Click here to download all references as Bib-File.•
| 2022-06-28
⋅
Twitter (@_CPResearch_)
⋅
Tweet on malware used against Steel Industry in Iran Meteor Predatory Sparrow |
| 2022-06-28
⋅
Twitter (@_icebre4ker_)
⋅
Revive and Coper are using similar phishing template and app Coper |
| 2022-05-12
⋅
⋅
Cert-UA
⋅
Uac-0010 (Armageddon) cyberattacks using GammaLoad.PS1_v2 malware (CERT-UA#4634,4648) Gamaredon Group |
| 2022-04-27
⋅
Binary Defense
⋅
Detecting Ransomware’s Stealthy Boot Configuration Edits |
| 2022-04-21
⋅
eSentire
⋅
Hackers Spearphish Corporate Hiring Managers with Poisoned Resumes, Infecting Them with the More_Eggs Malware, Warns eSentire More_eggs TerraLoader VenomLNK |
| 2022-04-14
⋅
Medium (@DCSO_CyTec)
⋅
404 — File still found SideWinder |
| 2022-04-14
⋅
Medium (@DCSO_CyTec)
⋅
404 — File still found SideWinder |
| 2022-04-04
⋅
The DFIR Report
⋅
Stolen Images Campaign Ends in Conti Ransomware Conti IcedID |
| 2022-03-12
⋅
Twitter (@ET_Labs)
⋅
A quick thread examining the network artifacts of the HermeticWizard spreading HermeticWizard |
| 2022-03-10
⋅
Twitter (@teamcymru_S2)
⋅
Tweet on Crimson RAT infrastructure used by APT36 Crimson RAT |
| 2022-02-28
⋅
Twitter (@M_haggis)
⋅
Tweet on parsing Daxin driver metadata using powershell Daxin |
| 2022-02-26
⋅
Atomic Matryoshka
⋅
Infographic: APTs in South America Imminent Monitor RAT Machete |
| 2022-02-21
⋅
Atomic Matryoshka
⋅
Ousaban MSI Installer Analysis Ousaban |
| 2022-02-17
⋅
Twitter (@Honeymoon_IoC)
⋅
Tweets on win.prometei caught via Cowrie Prometei |
| 2022-01-28
⋅
Atomic Matryoshka
⋅
Malware Headliners: LokiBot Loki Password Stealer (PWS) |
| 2022-01-24
⋅
Twitter (@_icebre4ker_)
⋅
Vultur Dropper on Google Play Store Vultur |
| 2022-01-22
⋅
Atomic Matryoshka
⋅
Malware Headliners: Emotet Emotet |
| 2022-01-21
⋅
Twitter (@_CPResearch_)
⋅
Tweet on WhiteLambert malware Lambert |
| 2022-01-20
⋅
Cybleinc
⋅
Deep Dive Into Ragnar_locker Ransomware Gang RagnarLocker |
| 2022-01-15
⋅
Atomic Matryoshka
⋅
Malware Headliners: Qakbot QakBot |