Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-07-19Twitter (@h2jazi)Hossein Jazi
Tweet on observation with Korean targeting, suspecting Lazarus
Unidentified 105
2023-05-10MalwarebytesHossein Jazi, Roberto Santos
Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020
PowerMagic RedStinger
2022-08-03MalwarebytesAnkur Saini, Hossein Jazi
Woody RAT: A new feature-rich malware spotted in the wild
Woody RAT
2022-07-13Malwarebytes LabsHossein Jazi, Roberto Santos
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign
Cobalt Strike
2022-04-05Malwarebytes LabsAnkur Saini, Hossein Jazi, Jérôme Segura
Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique
Colibri Loader Mars Stealer
2022-04-01MalwarebytesAnkur Saini, Hossein Jazi, Roberto Santos
New UAC-0056 activity: There’s a Go Elephant in the room
GrimPlant SaintBear
2022-03-29Malwarebytes LabsHossein Jazi
New spear phishing campaign targets Russian dissidents
Unidentified PS 002 (RAT) Cobalt Strike
2022-01-27Malwarebytes LabsAnkur Saini, Hossein Jazi
North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign
2021-12-02MalwarebytesHossein Jazi, Threat Intelligence Team
SideCopy APT: Connecting lures to victims, payloads to infrastructure
SideCopy
2021-11-12MalwarebytesHossein Jazi
A multi-stage PowerShell based attack targets Kazakhstan
Cobalt Strike
2021-08-20MalwarebytesHossein Jazi
New variant of Konni malware used in campaign targetting Russia
Konni
2021-07-28MalwarebytesHossein Jazi
Crimea “manifesto” deploys VBA Rat using double attack vectors
2021-06-01MalwarebytesHossein Jazi
Kimsuky APT continues to target South Korean government using AppleSeed backdoor
Appleseed
2021-04-19MalwarebytesHossein Jazi
Lazarus APT conceals malicious code within BMP image to drop its RAT
TigerLite
2021-04-19MalwarebytesHossein Jazi
Lazarus APT conceals malicious code within BMP image to drop its RAT
BISTROMATH
2021-04-06MalwarebytesHossein Jazi
Aurora campaign: Attacking Azerbaijan using multiple RATs
2021-03-05MalwarebytesHossein Jazi
New steganography attack targets Azerbaijan
2021-02-24MalwarebytesHossein Jazi
LazyScripter: From Empire to double RAT
Octopus Koadic
2021-01-06MalwarebytesHossein Jazi
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
RokRAT
2020-10-28Malwarebyteshasherezade, Hossein Jazi, Jérôme Segura, Marcelo Rivero
Fake COVID-19 survey hides ransomware in Canadian university attack
Vaggen
2020-10-12Malwarebytes LabsHossein Jazi, Jérôme Segura, Malwarebytes Threat Intelligence Team, Roberto Santos
Winnti APT group docks in Sri Lanka for new campaign
DBoxAgent SerialVlogger Winnti
2020-10-06MalwarebytesHossein Jazi, Jérôme Segura
Release the Kraken: Fileless APT attack abuses Windows Error Reporting service
2020-09-30MalwarebytesHossein Jazi, Jérôme Segura
Evasive Panda
MgBot BRONZE HIGHLAND Evasive Panda
2020-09-30Youtube (Virus Bulletin)Hossein Jazi, Jérôme Segura
Evasive Panda
MgBot BRONZE HIGHLAND
2020-07-21Malwarebytes LabsHossein Jazi, Jérôme Segura
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
MgBot BRONZE HIGHLAND
2020-07-21MalwarebytesHossein Jazi, Jérôme Segura
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
KSREMOTE Cobalt Strike MgBot Evasive Panda
2020-06-17MalwarebytesHossein Jazi, Jérôme Segura
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
Cobalt Strike
2020-06-03MalwarebytesHossein Jazi, Jérôme Segura
New LNK attack tied to Higaisa APT discovered
Higaisa
2020-05-06MalwarebytesHossein Jazi, Jérôme Segura, Thomas Reed
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
Dacls
2020-04-16MalwarebytesHossein Jazi
New AgentTesla variant steals WiFi credentials
Agent Tesla