Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-17Github (pan-unit42)Brad Duncan
IOCs for Astaroth/Guildma malware infection
Astaroth
2021-12-30InfoSec Handlers Diary BlogBrad Duncan
Agent Tesla Updates SMTP Data Exfiltration Technique
Agent Tesla
2021-12-16InfoSec Handlers Diary BlogBrad Duncan
How the "Contact Forms" campaign tricks people
IcedID
2021-12-03SANS ISC InfoSec ForumsBrad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
IcedID
2021-11-16InfoSec Handlers Diary BlogBrad Duncan
Emotet Returns
Emotet
2021-10-18paloalto Netoworks: Unit42Brad Duncan
Case Study: From BazarLoader to Network Reconnaissance
BazarBackdoor Cobalt Strike
2021-09-30Palo Alto Networks Unit 42Brady Stout
Credential Harvesting at Scale Without Malware
2021-09-29Malware Traffic AnalysisBrad Duncan
Hancitor with Cobalt Strike
Cobalt Strike Hancitor
2021-09-29Malware Traffic AnalysisBrad Duncan
2021-09-29 (Wednesday) - Hancitor with Cobalt Strike
Cobalt Strike Hancitor
2021-09-17Malware Traffic AnalysisBrad Duncan
2021-09-17 - SQUIRRELWAFFLE Loader with Cobalt Strike
Cobalt Strike Squirrelwaffle
2021-09-01InfoSec Handlers Diary BlogBrad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
STRRAT
2021-08-11CybereasonTony Bradley
The Rising Threat from LockBit Ransomware
LockBit
2021-07-09InfoSec Handlers Diary BlogBrad Duncan
Hancitor tries XLL as initial malware file
Cobalt Strike Hancitor
2021-05-24Jamf BlogJaron Bradley
Zero-Day TCC bypass discovered in XCSSET malware
XCSSET
2021-05-19Palo Alto Networks Unit 42Brad Duncan
BazarCall: Call Centers Help Spread BazarLoader Malware
BazarBackdoor campoloader
2021-05-17TalosBrad Garnett
Case Study: Incident Response is a relationship-driven business
Cobalt Strike
2021-04-26Jamf BlogJaron Bradley
Shlayer malware abusing Gatekeeper bypass on macOS
Shlayer
2021-04-14InfoSec Handlers Diary BlogBrad Duncan
April 2021 Forensic Quiz: Answers and Analysis
Anchor BazarBackdoor Cobalt Strike
2021-04-07Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Examining Traffic from Hancitor Infections
Hancitor
2021-04-01Palo Alto Networks Unit 42Brad Duncan, Vijay Prakash
Wireshark Tutorial: Decrypting RDP Traffic