Click here to download all references as Bib-File.•
| 2025-01-07
⋅
SANS ISC
⋅
PacketCrypt Classic Cryptocurrency Miner on PHP Servers |
| 2025-01-03
⋅
SANS ISC
⋅
SwaetRAT Delivery Through Python SwaetRAT |
| 2024-02-29
⋅
SANS ISC
⋅
Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service DarkGate |
| 2023-11-01
⋅
SANS ISC
⋅
Malware Dropped Through a ZPAQ Archive |
| 2023-05-30
⋅
SANS ISC
⋅
Malspam pushes ModiLoader (DBatLoader) infection for Remcos RAT DBatLoader |
| 2023-04-12
⋅
SANS ISC
⋅
Recent IcedID (Bokbot) activity IcedID |
| 2023-01-18
⋅
SANS ISC
⋅
Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware Aurora Stealer |
| 2022-12-18
⋅
SANS ISC
⋅
Infostealer Malware with Double Extension Agent Tesla |
| 2022-08-19
⋅
SANS ISC
⋅
Brazil malspam pushes Astaroth (Guildma) malware Astaroth |
| 2022-08-12
⋅
SANS ISC
⋅
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike Cobalt Strike DarkVNC IcedID |
| 2022-07-27
⋅
SANS ISC
⋅
IcedID (Bokbot) with Dark VNC and Cobalt Strike DarkVNC IcedID |
| 2022-07-07
⋅
SANS ISC
⋅
Emotet infection with Cobalt Strike Cobalt Strike Emotet |
| 2022-06-17
⋅
SANS ISC
⋅
Malspam pushes Matanbuchus malware, leads to Cobalt Strike Cobalt Strike Matanbuchus |
| 2022-06-16
⋅
SANS ISC
⋅
Houdini is Back Delivered Through a JavaScript Dropper Houdini |
| 2022-06-13
⋅
SANS ISC
⋅
Translating Saitama's DNS tunneling messages Saitama Backdoor |
| 2022-05-20
⋅
SANS ISC
⋅
A 'Zip Bomb' to Bypass Security Controls & Sandboxes BitRAT |
| 2022-05-11
⋅
SANS ISC
⋅
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware BumbleBee |
| 2022-04-25
⋅
SANS ISC
⋅
Simple PDF Linking to Malicious Content |
| 2022-04-20
⋅
SANS ISC
⋅
'aa' distribution Qakbot (Qbot) infection with DarkVNC traffic QakBot |
| 2022-04-06
⋅
SANS ISC
⋅
Windows MetaStealer Malware |