Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-28VolexityAnkur Saini, Charlie Gardner
@online{saini:20230628:charming:2528a43, author = {Ankur Saini and Charlie Gardner}, title = {{Charming Kitten Updates POWERSTAR with an InterPlanetary Twist}}, date = {2023-06-28}, organization = {Volexity}, url = {https://www.volexity.com/blog/2023/06/28/charming-kitten-updates-powerstar-with-an-interplanetary-twist/}, language = {English}, urldate = {2023-07-10} } Charming Kitten Updates POWERSTAR with an InterPlanetary Twist
2023-03-30VolexityAnkur Saini, Callum Roxan, Charlie Gardner, Paul Rascagnères, Steven Adair, Thomas Lancaster
@online{saini:20230330:3cx:82b291e, author = {Ankur Saini and Callum Roxan and Charlie Gardner and Paul Rascagnères and Steven Adair and Thomas Lancaster}, title = {{3CX Supply Chain Compromise Leads to ICONIC Incident}}, date = {2023-03-30}, organization = {Volexity}, url = {https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident/}, language = {English}, urldate = {2023-03-30} } 3CX Supply Chain Compromise Leads to ICONIC Incident
3CX Backdoor IconicStealer
2022-08-03MalwarebytesAnkur Saini, Hossein Jazi
@online{saini:20220803:woody:0b4bbb8, author = {Ankur Saini and Hossein Jazi}, title = {{Woody RAT: A new feature-rich malware spotted in the wild}}, date = {2022-08-03}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild/}, language = {English}, urldate = {2022-08-05} } Woody RAT: A new feature-rich malware spotted in the wild
Woody RAT
2022-04-05Malwarebytes LabsAnkur Saini, Hossein Jazi, Jérôme Segura
@online{saini:20220405:colibri:ee97c2e, author = {Ankur Saini and Hossein Jazi and Jérôme Segura}, title = {{Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique}}, date = {2022-04-05}, organization = {Malwarebytes Labs}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/04/colibri-loader-combines-task-scheduler-and-powershell-in-clever-persistence-technique/}, language = {English}, urldate = {2022-06-09} } Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique
Colibri Loader Mars Stealer
2022-04-01MalwarebytesAnkur Saini, Roberto Santos, Hossein Jazi
@online{saini:20220401:new:273cbe0, author = {Ankur Saini and Roberto Santos and Hossein Jazi}, title = {{New UAC-0056 activity: There’s a Go Elephant in the room}}, date = {2022-04-01}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/04/new-uac-0056-activity-theres-a-go-elephant-in-the-room/}, language = {English}, urldate = {2022-04-05} } New UAC-0056 activity: There’s a Go Elephant in the room
GrimPlant SaintBear
2022-01-27Malwarebytes LabsAnkur Saini, Hossein Jazi
@online{saini:20220127:north:463e590, author = {Ankur Saini and Hossein Jazi}, title = {{North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign}}, date = {2022-01-27}, organization = {Malwarebytes Labs}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/01/north-koreas-lazarus-apt-leverages-windows-update-client-github-in-latest-campaign/}, language = {English}, urldate = {2022-04-07} } North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign