Click here to download all references as Bib-File.
| 2022-11-21 ⋅ Marco Ramilli's Blog ⋅ Is Hagga Threat Actor Abusing FSociety Framework ? |
| 2022-05-10 ⋅ Marco Ramilli's Blog ⋅ A Malware Analysis in RU-AU conflict Cobalt Strike |
| 2022-03-01 ⋅ Marco Ramilli's Blog ⋅ DiskKill/HermeticWiper and NotPetya (Dis)similarities EternalPetya HermeticWiper |
| 2021-11-07 ⋅ Marco Ramilli's Blog ⋅ CONTI Ransomware: Cheat Sheet Conti |
| 2021-08-23 ⋅ Paradise Ransomware: The Builder Paradise |
| 2021-07-04 ⋅ Marco Ramilli's Blog ⋅ Babuk Ransomware: The Builder Babuk Babuk |
| 2021-06-14 ⋅ Marco Ramilli's Blog ⋅ The Allegedly Ryuk Ransomware builder: #RyukJoke Chaos |
| 2021-05-07 ⋅ MuddyWater: Binder Project (Part 2) |
| 2021-05-01 ⋅ Marco Ramilli's Blog ⋅ Muddywater: Binder Project |
| 2021-01-09 ⋅ Marco Ramilli's Blog ⋅ Command and Control Traffic Patterns ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot |
| 2020-11-27 ⋅ Marco Ramilli's Blog ⋅ Threat Actor: Unkown Unidentified JS 004 |
| 2020-06-24 ⋅ Marco Ramilli's Blog ⋅ Is upatre downloader coming back ? Upatre |
| 2020-03-19 ⋅ Yoroi ⋅ Is APT 27 Abusing COVID-19 To Attack People ?! |
| 2020-02-19 ⋅ Yoroi ⋅ Uncovering New Magecart Implant Attacking eCommerce magecart |
| 2020-01-15 ⋅ Marco Ramilli's Blog ⋅ Iranian Threat Actors: Preliminary Analysis POWERSTATS |
| 2019-12-05 ⋅ Marco Ramilli's Blog ⋅ APT28 Attacks Evolution APT28 |
| 2019-11-04 ⋅ Marco Ramilli's Blog ⋅ Is Lazarus/APT38 Targeting Critical Infrastructures? Dtrack |
| 2019-10-28 ⋅ Marco Ramilli's Blog ⋅ SWEED Targeting Precision Engineering Companies in Italy Loki Password Stealer (PWS) |
| 2019-10-14 ⋅ Is Emotet gang targeting companies with external SOC? Emotet |
| 2019-07-13 ⋅ Free Tool: LooCipher Decryptor looChiper |