Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-01Palo Alto Networks Unit 42Brad Duncan
Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool
Cobalt Strike Hancitor Moskalvzapoe
2021-03-30YouTube ( malware-traffic-analysis.net)Brad Duncan
2021-03-29 BazaCall (BazarCall) Example
BazarBackdoor
2021-02-03InfoSec Handlers Diary BlogBrad Duncan
Excel spreadsheets push SystemBC malware
Cobalt Strike SystemBC
2021-01-19Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Examining Emotet Infection Traffic
Emotet GootKit IcedID QakBot TrickBot
2021-01-13InfoSec Handlers Diary BlogBrad Duncan
Hancitor activity resumes after a hoilday break
Hancitor
2021-01-07Palo Alto Networks Unit 42Brad Duncan
TA551: Email Attack Campaign Switches from Valak to IcedID
IcedID
2020-12-17MicrosoftBrad Smith
A moment of reckoning: the need for a strong and global cybersecurity response
SUNBURST
2020-12-09InfoSec Handlers Diary BlogBrad Duncan
Recent Qakbot (Qbot) activity
Cobalt Strike QakBot
2020-10-29Palo Alto Networks Unit 42Brad Duncan, Brittany Barbehenn, Doel Santos
Threat Assessment: Ryuk Ransomware and Trickbot Targeting U.S. Healthcare and Public Health Sector
Anchor BazarBackdoor Ryuk TrickBot
2020-09-23paloalto Netoworks: Unit42Brad Duncan
Case Study: Emotet Thread Hijacking, an Email Attack Technique
Emotet
2020-09-10SANS ISC InfoSec ForumsBrad Duncan
Recent Dridex activity
Dridex
2020-09-07Github (pan-unit42)Brad Duncan
Collection of recent Dridex IOCs
Cutwail Dridex
2020-08-21Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Decrypting HTTPS Traffic
Dridex
2020-07-24Palo Alto Networks Unit 42Brad Duncan
Evolution of Valak, from Its Beginnings to Mass Distribution
Valak
2020-05-28Palo Alto Networks Unit 42Brad Duncan
Goodbye Mworm, Hello Nworm: TrickBot Updates Propagation Module
TrickBot
2020-04-03Palo Alto Networks Unit 42Brad Duncan
GuLoader: Malspam Campaign Installing NetWire RAT
CloudEyE NetWire RC
2020-02-13Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Examining Qakbot Infections
QakBot
2020-01-23SANS ISC InfoSec ForumsBrad Duncan
German language malspam pushes Ursnif
ISFB
2019-12-23Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Examining Ursnif Infections
ISFB
2019-12-19Twitter (@malware_traffic)Brad Duncan
Tweet on Valak Malware
Valak