Click here to download all references as Bib-File.
2023-07-10 ⋅ Mandiant ⋅ Defend Against the Latest Active Directory Certificate Services Threats |
2023-06-15 ⋅ Mandiant ⋅ Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China SALTWATER SEASPY |
2023-06-02 ⋅ Mandiant ⋅ Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft |
2023-05-09 ⋅ Huntress Labs ⋅ Advanced Cyberchef Tips - AsyncRAT Loader AsyncRAT |
2023-05-07 ⋅ Twitter (@embee_research) ⋅ AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints Agent Tesla |
2023-04-18 ⋅ Cisco Talos ⋅ State-sponsored campaigns target global network infrastructure |
2023-04-10 ⋅ Twitter (@embee_research) ⋅ Redline Stealer - Static Analysis and C2 Extraction Amadey RedLine Stealer |
2022-11-14 ⋅ Twitter (@embee_research) ⋅ Twitter thread on Yara Signatures for Qakbot Encryption Routines IcedID QakBot |
2022-11-03 ⋅ paloalto Netoworks: Unit42 ⋅ Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild Cobalt Strike |
2022-07-06 ⋅ Trend Micro ⋅ Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server HavanaCrypt |
2022-05-05 ⋅ NCC Group ⋅ North Korea’s Lazarus: their initial access trade-craft using social media and social engineering LCPDot |
2022-04-28 ⋅ nccgroup ⋅ LAPSUS$: Recent techniques, tactics and procedures |
2022-04-12 ⋅ Sophos ⋅ Attackers linger on government agency computers before deploying Lockbit ransomware LockBit |
2022-02-22 ⋅ Bankinfo Security ⋅ Cybercrime Moves: Conti Ransomware Absorbs TrickBot Malware Conti TrickBot |
2022-02-18 ⋅ Huntress Labs ⋅ Hackers No Hashing: Randomizing API Hashes to Evade Cobalt Strike Shellcode Detection Cobalt Strike |
2022-02-15 ⋅ Sophos ⋅ Vulnerable Exchange server hit by Squirrelwaffle and financial fraud Squirrelwaffle |
2022-01-27 ⋅ CrowdStrike ⋅ Programs Hacking Programs: How to Extract Memory Information to Spot Linux Malware |
2022-01-20 ⋅ BrightTALK (Mandiant) ⋅ Anticipating and Preparing for Russian Cyber Activity |
2022-01-18 ⋅ Trend Micro ⋅ New Ransomware Spotted: White Rabbit and Its Evasion Tactics |
2022-01-14 ⋅ Trend Micro ⋅ Ransom.Win32.WHITERABBIT.YACAET WhiteRabbit |