Click here to download all references as Bib-File.•
2024-01-12
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q4 2023 FluBot Hook FAKEUPDATES AsyncRAT BianLian Cobalt Strike DCRat Havoc IcedID Lumma Stealer Meterpreter NjRAT Pikabot QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver |
2024-01-09
⋅
Avast Decoded
⋅
Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police Babuk |
2024-01-01
⋅
CrowdStrike
⋅
The CrowdStrike Global Threat Report Flax Typhoon |
2023-12-30
⋅
Rewterz Information Security
⋅
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs EugenLoader POWERTRASH BATLOADER DarkGate FlawedGrace NetSupportManager RAT SectopRAT Storm-0506 |
2023-12-30
⋅
Rewterz Information Security
⋅
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs HijackLoader Storm-1674 |
2023-12-29
⋅
Security Boulevard
⋅
Microsoft Storm-1152 Crackdown: Stopping Threat Actors Storm-1152 |
2023-12-21
⋅
Fortinet
⋅
Bandook - A Persistent Threat That Keeps Evolving Bandook |
2023-12-19
⋅
Symantec
⋅
Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa MuddyC2Go |
2023-12-18
⋅
Rewterz Information Security
⋅
Rewterz Threat Update – Microsoft Warns of Emerging Threat by Storm-0539 Behind Gift Card Frauds Storm-0539 Storm-1152 |
2023-12-18
⋅
Seqrite
⋅
Decoding BATLOADER 2.X: Unmasking the Threat of Stealthy Malware Tactics BATLOADER |
2023-12-12
⋅
Microsoft
⋅
Threat actors misuse OAuth applications to automate financially driven attacks Storm-1283 Storm-1286 |
2023-12-07
⋅
Microsoft
⋅
Star Blizzard increases sophistication and evasion in ongoing attacks Callisto |
2023-12-06
⋅
splunk
⋅
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware PlugX |
2023-12-05
⋅
PWC
⋅
The Tortoise and The Malwahare SnappyTCP |
2023-12-05
⋅
Proofpoint
⋅
TA422’s Dedicated Exploitation Loop—the Same Week After Week |
2023-12-02
⋅
openhunting.io
⋅
Threat Hunting Malware Infrastructure VBREVSHELL AsyncRAT |
2023-12-01
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on Danabot leading to cactus ransomware Cactus DanaBot Storm-1044 |
2023-11-30
⋅
Twitter (@embee_research)
⋅
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates QakBot |
2023-11-27
⋅
Twitter (@embee_research)
⋅
Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian) BianLian |
2023-11-22
⋅
Microsoft
⋅
Diamond Sleet supply chain compromise distributes a modified CyberLink installer LambLoad |