Click here to download all references as Bib-File.•
| 2021-08-05
⋅
Group-IB
⋅
Prometheus TDS The key to success for Campo Loader, Hancitor, IcedID, and QBot Prometheus Backdoor Buer campoloader Hancitor IcedID QakBot |
| 2021-08-02
⋅
KELA
⋅
All Access Pass: Five Trends with Initial Access Brokers |
| 2021-07-14
⋅
Medium s2wlab
⋅
Matryoshka : Variant of ROKRAT, APT37 (Scarcruft) RokRAT |
| 2021-05-06
⋅
Group-IB
⋅
GrelosGTM group abuses Google Tag Manager to attack e-commerce websites |
| 2021-04-14
⋅
Group-IB
⋅
Lazarus BTC Changer Back in action with JS sniffers redesigned to steal crypto |
| 2021-03-15
⋅
Group-IB
⋅
JavaScript sniffers' new tricks: Analysis of the E1RB JS sniffer family |
| 2021-03-10
⋅
⋅
NTT Security
⋅
日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について Zloader |
| 2021-02-18
⋅
⋅
NTT Security
⋅
nccTrojan used in targeted attack by TA428 group against defense and aviation organizations nccTrojan |
| 2021-02-15
⋅
cyble
⋅
Ngrok Platform Abused by Hackers to Deliver a New Wave of Phishing Attacks |
| 2021-01-06
⋅
Malwarebytes
⋅
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat RokRAT |
| 2020-12-23
⋅
Group-IB
⋅
New attacks by UltraRank group |
| 2020-12-22
⋅
Prevasio
⋅
Sunburst Backdoor, Part III: DGA & Security Software (Broken Link) SUNBURST |
| 2020-12-15
⋅
Prevasio
⋅
Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware (Broken link) SUNBURST |
| 2020-12-11
⋅
⋅
NTT Security
⋅
Panda’s New Arsenal: Part 3 Smanager FunnyDream SManager Tmanger |
| 2020-12-07
⋅
Group-IB
⋅
Massive malicious campaign by FakeSecurity JS-sniffer |
| 2020-11-18
⋅
⋅
NTT Security
⋅
Panda’s New Arsenal: Part 2 Albaniiutas Albaniiutas |
| 2020-10-15
⋅
⋅
NTT Security
⋅
Panda’s New Arsenal: Part 1 Tmanger Tmanger |
| 2020-09-18
⋅
KELA
⋅
The Initial Access Broker’s Toolbox – Remote Monitoring and Management |
| 2020-09-14
⋅
Trend Micro
⋅
Analysis of a Convoluted Attack Chain Involving Ngrok |
| 2020-08-06
⋅
KELA
⋅
The Secret Life of an Initial Access Broker |