Click here to download all references as Bib-File.•
2023-10-05
⋅
Twitter (@embee_research)
⋅
Introduction to DotNet Configuration Extraction - RevengeRAT Revenge RAT |
2023-10-04
⋅
Twitter (@embee_research)
⋅
Developing Yara Signatures for Malware - Practical Examples DarkGate Lu0Bot |
2023-10-04
⋅
Twitter (@Intrisec)
⋅
Tweet about new Bumblebee campaign leveraging CVE-2023-38831 BumbleBee |
2023-10-03
⋅
Twitter (@ShilpeshTrivedi)
⋅
Tweet about possible Rebranding/Deriviate for ERMAC called Rusty Droid ERMAC |
2023-09-11
⋅
Twitter (@Artilllerie)
⋅
Tweet on BumbleBee sample containing a DGA BumbleBee |
2023-09-07
⋅
Twitter (@Intrisec)
⋅
Tweets on Bumblebee campaign spreading via Html smuggling downloading RAR archive with European Central Bank PDF lure and folder containing Bumblebee EXE payload. BumbleBee |
2023-08-28
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on AiTM phishing trends Storm-1295 |
2023-08-23
⋅
Twitter (@embee_research)
⋅
Extracting Xworm from Bloated Golang Executable XWorm |
2023-08-23
⋅
Twitter (@embee_research)
⋅
Extracting Xworm from Bloated Golang Executable XWorm |
2023-08-23
⋅
Twitter (@cyberwar_15)
⋅
Tweet about VT upload of "Cloud agnostic IAM permissions enumerator" from North Korea |
2023-08-11
⋅
Twitter (@MalGamy12)
⋅
Tweet on Astasia loader Astasia |
2023-08-10
⋅
Twitter (@malwrhunterteam)
⋅
Tweet on the sample discovery Unidentified 109 (Lazarus?) |
2023-08-08
⋅
Twitter (@malwrhunterteam)
⋅
Tweet about INC ransomware INC |
2023-08-08
⋅
Twitter (@suyog41)
⋅
Twitter Thread describing the Stealer PXRECVOWEIWOEI |
2023-07-19
⋅
Twitter (@h2jazi)
⋅
Tweet on observation with Korean targeting, suspecting Lazarus Unidentified 105 |
2023-07-19
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard DeliveryCheck Kazuar |
2023-07-11
⋅
Twitter (@embee_research)
⋅
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp DarkSide |
2023-06-30
⋅
Twitter (@rivitna2)
⋅
Twitter thread about relationship between 8Base and Phobos ransomware 8Base Phobos |
2023-06-24
⋅
Twitter (@embee_research)
⋅
SmokeLoader - Malware Analysis and Decoding With Procmon SmokeLoader |
2023-06-08
⋅
Twitter (@embee_research)
⋅
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker |