Click here to download all references as Bib-File.
2022-06-28 ⋅ Twitter (@_icebre4ker_) ⋅ Revive and Coper are using similar phishing template and app Coper |
2022-06-17 ⋅ Github (NtQuerySystemInformation) ⋅ A reverse engineer primer on Qakbot Dll Stager: From initial execution to multithreading. QakBot |
2022-06-14 ⋅ Twitter (@3xp0rtblog) ⋅ Tweet on Keona Clipper Keona |
2022-06-02 ⋅ Twitter (@sysopfb) ⋅ Tweets on UpdateAgent - GolangVersion UpdateAgent |
2022-05-08 ⋅ Twitter (@cyb3rops) ⋅ Tweet on source code for BPFDoor found on VT BPFDoor |
2022-05-08 ⋅ Twitter (@CraigHRowland) ⋅ Twitter Thread with description of functionality for BPFDoor BPFDoor |
2022-05-06 ⋅ Twitter (@MsftSecIntel) ⋅ Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity FAKEUPDATES Blister Cobalt Strike LockBit |
2022-05-04 ⋅ Twitter (@felixw3000) ⋅ Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC. Cobalt Strike IcedID PhotoLoader |
2022-05-04 ⋅ Twitter (@ESETresearch) ⋅ Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication IsaacWiper |
2022-04-28 ⋅ vx-underground ⋅ Tweet on leaked Prynt Stealer source code and similarity to AyncRAT AsyncRAT Prynt Stealer |
2022-04-28 ⋅ Twitter (@vinopaljiri) ⋅ #ONYX Ransomware is based on #Chaos Ransomware Builderv4 Chaos |
2022-04-19 ⋅ Twitter (@Cryptolaemus1) ⋅ #Emotet Update: 64 bit upgrade of Epoch 5 Emotet |
2022-04-12 ⋅ Twitter (@apt773) ⋅ Tween on Lapsus$ (UNC3661) Attack chain of compromise via Sitel (Okta subprocessor)'s systems |
2022-04-12 ⋅ Twitter (@silascutler) ⋅ Tweet on analysis of CADDYWIPER used alongside with INDUSTROYER2 CaddyWiper INDUSTROYER2 |
2022-04-11 ⋅ Twitter (@3xp0rtblog) ⋅ Tweet on Safire Miner |
2022-04-07 ⋅ Twitter (@ChicagoCyber) ⋅ Tweet on TA455 (Iranian threat actor) IoCs |
2022-04-01 ⋅ Twitter (@3xp0rtblog) ⋅ Tweet on 000stealer, written in GO and its panel 000Stealer |
2022-03-31 ⋅ Twitter (@3xp0rtblog) ⋅ Tweet on Eternity stealer Eternity Stealer |
2022-03-31 ⋅ Twitter (@LukasStefanko) ⋅ Tweet on VajraSpy VajraSpy |
2022-03-30 ⋅ Twitter (@hpsecurity) ⋅ Tweet on recent Mekotio Banker campaign Mekotio |