Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-11Twitter (@cglyer)Christopher Glyer
Tweet on CN based ransomware operator using log4shell to deploy NightSky
NightSky BRONZE STARLIGHT
2022-01-11CISACISA, FBI, NSA
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
2022-01-11BleepingComputerBill Toulas
New SysJoker backdoor targets Windows, macOS, and Linux
SysJoker SysJoker SysJoker
2022-01-11muha2xmadMuhammad Hasan Ali
Unpacking Dridex malware
Dridex
2022-01-11Twitter (@cglyer)Christopher Glyer
Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware
Cobalt Strike NightSky
2022-01-11Recorded FutureInsikt Group®
Combating Human Trafficking With Threat Intelligence
2022-01-11ESET ResearchMichal Poslušný
Signed kernel drivers – Unguarded gateway to Windows’ core
InvisiMole LoJax RobinHood Slingshot
2022-01-11CISA, FBI, NSA
Understanding and Mitigating Russian State- Sponsored Cyber Threats to U.S. Critical Infrastructure
2022-01-11CrowdStrikeAnmol Maurya
TellYouThePass Ransomware Analysis Reveals a Modern Reinterpretation Using Golang
TellYouThePass
2022-01-11Check PointCheck Point Research
APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit
APT35
2022-01-11CybereasonChen Erlich, Daichi Shimabukuro, Niv Yona, Ofir Ozer, Omri Refaeli
Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle
2022-01-11IntezerAvigayil Mechtinger, Nicole Fishbein, Ryan Robinson
New SysJoker Backdoor Targets Windows, Linux, and macOS
SysJoker SysJoker SysJoker
2022-01-10splunkSplunk Threat Research Team
Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Remcos
2022-01-10Lab52ml10
TokyoX: DLL side-loading an unknown artifact
TokyoX
2022-01-10FortinetFred Gutierrez, Shunichi Imano
COVID Omicron Variant Lure Used to Distribute RedLine Stealer
RedLine Stealer
2022-01-10Cado SecurityMatt Muir
Abcbot - An Evolution of Xanthe
Abcbot Xanthe
2022-01-09Github (xephora)@x3ph1
Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware
Choziosi Choziosi
2022-01-09YouTube (0xca7)0xca7
Cat vs. RAT II - Bitrat
BitRAT
2022-01-09Atomic Matryoshkaz3r0day_504
Malware Headliners: Dridex
Dridex
2022-01-09forensicitguyTony Lambert
Inspecting a PowerShell Cobalt Strike Beacon
Cobalt Strike