Click here to download all references as Bib-File.•
| 2025-03-11
⋅
Hunt.io
⋅
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure |
| 2025-03-04
⋅
Hunt.io
⋅
Exposing Russian EFF Impersonators: The Inside Story on Stealc & Pyramid C2 Pyramid Stealc |
| 2025-02-27
⋅
Hunt.io
⋅
Uncovering Joker’s C2 Network: How Hunt’s SSL History Exposed Its Infrastructure Joker |
| 2025-02-20
⋅
Hunt.io
⋅
LightSpy Expands Command List to Include Social Media Platforms lightSpy |
| 2025-02-12
⋅
Hunt.io
⋅
Tracking Pyramid C2: Identifying Post-Exploitation Servers in Hunt Pyramid |
| 2025-02-06
⋅
Hunt.io
⋅
SmokeLoader Malware Found in Open Directories Targeting Ukraine’s Auto & Banking Industries SmokeLoader |
| 2025-02-04
⋅
Hunt.io
⋅
GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains GreenSpot |
| 2025-01-28
⋅
Hunt.io
⋅
SparkRAT: Server Detection, macOS Activity, and Malicious Connections SparkRAT |
| 2025-01-23
⋅
Hunt.io
⋅
Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity KEYPLUG |
| 2025-01-07
⋅
Hunt.io
⋅
Golang Beacons and VS Code Tunnels: Tracking a Cobalt Strike Server Leveraging Trusted Infrastructure Cobalt Strike |
| 2024-12-12
⋅
Hunt.io
⋅
Oyster’s Trail: Resurgence of Infrastructure Linked to Ransomware and Cybercrime Actors Broomstick |
| 2024-12-10
⋅
Hunt.io
⋅
“Million OK !!!!” and the Naver Facade: Tracking Recent Suspected Kimsuky Infrastructure Kimsuky |
| 2024-12-03
⋅
Hunt.io
⋅
Rare Watermark Links Cobalt Strike 4.10 Team Servers to Ongoing Suspicious Activity Cobalt Strike |
| 2024-11-28
⋅
Hunt.io
⋅
Uncovering Threat Actor Tactics: How Open Directories Provide Insight into XWorm Delivery Strategies XWorm |
| 2024-11-21
⋅
Hunt.io
⋅
DarkPeony’s Trail: Certificate Patterns Point to Sustained Campaign Infrastructure DOPLUGS |
| 2024-11-19
⋅
Hunt.io
⋅
XenoRAT Adopts Excel XLL Files and ConfuserEx as Access Method XenoRAT |
| 2024-11-12
⋅
Hunt.io
⋅
Targeting Innovation: Sliver C2 and Ligolo-ng Used in Operation Aimed at Y Combinator Sliver |
| 2024-11-05
⋅
Hunt.io
⋅
RunningRAT’s Next Move: From Remote Access to Crypto Mining for Profit Running RAT |
| 2024-10-31
⋅
Hunt.io
⋅
Tricks, Treats, and Threats: Cobalt Strike & the Goblin Lurking in Plain Sight Cobalt Strike |
| 2024-10-24
⋅
Hunt.io
⋅
Rekoobe Backdoor Discovered in Open Directory, Possibly Targeting TradingView Users Rekoobe |