Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-26Medium IlanduIlan Duhin, Yossi Poberezsky
Emotet Campaign
Emotet
2023-02-24Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt, Kirk Sayre
Qbot testing malvertising campaigns?
QakBot
2023-02-19Medium System WeaknessLena (LambdaMamba)
Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS
Roaming Mantis
2023-01-23Medium System WeaknessLena (LambdaMamba)
A "strange font" Smishing Campaign that changes behaviour based on User-Agent, and abuses Duck DNS
Roaming Mantis
2023-01-16Medium elis531989Eli Salem
Dancing With Shellcodes: Analyzing Rhadamanthys Stealer
Rhadamanthys
2022-12-24Medium (@DCSO_CyTec)Denis Szadkowski, Hendrik Baecker, Jiro Minier, Johann Aydinbas
APT41 — The spy who failed to encrypt me
CHINACHOPPER
2022-11-16Medium (@DCSO_CyTec)Axel Wauer, Johann Aydinbas
HZ RAT goes China
HZ RAT
2022-10-25Medium walmartglobaltechJason Reaves
Brute Ratel Config Decoding update
Brute Ratel C4
2022-10-24Medium CSIS TechblogBenoît Ancel
Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.
Gozi ISFB Snifula
2022-10-24Medium s2wlabLee Sebin, Shin Yeongjae
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
FastFire FastSpy
2022-10-11Medium (@DCSO_CyTec)Axel Wauer, Denis Szadkowski, Johann Aydinbas
Tracking down Maggie
Maggie
2022-10-04Medium (@DCSO_CyTec)Axel Wauer, Johann Aydinbas
MSSQL, meet Maggie
Maggie
2022-09-30Medium walmartglobaltechJason Reaves, Jonathan Mccay
Diavol resurfaces
Diavol
2022-09-22Medium s2wlabJeong Hyunsik, Yang HuiSeong
Quick Overview of Leaked LockBit 3.0 (Black) builder program
LockBit
2022-09-01Medium michaelkoczwaraMichael Koczwara
Hunting C2/Adversaries Infrastructure with Shodan and Censys
Brute Ratel C4 Cobalt Strike Deimos GRUNT IcedID Merlin Meterpreter Nighthawk PoshC2 Sliver
2022-08-30Medium the_abjuri5tJohn F
NanoCore RAT Hunting Guide
Nanocore RAT
2022-08-22Medium (Katie’s Five Cents)Katie Nickels
A Cyber Threat Intelligence Self-Study Plan: Part 2
2022-08-11Medium walmartglobaltechJason Reaves
State of the Remote Access Tools, Part 1
2022-08-09Medium walmartglobaltechJason Reaves, Joshua Platt
Pivoting on a SharpExt to profile Kimusky panels for great good
Kimsuky
2022-08-08Medium CSIS TechblogBenoît Ancel
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure
Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader