Click here to download all references as Bib-File.
2022-05-05 ⋅ Cisco Talos ⋅ Mustang Panda deploys a new wave of malware targeting Europe Cobalt Strike Meterpreter PlugX |
2022-03-29 ⋅ Cisco Talos ⋅ Transparent Tribe campaign uses new bespoke malware to target Indian government officials Crimson RAT |
2022-01-09 ⋅ Twitter (@sixdub) ⋅ Tweet on malicious document used by Gamaredon aka DEV-0157 |
2021-12-08 ⋅ Darktrace ⋅ The double extortion business: Conti Ransomware Gang finds new avenues of negotiation Conti |
2021-09-23 ⋅ Talos ⋅ Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs Ave Maria NetWire RC |
2021-07-15 ⋅ Kryptos Logic ⋅ Adjusting the Anchor Anchor |
2021-07-07 ⋅ Talos Intelligence ⋅ InSideCopy: How this APT continues to evolve its arsenal AllaKore NjRAT SideCopy |
2021-07-07 ⋅ Talos ⋅ InSideCopy: How this APT continues to evolve its arsenal (Network IOCs) AllaKore Lilith NjRAT |
2021-07-07 ⋅ Talos ⋅ InSideCopy: How this APT continues to evolve its arsenal AllaKore Lilith NjRAT |
2021-07-07 ⋅ Talos ⋅ InSideCopy: How this APT continues to evolve its arsenal (IOCs) AllaKore Lilith NjRAT |
2021-07-02 ⋅ Cisco ⋅ InSideCopy: How this APT continues to evolve its arsenal AllaKore CetaRAT Lilith NjRAT ReverseRAT |
2021-06-16 ⋅ Mandiant ⋅ Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-06-16 ⋅ FireEye ⋅ Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-05-13 ⋅ ABC News ⋅ 'Don't panic,' Biden tells Americans facing gasoline shortages from pipeline attack DarkSide |
2021-05-13 ⋅ Talos ⋅ Transparent Tribe APT expands its Windows malware arsenal Crimson RAT Oblique RAT |
2021-05-04 ⋅ Red Canary ⋅ Transferring leverage in a ransomware attack |
2021-04-29 ⋅ FireEye ⋅ UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat Cobalt Strike FiveHands HelloKitty |
2021-04-09 ⋅ Microsoft ⋅ Investigating a unique “form” of email delivery for IcedID malware IcedID |
2021-04-07 ⋅ Medium sixdub ⋅ Using Kaitai Struct to Parse Cobalt Strike Beacon Configs Cobalt Strike |
2021-04-01 ⋅ Microsoft ⋅ Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting |