Click here to download all references as Bib-File.•
2019-09-24
⋅
Cisco Talos
⋅
How Tortoiseshell created a fake veteran hiring website to host malware Liderc SysKit |
2019-09-24
⋅
ESET Research
⋅
No summer vacations for Zebrocy Zebrocy |
2019-09-23
⋅
MITRE
⋅
APT41 Derusbi MESSAGETAP Winnti ASPXSpy BLACKCOFFEE CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT MimiKatz NjRAT PlugX ShadowPad Winnti ZXShell APT41 |
2019-09-23
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations Hisoka |
2019-09-23
⋅
Kaspersky Labs
⋅
Hello! My name is Dtrack Dtrack |
2019-09-23
⋅
Random RE
⋅
Diving into Pluroxs DNS based protection layer Plurox |
2019-09-22
⋅
Check Point Research
⋅
Rancor: The Year of The Phish 8.t Dropper Cobalt Strike |
2019-09-22
⋅
Proofpoint
⋅
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs Lookback TA410 |
2019-09-20
⋅
Trend Micro
⋅
Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website Gmera |
2019-09-20
⋅
Canadian Centre for Cyber Security
⋅
TFlower Ransomware Campaign TFlower |
2019-09-20
⋅
SNORT Mailing Lists
⋅
Multiple signatures 032 Laturo Stealer |
2019-09-20
⋅
Intezer
⋅
Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns QNAPCrypt |
2019-09-19
⋅
GitHub (werkamsus)
⋅
Lilith Lilith |
2019-09-19
⋅
Emissary Panda APT: Recent infrastructure and RAT analysis ZXShell |
2019-09-19
⋅
NSHC
⋅
Hagga of SectorH01 continues abusing Bitly, Blogger and Pastebin to deliver RevengeRAT and NanoCore Nanocore RAT Revenge RAT |
2019-09-19
⋅
Trend Micro
⋅
Fileless Cryptocurrency-Miner GhostMiner Weaponizes WMI Objects, Kills Other Cryptocurrency-Mining Payloads GhostMiner |
2019-09-18
⋅
SophosLabs Uncut
⋅
The WannaCry hangover WannaCryptor |
2019-09-18
⋅
Symantec
⋅
Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks SysKit Tortoiseshell |
2019-09-18
⋅
IronNet
⋅
Chirp of the PoisonFrog BONDUPDATER |
2019-09-18
⋅
JPCERT/CC
⋅
Malware Used by BlackTech after Network Intrusion PLEAD |