Click here to download all references as Bib-File.•
| 2022-01-16
⋅
Github (wgpsec)
⋅
CreateHiddenAccount CreateHiddenAccount |
| 2022-01-16
⋅
forensicitguy
⋅
Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike CACTUSTORCH Cobalt Strike |
| 2022-01-15
⋅
Microsoft
⋅
Malware attacks targeting Ukraine government (DEV-0586) WhisperGate |
| 2022-01-15
⋅
Huntress Labs
⋅
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401) Cobalt Strike |
| 2022-01-15
⋅
Github (eset)
⋅
Donot Team — Indicators of Compromise |
| 2022-01-15
⋅
Atomic Matryoshka
⋅
Malware Headliners: Qakbot QakBot |
| 2022-01-15
⋅
MalwareBookReports
⋅
BazarLoader - Back from Holiday Break BazarBackdoor |
| 2022-01-15
⋅
Microsoft
⋅
Destructive malware targeting Ukrainian organizations (DEV-0586) WhisperGate DEV-0586 |
| 2022-01-14
⋅
Trend Micro
⋅
Ransom.Win32.WHITERABBIT.YACAET WhiteRabbit |
| 2022-01-14
⋅
Medium (Cryptax)
⋅
Multidex trick to unpack Android/BianLian BianLian |
| 2022-01-14
⋅
FSB
⋅
Unlawful Activities of Members of an Organized Criminal Community were suppressed REvil REvil |
| 2022-01-14
⋅
Advanced Intelligence
⋅
Storm in "Safe Haven": Takeaways from Russian Authorities Takedown of REvil REvil REvil |
| 2022-01-14
⋅
Mandiant
⋅
Proactive Preparation and Hardening to Protect Against Destructive Attacks |
| 2022-01-14
⋅
Twitter (@billyleonard)
⋅
Tweet on APT28 credential phishing campaigns targeting Ukraine |
| 2022-01-14
⋅
RiskIQ
⋅
RiskIQ: Unique SSL Certificates and JARM Hash Connected to Emotet and Dridex C2 Servers Dridex Emotet |
| 2022-01-14
⋅
HP
⋅
How Attackers Use XLL Malware to Infect Systems |
| 2022-01-13
⋅
Kaspersky Labs
⋅
The BlueNoroff cryptocurrency hunt is still on CageyChameleon SnatchCrypto WebbyTea |
| 2022-01-13
⋅
muha2xmad
⋅
Unpacking Remcos malware Remcos |
| 2022-01-13
⋅
F5
⋅
FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond FluBot |
| 2022-01-13
⋅
Trustwave
⋅
Decrypting Qakbot’s Encrypted Registry Keys QakBot |