Click here to download all references as Bib-File.•
| 2023-04-07
⋅
Elastic
⋅
Attack chain leads to XWORM and AGENTTESLA Agent Tesla XWorm |
| 2023-03-30
⋅
Elastic
⋅
Elastic users protected from SUDDENICON’s supply chain attack 3CX Backdoor |
| 2023-03-27
⋅
Elastic
⋅
REF2924: how to maintain persistence as an (advanced?) threat Godzilla Webshell Behinder NAPLISTENER SiestaGraph REF2924 |
| 2023-03-20
⋅
Elastic
⋅
NAPLISTENER: more bad dreams from developers of SIESTAGRAPH NAPLISTENER SiestaGraph |
| 2023-03-17
⋅
Elastic
⋅
Thawing the permafrost of ICEDID Summary IcedID PhotoLoader |
| 2023-02-02
⋅
Elastic
⋅
Update to the REF2924 intrusion set and related campaigns DoorMe ShadowPad SiestaGraph |
| 2022-12-16
⋅
Elastic
⋅
SiestaGraph: New implant uncovered in ASEAN member foreign ministry DoorMe SiestaGraph |
| 2022-10-31
⋅
Elastic
⋅
ICEDIDs network infrastructure is alive and well IcedID |
| 2022-10-28
⋅
Elastic
⋅
EMOTET dynamic config extraction Emotet |
| 2022-09-09
⋅
Elastic
⋅
BUGHATCH Malware Analysis BUGHATCH |
| 2022-08-24
⋅
Elastic
⋅
QBOT Malware Analysis QakBot |
| 2022-07-27
⋅
Elastic
⋅
Exploring the QBOT Attack Pattern QakBot |
| 2022-07-27
⋅
Elastic
⋅
QBOT Configuration Extractor QakBot |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Campaign Analysis Cobalt Strike Cuba Meterpreter MimiKatz SystemBC |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Malware Analysis Cuba |
| 2022-05-17
⋅
Elastic
⋅
A peek behind the BPFDoor BPFDoor |
| 2022-05-05
⋅
Elastic
⋅
BLISTER Loader Blister |
| 2022-03-07
⋅
Elastic
⋅
PHOREAL Malware Targets the Southeast Asian Financial Sector PHOREAL |
| 2022-03-01
⋅
Elastic
⋅
Elastic protects against data wiper malware targeting Ukraine: HERMETICWIPER HermeticWiper |
| 2022-02-07
⋅
Elastic
⋅
Exploring Windows UAC Bypasses: Techniques and Detection Strategies |