Click here to download all references as Bib-File.•
| 2024-07-18
⋅
Mandiant
⋅
APT41 Has Arisen From the DUST Cobalt Strike |
| 2023-04-20
⋅
Mandiant
⋅
3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible POOLRAT IconicStealer UNC4736 |
| 2022-06-13
⋅
SANS ISC
⋅
Translating Saitama's DNS tunneling messages Saitama Backdoor |
| 2021-12-28
⋅
Morphus Labs
⋅
Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons Cobalt Strike |
| 2020-11-03
⋅
InfoSec Handlers Diary Blog
⋅
Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike Cobalt Strike |
| 2020-05-31
⋅
InfoSec Handlers Diary Blog
⋅
Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses Astaroth |
| 2019-05-07
⋅
SANS ISC InfoSec Forums
⋅
Vulnerable Apache Jenkins exploited in the wild kerberods |
| 2017-12-06
⋅
Botconf
⋅
Exploring a P2P Transient Botnet - From Discovery to Enumeration Rakos |
| 2017-09-26
⋅
ISC
⋅
XPCTRA Malware Steals Banking and Digital Wallet User's Credentials XPCTRA |
| 2017-08-29
⋅
InfoSec Handlers Diary Blog
⋅
Second Google Chrome Extension Banker Malware in Two Weeks IDKEY |