Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-10-05Twitter (@embee_research)Embee_research
Introduction to DotNet Configuration Extraction - RevengeRAT
Revenge RAT
2023-10-04Twitter (@embee_research)Embee_research
Developing Yara Signatures for Malware - Practical Examples
DarkGate Lu0Bot
2023-10-04Twitter (@Intrisec)CTI Intrinsec
Tweet about new Bumblebee campaign leveraging CVE-2023-38831
BumbleBee
2023-10-03Twitter (@ShilpeshTrivedi)Shilpesh Trivedi
Tweet about possible Rebranding/Deriviate for ERMAC called Rusty Droid
ERMAC
2023-09-11Twitter (@Artilllerie)@Artilllerie
Tweet on BumbleBee sample containing a DGA
BumbleBee
2023-09-07Twitter (@Intrisec)CTI Intrinsec
Tweets on Bumblebee campaign spreading via Html smuggling downloading RAR archive with European Central Bank PDF lure and folder containing Bumblebee EXE payload.
BumbleBee
2023-08-28Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on AiTM phishing trends
Storm-1295
2023-08-23Twitter (@embee_research)Embee_research, Huntress Labs
Extracting Xworm from Bloated Golang Executable
XWorm
2023-08-23Twitter (@embee_research)Embee_research, Huntress Labs
Extracting Xworm from Bloated Golang Executable
XWorm
2023-08-23Twitter (@cyberwar_15)cyberwar_15
Tweet about VT upload of "Cloud agnostic IAM permissions enumerator" from North Korea
2023-08-11Twitter (@MalGamy12)Gameel Ali
Tweet on Astasia loader
Astasia
2023-08-10Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on the sample discovery
Unidentified 109 (Lazarus?)
2023-08-08Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet about INC ransomware
INC
2023-08-08Twitter (@suyog41)Yogesh Londhe
Twitter Thread describing the Stealer
PXRECVOWEIWOEI
2023-07-19Twitter (@h2jazi)Hossein Jazi
Tweet on observation with Korean targeting, suspecting Lazarus
Unidentified 105
2023-07-19Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard
DeliveryCheck Kazuar
2023-07-11Twitter (@embee_research)Embee_research
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp
DarkSide
2023-06-30Twitter (@rivitna2)@rivitna2
Twitter thread about relationship between 8Base and Phobos ransomware
8Base Phobos
2023-06-24Twitter (@embee_research)Embee_research
SmokeLoader - Malware Analysis and Decoding With Procmon
SmokeLoader
2023-06-08Twitter (@embee_research)Embee_research
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries
Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker