Click here to download all references as Bib-File.
2023-01-18 ⋅ SANS ISC ⋅ Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware Aurora Stealer |
2023-01-03 ⋅ Malware Traffic Analysis ⋅ 2023-01-03 (TUESDAY) - GOOGLE AD --> FAKE NOTPAD++ PAGE --> RHADAMANTHYS STEALER Rhadamanthys |
2022-12-15 ⋅ ISC ⋅ Google ads lead to fake software pages pushing IcedID (Bokbot) IcedID |
2022-08-19 ⋅ SANS ISC ⋅ Brazil malspam pushes Astaroth (Guildma) malware Astaroth |
2022-08-12 ⋅ SANS ISC ⋅ Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike Cobalt Strike DarkVNC IcedID |
2022-08-03 ⋅ Palo Alto Networks Unit 42 ⋅ Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware BazarBackdoor BumbleBee Cobalt Strike Conti |
2022-07-27 ⋅ SANS ISC ⋅ IcedID (Bokbot) with Dark VNC and Cobalt Strike DarkVNC IcedID |
2022-07-07 ⋅ SANS ISC ⋅ Emotet infection with Cobalt Strike Cobalt Strike Emotet |
2022-06-17 ⋅ SANS ISC ⋅ Malspam pushes Matanbuchus malware, leads to Cobalt Strike Cobalt Strike Matanbuchus |
2022-06-09 ⋅ InfoSec Handlers Diary Blog ⋅ TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) QakBot |
2022-05-19 ⋅ InfoSec Handlers Diary Blog ⋅ Bumblebee Malware from TransferXL URLs BumbleBee Cobalt Strike |
2022-05-17 ⋅ Palo Alto Networks Unit 42 ⋅ Emotet Summary: November 2021 Through January 2022 Emotet |
2022-05-11 ⋅ InfoSec Handlers Diary Blog ⋅ TA578 using thread-hijacked emails to push ISO files for Bumblebee malware BumbleBee Cobalt Strike IcedID PhotoLoader |
2022-05-11 ⋅ SANS ISC ⋅ TA578 using thread-hijacked emails to push ISO files for Bumblebee malware BumbleBee |
2022-04-20 ⋅ SANS ISC ⋅ 'aa' distribution Qakbot (Qbot) infection with DarkVNC traffic QakBot |
2022-04-06 ⋅ SANS ISC ⋅ Windows MetaStealer Malware |
2022-04-06 ⋅ InfoSec Handlers Diary Blog ⋅ Windows MetaStealer Malware MetaStealer |
2022-03-23 ⋅ InfoSec Handlers Diary Blog ⋅ Arkei Variants: From Vidar to Mars Stealer Arkei Stealer Mars Stealer Vidar |
2022-03-16 ⋅ SANS ISC ⋅ Qakbot infection with Cobalt Strike and VNC activity Cobalt Strike QakBot |
2022-03-16 ⋅ InfoSec Handlers Diary Blog ⋅ Qakbot infection with Cobalt Strike and VNC activity Cobalt Strike QakBot |