Click here to download all references as Bib-File.•
| 2021-05-17
⋅
Talos
⋅
Case Study: Incident Response is a relationship-driven business Cobalt Strike |
| 2021-05-13
⋅
Talos
⋅
Transparent Tribe APT expands its Windows malware arsenal Crimson RAT Oblique RAT |
| 2021-05-07
⋅
Cisco Talos
⋅
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs CHINACHOPPER Cobalt Strike Lemon Duck |
| 2021-04-21
⋅
Talos
⋅
A year of Fajan evolution and Bloomberg themed campaigns MASS Logger Nanocore RAT NetWire RC Revenge RAT XpertRAT |
| 2021-04-07
⋅
Talos
⋅
Sowing Discord: Reaping the benefits of collaboration app abuse |
| 2021-03-09
⋅
Cisco Talos
⋅
Hafnium Update: Continued Microsoft Exchange Server Exploitation |
| 2021-03-02
⋅
Cisco Talos
⋅
ObliqueRAT returns with new campaign using hijacked websites Oblique RAT |
| 2021-02-23
⋅
Talos
⋅
Gamaredon - When nation states don’t pay all the bills |
| 2021-02-17
⋅
Cisco Talos
⋅
Masslogger campaigns exfiltrates user credentials MASS Logger |
| 2021-02-09
⋅
Talos
⋅
Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows Loda |
| 2021-01-06
⋅
Talos
⋅
A Deep Dive into Lokibot Infection Chain Loki Password Stealer (PWS) |
| 2021-01-04
⋅
Cisco Talos
⋅
Interview with a LockBit ransomware operator LockBit |
| 2021-01-01
⋅
Talos
⋅
Evicting Maze Cobalt Strike Maze |
| 2021-01-01
⋅
Talos
⋅
Cobalt Strikes Out Cobalt Strike |
| 2020-12-21
⋅
Cisco Talos
⋅
2020: The year in malware WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader |
| 2020-12-14
⋅
Cisco Talos
⋅
Threat Advisory: SolarWinds supply chain attack SUNBURST TEARDROP |
| 2020-12-01
⋅
Talos
⋅
Xanthe - Docker aware miner Xanthe |
| 2020-11-17
⋅
Cisco Talos
⋅
Nibiru ransomware variant decryptor Nibiru |
| 2020-11-12
⋅
Talos
⋅
CRAT wants to plunder your endpoints CRAT |
| 2020-10-29
⋅
Cisco Talos
⋅
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread KnSpy |