Click here to download all references as Bib-File.•
| 2024-03-01
⋅
0x0v1
⋅
APT37's ROKRAT HWP Object Linking and Embedding RokRAT |
| 2023-12-06
⋅
Fortgale
⋅
Nebula Broker: offensive operations made in Italy Vetta Loader |
| 2023-06-29
⋅
BusinessWire
⋅
Dark Web Intelligence Shows Everest Ransomware Group Increasing Initial Access Broker Activity |
| 2023-05-01
⋅
Check Point Research
⋅
Chain Reaction: RokRAT's Missing Link Amadey RokRAT |
| 2023-04-26
⋅
AhnLab
⋅
RokRAT Malware Distributed Through LNK Files (*.lnk): RedEyes (ScarCruft) RokRAT |
| 2023-04-19
⋅
Bleeping Computer
⋅
March 2023 broke ransomware attack records with 459 incidents Clop WhiteRabbit BianLian Black Basta BlackCat LockBit MedusaLocker PLAY Royal Ransom |
| 2023-02-09
⋅
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot |
| 2023-01-01
⋅
ThreatMon
⋅
Reverse Engineering RokRAT: A Closer Look at APT37’s Onedrive-Based Attack Vector RokRAT |
| 2023-01-01
⋅
ThreatMon
⋅
Reverse Engineering RokRAT: A Closer Look at APT37’s Onedrive-Based Attack Vector RokRAT |
| 2022-12-09
⋅
Secureworks
⋅
Drokbk Malware Uses GitHub as Dead Drop Resolver Drokbk |
| 2022-12-09
⋅
Positive Technologies
⋅
APT Cloud Atlas: Unbroken Threat |
| 2022-11-04
⋅
DataBreaches.net
⋅
Malaysian online stock brokerage firm victim of cyberattack Desorden Group |
| 2022-09-28
⋅
Twitter (@ESETresearch)
⋅
Twitter Thread linking CloudMensis to RokRAT / ScarCruft CloudMensis RokRAT |
| 2022-09-07
⋅
Google
⋅
Initial access broker repurposing techniques in targeted attacks against Ukraine AnchorMail Cobalt Strike IcedID |
| 2022-09-07
⋅
Google
⋅
Initial access broker repurposing techniques in targeted attacks against Ukraine AnchorMail Cobalt Strike IcedID |
| 2022-09-06
⋅
ESET Research
⋅
Worok: The big picture MimiKatz PNGLoad reGeorg ShadowPad Worok |
| 2022-08-17
⋅
Group-IB
⋅
Switching side jobs Links between ATMZOW JS-sniffer and Hancitor Hancitor |
| 2022-08-02
⋅
Recorded Future
⋅
Initial Access Brokers Are Key to Rise in Ransomware Attacks Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar |
| 2022-07-14
⋅
Sophos
⋅
Rapid Response: The Ngrok Incident Guide |
| 2022-06-13
⋅
Sekoia
⋅
BumbleBee: a new trendy loader for Initial Access Brokers BumbleBee |