Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-03-28Cisco TalosGuilherme Venere
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Remcos
2024-08-21Cisco TalosAsheer Malhotra, Guilherme Venere, Vitor Ventura
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
MoonPeak XenoRAT UAT-5394
2024-02-27Cisco TalosGuilherme Venere, Jacob Finn, Jacob Stanfill, James Nutland, Tucker Favreau
TimbreStealer campaign targets Mexican users with financial lures
TimbreStealer
2023-11-17Cisco TalosGuilherme Venere
A deep dive into Phobos ransomware, recently deployed by 8Base group
8Base Phobos
2023-11-17Cisco TalosGuilherme Venere
Understanding the Phobos affiliate structure and activity
Phobos
2023-10-05TalosGuilherme Venere
Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown
QakBot
2023-01-19CiscoGuilherme Venere
Following the LNK metadata trail
BumbleBee PhotoLoader QakBot
2022-09-15TalosAsheer Malhotra, Guilherme Venere
Gamaredon APT targets Ukrainian government agencies in new campaign
2022-06-21Cisco TalosChris Neal, Flavio Costa, Guilherme Venere
Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz
2016-08-01Intel SecurityGuilherme Venere, Mark Olea, Sanchit Karve
DIVING INTO PINKSLIPBOT’S LATEST CAMPAIGN
QakBot