Click here to download all references as Bib-File.•
| 2022-01-11
⋅
CrowdStrike
⋅
TellYouThePass Ransomware Analysis Reveals a Modern Reinterpretation Using Golang TellYouThePass |
| 2022-01-11
⋅
Check Point
⋅
APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit APT35 |
| 2022-01-11
⋅
Cybereason
⋅
Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike Cobalt Strike QakBot Squirrelwaffle |
| 2022-01-11
⋅
Intezer
⋅
New SysJoker Backdoor Targets Windows, Linux, and macOS SysJoker SysJoker SysJoker |
| 2022-01-10
⋅
splunk
⋅
Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021 Remcos |
| 2022-01-10
⋅
Lab52
⋅
TokyoX: DLL side-loading an unknown artifact TokyoX |
| 2022-01-10
⋅
Fortinet
⋅
COVID Omicron Variant Lure Used to Distribute RedLine Stealer RedLine Stealer |
| 2022-01-10
⋅
Cado Security
⋅
Abcbot - An Evolution of Xanthe Abcbot Xanthe |
| 2022-01-09
⋅
Github (xephora)
⋅
Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware Choziosi Choziosi |
| 2022-01-09
⋅
YouTube (0xca7)
⋅
Cat vs. RAT II - Bitrat BitRAT |
| 2022-01-09
⋅
Atomic Matryoshka
⋅
Malware Headliners: Dridex Dridex |
| 2022-01-09
⋅
forensicitguy
⋅
Inspecting a PowerShell Cobalt Strike Beacon Cobalt Strike |
| 2022-01-09
⋅
muha2xmad
⋅
Unpacking Vmprotect packer |
| 2022-01-09
⋅
Twitter (@sixdub)
⋅
Tweet on malicious document used by Gamaredon aka DEV-0157 |
| 2022-01-08
⋅
muha2xmad
⋅
Unpacking Hancitor malware Hancitor |
| 2022-01-08
⋅
Bleeping Computer
⋅
Trojanized dnSpy app drops malware cocktail on researchers, devs Quasar RAT |
| 2022-01-07
⋅
Cloudsek
⋅
Technical Analysis of Code-Signed “Blister” Malware Campaign (Part 1) Blister |
| 2022-01-07
⋅
muha2xmad
⋅
Unpacking Emotet malware part 02 Emotet |
| 2022-01-07
⋅
Bill Demirkapi's Blog
⋅
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit |
| 2022-01-07
⋅
Malwarebytes
⋅
Patchwork APT caught in its own web BadNews |