Raspberry Robin Raspberry Robin |
2024-04-02
⋅
Trend Micro
⋅
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs |
2024-04-02
⋅
Forescout
⋅
“All your base are belong to us” – A probe into Chinese-connected devices in US networks |
2024-04-02
⋅
Check Point Research
⋅
Agent Tesla Targeting United States & Australia: Revealing the Attackers' Identities Agent Tesla |
2024-04-01
⋅
The DFIR Report
⋅
From OneNote to RansomNote: An Ice Cold Intrusion Cobalt Strike IcedID Nokoyawa Ransomware PhotoLoader |
2024-04-01
⋅
Github (amlweems)
⋅
Analysis Repo with honeypot and backdoor patch for xzbot xzbot |
2024-04-01
⋅
Twitter (@embee_research)
⋅
Passive DNS For Phishing Link Analysis - Identifying 36 Latrodectus Domains With Historical Records and 302 Redirects Unidentified 111 (Latrodectus) |
2024-04-01
⋅
ThreatMon
⋅
RisePro Stealer Malware Analysis Report RisePro |
2024-03-31
⋅
Check Point Research
⋅
Malware Spotlight: Linodas aka DinodasRAT for Linux Linodas |
2024-03-31
⋅
Github (karcherm)
⋅
Information about the liblzma (xz-utils) backdoor xzbot |
2024-03-31
⋅
Twitter (@fr0gger)
⋅
Tweet with visual summary of the execution flow xzbot |
2024-03-30
⋅
Estrellas's Blog
⋅
Glupteba's .NET dropper deep dive. Glupteba |
2024-03-30
⋅
Gynvael.Coldwind//vx.log
⋅
xz/liblzma: Bash-stage Obfuscation Explained xzbot |
2024-03-30
⋅
Github (smx-smx)
⋅
Gist with XZ Backdoor analysis xzbot |
2024-03-30
⋅
Twitter (@embee_research)
⋅
Uncovering APT Infrastructure with Passive DNS Pivoting |
2024-03-29
⋅
boehs.org
⋅
Everything I Know About the XZ Backdoor xzbot |
2024-03-29
⋅
CISA
⋅
Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094 xzbot |