Click here to download all references as Bib-File.•
| 2021-09-28
⋅
Zscaler
⋅
Squirrelwaffle: New Loader Delivering Cobalt Strike Cobalt Strike Squirrelwaffle |
| 2021-09-28
⋅
HolisticInfosec
⋅
Zircolite vs Defense Evasion & Nobellium FoggyWeb |
| 2021-09-28
⋅
Lab52
⋅
Winter Vivern – all Summer |
| 2021-09-28
⋅
Recorded Future
⋅
The Business of Fraud: Laundering Funds in the Criminal Underground |
| 2021-09-28
⋅
Recorded Future
⋅
4 Chinese APT Groups Identified Targeting Mail Server of Afghan Telecommunications Firm Roshan PlugX Winnti |
| 2021-09-28
⋅
Kaspersky Labs
⋅
FinSpy: unseen findings FinFisher FinFisher FinFisher FinFisher RAT |
| 2021-09-28
⋅
Twitter (@wvuuuuuuuuuuuuu)
⋅
Tweet on ITW exploitation of CVE-2021-22005 |
| 2021-09-28
⋅
Twitter (@Max_Mal_)
⋅
Tweet on how to debug SquirrelWaffle Squirrelwaffle |
| 2021-09-27
⋅
Medium ryancor
⋅
Deobfuscating PowerShell Malware Droppers Agent.BTZ |
| 2021-09-27
⋅
Cyber-Anubis
⋅
RedLine Infostealer | Detailed Reverse Engineering RedLine Stealer |
| 2021-09-27
⋅
Youtube (OALabs)
⋅
Live Coding A Squirrelwaffle Malware Config Extractor Squirrelwaffle |
| 2021-09-27
⋅
Trend Micro
⋅
Fake Installers Drop Malware and Open Doors for Opportunistic Attackers RedLine Stealer Socelars Vidar |
| 2021-09-27
⋅
Kaspersky
⋅
BloodyStealer and gaming assets for sale BloodyStealer |
| 2021-09-27
⋅
Security Soup Blog
⋅
DoppelDridex Delivered via Slack and Discord DoppelDridex |
| 2021-09-27
⋅
Cybereason
⋅
Threat Analysis Report: Inside the Destructive PYSA Ransomware Mespinoza |
| 2021-09-27
⋅
Cynet
⋅
A Virtual Baffle to Battle Squirrelwaffle Cobalt Strike Squirrelwaffle |
| 2021-09-27
⋅
Microsoft
⋅
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor |
| 2021-09-27
⋅
Microsoft
⋅
A guide to combatting human-operated ransomware: Part 2 |
| 2021-09-26
⋅
NSFOCUS
⋅
Insights into Ransomware Spread Using Exchange 1-Day Vulnerabilities 1-2 Cobalt Strike LockFile |
| 2021-09-26
⋅
DataBreaches.net
⋅
Desorden Group claims to have stolen 200 GB of data from ABX Express |