Click here to download all references as Bib-File.
2023-09-05 ⋅ AhnLab ⋅ BlueShell malware used in APT attacks targeting Korea and Thailand BlueShell SparkRAT |
2023-09-04 ⋅ AhnLab ⋅ CHM Malware Using Fukushima Contaminated Water Discharge: RedEyes (ScarCruft) |
2023-08-31 ⋅ AhnLab ⋅ Analysis of Andariel’s New Attack Activities Andardoor BlackRemote Tiger RAT Volgmer |
2023-07-28 ⋅ YouTube (SANS Cyber Defense) ⋅ Drop It Like It's Qbot: Separating malicious droppers, loaders, and crypters from their payloads CloudEyE QakBot |
2023-06-28 ⋅ AhnLab ⋅ Kimsuky Attack Group Abusing Chrome Remote Desktop Appleseed |
2023-04-12 ⋅ SANS ISC ⋅ Recent IcedID (Bokbot) activity IcedID |
2023-03-09 ⋅ ASEC ⋅ PlugX Malware Being Distributed via Vulnerability Exploitation PlugX |
2023-01-18 ⋅ SANS ISC ⋅ Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware Aurora Stealer |
2022-12-22 ⋅ AhnLab ⋅ Nitol DDoS Malware Installing Amadey Bot Amadey Nitol |
2022-12-18 ⋅ SANS ISC ⋅ Infostealer Malware with Double Extension Agent Tesla |
2022-09-13 ⋅ Sansec Threat Research ⋅ Magento vendor Fishpig hacked, backdoors added Rekoobe |
2022-08-19 ⋅ SANS ISC ⋅ Brazil malspam pushes Astaroth (Guildma) malware Astaroth |
2022-08-12 ⋅ SANS ISC ⋅ Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike Cobalt Strike DarkVNC IcedID |
2022-07-27 ⋅ SANS ISC ⋅ IcedID (Bokbot) with Dark VNC and Cobalt Strike DarkVNC IcedID |
2022-07-07 ⋅ SANS ISC ⋅ Emotet infection with Cobalt Strike Cobalt Strike Emotet |
2022-06-17 ⋅ SANS ISC ⋅ Malspam pushes Matanbuchus malware, leads to Cobalt Strike Cobalt Strike Matanbuchus |
2022-06-16 ⋅ SANS ISC ⋅ Houdini is Back Delivered Through a JavaScript Dropper Houdini |
2022-06-13 ⋅ SANS ISC ⋅ Translating Saitama's DNS tunneling messages Saitama Backdoor |
2022-05-20 ⋅ SANS ISC ⋅ A 'Zip Bomb' to Bypass Security Controls & Sandboxes BitRAT |
2022-05-11 ⋅ SANS ISC ⋅ TA578 using thread-hijacked emails to push ISO files for Bumblebee malware BumbleBee |