Click here to download all references as Bib-File.•
| 2021-01-23
⋅
vxhive blog
⋅
Deep Dive Into SectopRat SectopRAT |
| 2021-01-23
⋅
Johannes Bader's Blog
⋅
Yet Another Bazar Loader DGA BazarBackdoor |
| 2021-01-23
⋅
NCC Group
⋅
RIFT: Analysing a Lazarus Shellcode Execution Method |
| 2021-01-22
⋅
360 netlab
⋅
Necro is going to version 3 and using PyInstaller and DGA N3Cr0m0rPh |
| 2021-01-22
⋅
Twitter (@bryceabdo)
⋅
Tweet on GRIMAGENT malware used by UNC1878 during some #RYUK intrusions in 2020 GRIMAGENT |
| 2021-01-22
⋅
Trimarc Security
⋅
LDAP Channel Binding and Signing |
| 2021-01-22
⋅
Github (Finch4)
⋅
Malware Analysis Report No2 BitRAT |
| 2021-01-22
⋅
Zscaler
⋅
DreamBus Botnet - Technical Analysis |
| 2021-01-22
⋅
InfoSec Handlers Diary Blog
⋅
Another File Extension to Block in your MTA: .jnlp |
| 2021-01-22
⋅
DomainTools
⋅
Change in Perspective on the Utility of SUNBURST-related Network Indicators SUNBURST |
| 2021-01-22
⋅
Symantec
⋅
SolarWinds: How Sunburst Sends Data Back to the Attackers SUNBURST |
| 2021-01-21
⋅
NetbyteSEC
⋅
Solarwinds Attack: Sunburst's DLL Technical Analysis SUNBURST |
| 2021-01-21
⋅
DENEXUS
⋅
Spear Phishing Targeting ICS Supply Chain - Analysis Agent Tesla |
| 2021-01-21
⋅
Medium CSIS Techblog
⋅
Silencing Microsoft Defender for Endpoint using firewall rules |
| 2021-01-21
⋅
⋅
360 Threat Intelligence Center
⋅
Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack Ave Maria |
| 2021-01-21
⋅
⋅
Netlab
⋅
Necro在频繁升级,新版本开始使用PyInstaller和DGA N3Cr0m0rPh |
| 2021-01-21
⋅
Sophos Labs
⋅
MrbMiner: Cryptojacking to bypass international sanctions |
| 2021-01-21
⋅
ESET Research
⋅
Vadokrist: A wolf in sheep’s clothing Vadokrist |
| 2021-01-21
⋅
InfoSec Handlers Diary Blog
⋅
Powershell Dropping a REvil Ransomware REvil |
| 2021-01-20
⋅
Team Cymru
⋅
MoqHao Part 1: Identifying Phishing Infrastructure MoqHao |