Click here to download all references as Bib-File.
2023-05-17 ⋅ ANY.RUN ⋅ Deobfuscating the Latest GuLoader: Automating Analysis with Ghidra Scripting CloudEyE |
2023-05-16 ⋅ Check Point Research ⋅ The Dragon Who Sold his Camaro: Analyzing a Custom Router Implant Horse Shell |
2023-05-15 ⋅ Symantec ⋅ Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors PlugX ShadowPad ZXShell |
2023-05-04 ⋅ SentinelOne ⋅ Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign BabyShark |
2023-05-01 ⋅ JPCERT/CC ⋅ Attack trends related to the attack campaign DangerousPassword SnatchCrypto |
2023-04-26 ⋅ cyble ⋅ Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram AMOS |
2023-04-24 ⋅ Kaspersky Labs ⋅ Tomiris called, they want their Turla malware back KopiLuwak Andromeda Ave Maria GoldMax JLORAT Kazuar Meterpreter QUIETCANARY RATel Roopy Telemiris tomiris Topinambour |
2023-04-19 ⋅ Symantec ⋅ Play Ransomware Group Using New Custom Data-Gathering Tools PLAY |
2023-04-18 ⋅ Rapid7 Labs ⋅ Automating Qakbot Detection at Scale With Velociraptor QakBot |
2023-04-05 ⋅ velociraptor ⋅ Automating Qakbot Decode At Scale QakBot |
2023-03-30 ⋅ CrowdStrike ⋅ 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers 3CX Backdoor |
2023-03-30 ⋅ K7 Security ⋅ GoatRAT Attacks Automated Payment Systems GoatRAT |
2023-03-29 ⋅ CrowdStrike ⋅ CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers 3CX Backdoor |
2023-03-23 ⋅ Mandiant ⋅ UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor HOLERUN LIGHTBUNNY |
2023-03-16 ⋅ SentinelOne ⋅ Winter Vivern | Uncovering a Wave of Global Espionage APERETIF |
2023-03-16 ⋅ Mandiant ⋅ Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation |
2023-03-09 ⋅ DeepInstinct ⋅ DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection DUCKTAIL |
2023-01-29 ⋅ Dark Vortex ⋅ Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks Brute Ratel C4 |
2023-01-24 ⋅ Trellix ⋅ Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity Andromeda Formbook Houdini Remcos |
2023-01-12 ⋅ Sentinel LABS ⋅ NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO Bobik Dosia NoName057(16) |