Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-22ANY.RUNANY.RUN
Malware Analysis Gh0stBins, Chinese RAT: Malware Analysis, Protocol Description, RDP Stream Recovery
Gh0stBins
2023-06-22ReliaquestCaroline Fenstermacher
Goot to Loot - How a Gootloader Infection Led to Credential Access
GootLoader SystemBC
2023-06-22Kaspersky LabsGReAT
LockBit Green and phishing that targets organizations
LockBit LockBit
2023-06-22CrowdStrikeThe Falcon Complete Team
Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft
2023-06-21SymantecThreat Hunter Team
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries
Graphican
2023-06-21ElasticAndrew Pease, Colson Wilhoit, Ricardo Ungureanu, Salim Bitam, Seth Goodwin
Initial research exposing JOKERSPY
JokerSpy
2023-06-21ZscalerGurkirat Singh, Shatak Jain
Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks
RedEnergy Stealer
2023-06-21FortinetAxelle Apvrille
Fortinet Reverses Flutter-based Android Malware “Fluhorse”
FluHorse
2023-06-21Kaspersky LabsGeorgy Kucherin, Igor Kuznetsov, Leonid Bezvershenko
Dissecting TriangleDB, a Triangulation spyware implant
TriangleDB
2023-06-20SOCRadarSOCRadar
Cyber Shadows Pact: Darknet Parliament (KillNet, Anonymous Sudan, REvil)
UserSec
2023-06-20AhnLabASEC
Tsunami DDoS Malware Distributed to Linux SSH Servers
PerlBot Tsunami
2023-06-20Recorded FutureInsikt Group
BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities
2023-06-20Recorded FutureInsikt Group
BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities
2023-06-20Cert-UACert-UA
APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805)
2023-06-19Cert-UACert-UA
Targeted UAC-0102 cyber attacks against UKR.NET service users (CERT-UA#6858)
UAC-0102
2023-06-19Github (cocomelonc)cocomelonc
Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example.
Glupteba
2023-06-17Github (EmissarySpider)EmissarySpider
ransomware-descendants
Babuk Conti LockBit
2023-06-16SOC PrimeVeronika Telychko
PicassoLoader and Cobalt Strike Beacon Detection: UAC-0057 aka GhostWriter Hacking Group Attacks the Ukrainian Leading Military Educational Institution
Cobalt Strike PicassoLoader Ghostwriter
2023-06-16BitdefenderAndrei Lapusneanu, Bogdan Botezatu
Fragments of Cross-Platform Backdoor Hint at Larger Mac OS Attack
2023-06-16Palo Alto Networks: Cortex Threat ResearchLior Rochberger
Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa
CHINACHOPPER Ladon Yasso CL-STA-0043