Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-13MicrosoftMicrosoft Threat Intelligence
Threat actors strive to cause Tax Day headaches
CloudEyE Remcos
2023-04-13SublimeSam Scholten
Detecting QakBot: WSF attachments, OneNote files, and generic attack surface reduction
QakBot
2023-04-13YoroiCarmelo Ragusa, Luigi Martire
Money Ransomware: The Latest Double Extortion Group
Money Message
2023-04-12Kaspersky LabsSeongsu Park
Following the Lazarus group by tracking DeathNote campaign
Bankshot BLINDINGCAN ForestTiger LambLoad LPEClient MimiKatz NedDnLoader Racket Downloader Volgmer
2023-04-12AkamaiStiv Kupchik
Investigating the resurgence of the Mexals campaign
2023-04-12GridinsoftGridinsoft Cyber Security
XMRig is one of the most widespread malicious miners, that exploits hardware to mine Monero
xmrig
2023-04-12SpamhausSpamhaus Malware Labs
Spamhaus Botnet Threat Update Q1 2023
FluBot Amadey AsyncRAT Aurora Ave Maria BumbleBee Cobalt Strike DCRat Emotet IcedID ISFB NjRAT QakBot RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Tofsee Vidar
2023-04-12loginsoftBhargav koduru
Maximizing Threat Detections of Qakbot with Osquery
QakBot
2023-04-11CitizenLabAstrid Perry, Bahr Abdul Razzak, Bill Marczak, Emma Lyon, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis, Zoe Panday
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers
Carmine Tsunami
2023-04-11China Cybersecurity Industry AllianceChina Cybersecurity Industry Alliance
Review of Cyberattacks from US Intelligence Agencies - Based on Global Cybersecurity Communities' Analyses
DuQu Flame Gauss Stuxnet
2023-04-11MicrosoftMicrosoft Threat Intelligence
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Carmine Tsunami
2023-04-11MicrosoftMicrosoft Incident Response
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
BlackLotus
2023-04-10Twitter (@embee_research)Matthew
Redline Stealer - Static Analysis and C2 Extraction
Amadey RedLine Stealer
2023-04-08Twitter (@embee_research)Embee_research
Dcrat - Manual De-obfuscation of .NET Malware
DCRat
2023-04-08Team CymruScott Fisher
Deriving Insight from Threat Actor Infrastructure
Raccoon
2023-04-08cocomelonccocomelonc
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.
2023-04-07ElasticSalim Bitam
Attack chain leads to XWORM and AGENTTESLA
Agent Tesla XWorm
2023-04-07MicrosoftMicrosoft Threat Intelligence
MERCURY and DEV-1084: Destructive attack on hybrid environment
DarkBit Storm-1084
2023-04-06SpamhausRaashid Bhat
Neutralizing Tofsee Spambot – Part 3 | Network-based kill switch
Tofsee
2023-04-06SpamhausRaashid Bhat
Neutralizing Tofsee Spambot – Part 2 | InMemoryConfig store vaccine
Tofsee