Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-02-28Medium walmartglobaltechJoshua Platt
Agent AI, Basta Parser Extraordinaire
Black Basta Black Basta
2025-01-20Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Qbot is Back.Connect
ReedBed UNC4393
2024-09-05IntegoJoshua Long
New macOS malware HZ RAT gives attackers backdoor access to Macs
HZ RAT
2024-08-29GoogleClement Lecigne, Josh Atkins, Luke Jenkins
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
ANDROSNATCH Unidentified APK 009 (Chrome Recon) COOKIESNATCH VALIDVICTOR
2024-08-19AonDaniel Stein, Joshua Pivirotto, Stroz Friedberg, Zachary Reichert
Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules
sedexp
2024-07-29MandiantAshley Pearson, Jake Nicastro, Joseph Pisano, Josh Murchie, Joshua Shilko, Raymond Leong
UNC4393 Goes Gently into the SILENTNIGHT
Black Basta QakBot sRDI SystemBC Zloader UNC3973 UNC4393
2024-06-19Joshua Penny, vc0RExor
Akira: The old-new style crime
Akira
2024-06-19Medium walmartglobaltechJason Reaves, Joshua Platt
Spectre (SPC) v9 Campaigns and Updates
Spectre Rat
2024-06-11Invoke REJosh Reynolds
Parser Script for Havoc Config
Havoc
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-03-28Fox-ITJoshua Kamp
Android Malware Vultur Expands Its Wingspan
Brunhilda Vultur
2024-03-13Medium walmartglobaltechJason Reaves, Joshua Platt
NewBot Loader
NewBot Loader
2024-03-05Medium walmartglobaltechJason Reaves, Joshua Platt
Unknown Nim Loader using PSBypassCLM
Unidentified 115 (Nim Loader)
2024-02-22DragosJosh Hanrahan
VOLTZITE Espionage Operations Targeting U.S. Critical Systems
2024-02-21Invoke REJosh Reynolds
Automating Qakbot Malware Analysis with Binary Ninja
QakBot
2024-02-21YouTube (Invoke RE)Josh Reynolds
Analyzing Qakbot Using Binary Ninja Automation Part 3
QakBot
2024-02-09YouTube (Invoke RE)Josh Reynolds
Analyzing and Unpacking Qakbot Using Binary Ninja Automation Part 2
QakBot
2024-01-29hacked.codesJosh Terrill
Technical analysis of WinRAR zero-day malware and C2 protocol emulation
2024-01-23YouTube (Invoke RE)Josh Reynolds
Analyzing and Unpacking Qakbot using Binary Ninja Automation
QakBot