Click here to download all references as Bib-File.
2023-11-21 ⋅ Trellix ⋅ The Continued Evolution of the DarkGate Malware-as-a-Service DarkGate |
2023-11-17 ⋅ Cisco Talos ⋅ A deep dive into Phobos ransomware, recently deployed by 8Base group 8Base Phobos |
2023-11-17 ⋅ Cisco Talos ⋅ Understanding the Phobos affiliate structure and activity Phobos |
2023-11-01 ⋅ SANS ISC ⋅ Malware Dropped Through a ZPAQ Archive |
2023-10-13 ⋅ Elastic ⋅ Disclosing the BLOODALCHEMY backdoor win.trojan.bloodalchemy REF5961 |
2023-09-25 ⋅ NSFOCUS ⋅ Warning: Newly Discovered APT Attacker AtlasCross Exploits Red Cross Blood Drive Phishing for Cyberattack AtlasAgent AtlasCross |
2023-09-19 ⋅ Cisco Talos ⋅ New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants HTTPSnoop PipeSnoop ShroudedSnooper |
2023-09-11 ⋅ Symantec ⋅ Tweet about Symantec discovering a new variant of SiestaGraph SiestaGraph |
2023-09-07 ⋅ Silent Push ⋅ 'From Russia with a 71': Uncovering Gamaredon's fast flux infrastructure. New apex domains and ASN/IP diversity patterns discovered |
2023-09-04 ⋅ AhnLab ⋅ CHM Malware Using Fukushima Contaminated Water Discharge: RedEyes (ScarCruft) |
2023-08-31 ⋅ Cisco Talos ⋅ SapphireStealer: Open-source information stealer enables credential and data theft |
2023-08-24 ⋅ Cisco Talos ⋅ Lazarus Group's infrastructure reuse leads to discovery of new malware Collection RAT |
2023-08-24 ⋅ Cisco Talos ⋅ Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT QuiteRAT |
2023-08-23 ⋅ Logpoint ⋅ Defending Against 8base: Uncovering Their Arsenal and Crafting Responses 8Base SmokeLoader SystemBC |
2023-08-14 ⋅ Group-IB ⋅ Breaking down Gigabud banking malware with Group-IB Fraud Matrix Gigabud |
2023-08-10 ⋅ Twitter (@malwrhunterteam) ⋅ Tweet on the sample discovery Unidentified 109 (Lazarus?) |
2023-08-10 ⋅ CrowdStrike ⋅ Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874 |
2023-08-08 ⋅ Cisco Talos ⋅ What Cisco Talos knows about the Rhysida ransomware Rhysida |
2023-08-07 ⋅ Cisco Talos ⋅ New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware Chaos |
2023-07-14 ⋅ Proofpoint ⋅ Tweets on Discovery of WikiLoader WikiLoader |