Click here to download all references as Bib-File.
2023-03-22 ⋅ Cisco Talos ⋅ Emotet Resumes Spam Operations, Switches to OneNote Emotet |
2023-03-14 ⋅ Cisco Talos ⋅ Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency Poet RAT Loda |
2023-01-18 ⋅ SANS ISC ⋅ Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware Aurora Stealer |
2023-01-05 ⋅ Phylum ⋅ A Deep Dive Into poweRAT: a Newly Discovered Stealer/RAT Combo Polluting PyPI poweRAT |
2022-12-24 ⋅ di.sclosu.re ⋅ njRAT malware spreading through Discord CDN and Facebook Ads NjRAT |
2022-12-21 ⋅ Group-IB ⋅ Godfather: A banking Trojan that is impossible to refuse Godfather |
2022-12-20 ⋅ Twitter (@Gi7w0rm) ⋅ Twitter posts discussing recent sighting of Laplas LaplasClipper |
2022-12-18 ⋅ SANS ISC ⋅ Infostealer Malware with Double Extension Agent Tesla |
2022-12-15 ⋅ ISC ⋅ Google ads lead to fake software pages pushing IcedID (Bokbot) IcedID |
2022-12-08 ⋅ Cisco Talos ⋅ Breaking the silence - Recent Truebot activity Clop Cobalt Strike FlawedGrace Raspberry Robin Silence Teleport |
2022-12-01 ⋅ Malware Analysis and Triage Report : PirateStealer - Discord_beta.exe PirateStealer |
2022-11-21 ⋅ vmware ⋅ Threat Analysis: Active C2 Discovery Using Protocol Emulation Part4 (Dacls, aka MATA) Dacls |
2022-11-09 ⋅ Cisco Talos ⋅ Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns Agent Tesla |
2022-10-24 ⋅ Medium s2wlab ⋅ Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware FastFire FastSpy |
2022-09-08 ⋅ Cisco Talos ⋅ Lazarus and the tale of three RATs MagicRAT MimiKatz VSingle YamaBot |
2022-09-07 ⋅ Cisco Talos ⋅ MagicRAT: Lazarus’ latest gateway into victim networks MagicRAT Tiger RAT |
2022-08-30 ⋅ Cisco ⋅ ModernLoader delivers multiple stealers, cryptominers and RATs Coinminer DCRat ModernLoader RedLine Stealer SapphireMiner SystemBC |
2022-08-19 ⋅ Uptycs ⋅ Is Tox The New C&C Method For Coinminers? Unidentified ELF 006 (Tox Backdoor) |
2022-08-19 ⋅ SANS ISC ⋅ Brazil malspam pushes Astaroth (Guildma) malware Astaroth |
2022-08-12 ⋅ SANS ISC ⋅ Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike Cobalt Strike DarkVNC IcedID |