Click here to download all references as Bib-File.
2023-06-02 ⋅ Mandiant ⋅ Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft |
2023-04-20 ⋅ ESET Research ⋅ Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack BADCALL 3CX Backdoor BADCALL IconicStealer |
2023-02-09 ⋅ Trend Micro ⋅ Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs Enigma Loader |
2023-01-17 ⋅ Trend Micro ⋅ Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures NjRAT |
2022-09-30 ⋅ Virus Bulletin ⋅ Lazarus & BYOVD: evil to the Windows core FudModule |
2022-09-30 ⋅ ESET Research ⋅ Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium BLINDINGCAN FudModule HTTP(S) uploader TOUCHMOVE |
2022-08-16 ⋅ Twitter (@ESETresearch) ⋅ Twitter thread about Operation In(ter)ception for macOS Interception |
2022-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive Cobalt Strike EnvyScout Gdrive |
2022-07-14 ⋅ Sophos ⋅ BlackCat ransomware attacks not merely a byproduct of bad luck BlackCat BlackCat |
2022-07-05 ⋅ Palo Alto Networks Unit 42 ⋅ When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors |
2022-06-06 ⋅ NCC Group ⋅ Shining the Light on Black Basta Black Basta |
2022-05-20 ⋅ nccgroup ⋅ Metastealer – filling the Racoon void MetaStealer |
2022-04-12 ⋅ Sophos ⋅ Attackers linger on government agency computers before deploying Lockbit ransomware LockBit |
2021-12-22 ⋅ Sophos ⋅ Avos Locker remotely accesses boxes, even running in Safe Mode AvosLocker |
2021-12-20 ⋅ IronNet ⋅ Detecting anomalous network traffic resulting from a successful Log4j attack |
2021-12-16 ⋅ TEAMT5 ⋅ Winnti is Coming - Evolution after Prosecution Cobalt Strike FishMaster FunnySwitch HIGHNOON ShadowPad Spyder |
2021-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus Godzilla Webshell |
2021-11-29 ⋅ Certitude ⋅ Unpatched Exchange Servers distribute Phishing Links (SquirrelWaffle) Squirrelwaffle |
2021-11-16 ⋅ IronNet ⋅ How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware Cobalt Strike Conti IcedID REvil |
2021-11-07 ⋅ Palo Alto Networks Unit 42 ⋅ Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer Godzilla Webshell NGLite |