Click here to download all references as Bib-File.
2023-07-12 ⋅ Lab52 ⋅ New invitation from APT29 to use CCleaner Unidentified 107 (APT29) |
2023-07-07 ⋅ Lab52 ⋅ Beyond appearances: unknown actor using APT29’s TTP against Chinese users Cobalt Strike |
2023-05-25 ⋅ Lab52 ⋅ New tricks of APT29 – update on the CERT.PL report |
2023-05-03 ⋅ Lab52 ⋅ New Mustang Panda’s campaing against Australia PlugX |
2023-03-24 ⋅ Lab52 ⋅ Bypassing Qakbot Anti-Analysis QakBot |
2022-06-21 ⋅ MuddyWater’s “light” first-stager targetting Middle East Unidentified VBS 004 (RAT) |
2022-04-01 ⋅ Lab52 ⋅ Complete dissection of an APK with a suspicious C2 Server |
2022-03-24 ⋅ Lab52 ⋅ Another cyber espionage campaign in the Russia-Ukrainian ongoing cyber attacks Quasar RAT |
2022-03-09 ⋅ Lab52 ⋅ Very very lazy Lazyscripter’s scripts: double compromise in a single obfuscation NjRAT |
2022-02-28 ⋅ Lab52 ⋅ Looking for Penquins in the Wild Penquin Turla |
2022-01-24 ⋅ Lab52 ⋅ New TransparenTribe Operation: Targeting India with weaponized COVID-19 lure documents |
2022-01-12 ⋅ Lab52 ⋅ TokyoX: DLL side-loading an unknown artifact (Part 2) TokyoX |
2022-01-10 ⋅ Lab52 ⋅ TokyoX: DLL side-loading an unknown artifact TokyoX |
2021-12-14 ⋅ Lab52 ⋅ Cuba Ransomware Analysis Cuba |
2021-09-28 ⋅ Lab52 ⋅ Winter Vivern – all Summer |
2021-07-05 ⋅ Lab52 ⋅ Quick review of Babuk ransomware builder Babuk |
2021-05-17 ⋅ Lab52 ⋅ Literature lover targeting Colombia with LimeRAT LimeRAT |
2021-04-29 ⋅ Lab52 ⋅ Chimera APT updates on its OwlProxy malware Owlproxy |
2020-08-26 ⋅ Lab52 ⋅ A twisted malware infection chain Agent Tesla Loki Password Stealer (PWS) |
2020-06-09 ⋅ Lab52 ⋅ Recent FK_Undead rootkit samples found in the wild |