Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-28FlashpointFlashpoint
REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout
REvil
2021-09-28ZscalerAvinash Kumar, Brett Stone-Gross
Squirrelwaffle: New Loader Delivering Cobalt Strike
Cobalt Strike Squirrelwaffle
2021-09-28HolisticInfosecRuss McRee
Zircolite vs Defense Evasion & Nobellium FoggyWeb
2021-09-28Lab52Th3spis
Winter Vivern – all Summer
2021-09-28Recorded FutureInsikt Group®
The Business of Fraud: Laundering Funds in the Criminal Underground
2021-09-28Recorded FutureInsikt Group®
4 Chinese APT Groups Identified Targeting Mail Server of Afghan Telecommunications Firm Roshan
PlugX Winnti
2021-09-28Kaspersky LabsGReAT
FinSpy: unseen findings
FinFisher FinFisher FinFisher FinFisher RAT
2021-09-28Twitter (@wvuuuuuuuuuuuuu)WVU
Tweet on ITW exploitation of CVE-2021-22005
2021-09-28Twitter (@Max_Mal_)Max Malyutin
Tweet on how to debug SquirrelWaffle
Squirrelwaffle
2021-09-27Medium ryancorRyan Cornateanu
Deobfuscating PowerShell Malware Droppers
Agent.BTZ
2021-09-27Cyber-AnubisNidal Fikri
RedLine Infostealer | Detailed Reverse Engineering
RedLine Stealer
2021-09-27Youtube (OALabs)Sergei Frankoff
Live Coding A Squirrelwaffle Malware Config Extractor
Squirrelwaffle
2021-09-27Trend MicroArianne Dela Cruz, Gilbert Sison, Joelson Soares, Ryan Maglaque, Warren Sto.Tomas
Fake Installers Drop Malware and Open Doors for Opportunistic Attackers
RedLine Stealer Socelars Vidar
2021-09-27KasperskyDmitry Galov, Leonid Bezvershenko, Marc Rivero López
BloodyStealer and gaming assets for sale
BloodyStealer
2021-09-27Security Soup BlogRyan Campbell
DoppelDridex Delivered via Slack and Discord
DoppelDridex
2021-09-27CybereasonAleksandar Milenkoski
Threat Analysis Report: Inside the Destructive PYSA Ransomware
Mespinoza
2021-09-27CynetMax Malyutin
A Virtual Baffle to Battle Squirrelwaffle
Cobalt Strike Squirrelwaffle
2021-09-27MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Ramin Nafisi
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
2021-09-27MicrosoftDetection and Response Team (DART)
A guide to combatting human-operated ransomware: Part 2
2021-09-26NSFOCUSJie Ji
Insights into Ransomware Spread Using Exchange 1-Day Vulnerabilities 1-2
Cobalt Strike LockFile