Click here to download all references as Bib-File.•
2024-03-27
⋅
Twitter (@embee_research)
⋅
Uncovering Malicious Infrastructure with DNS Pivoting LokiBot XWorm |
2024-03-18
⋅
Twitter (@juanandres_gs)
⋅
Twitter thread on the sample identified AcidPour |
2024-03-02
⋅
Twitter (@SinghSoodeep)
⋅
Tweet on WINELOADER targeting with German embassy themed lure WINELOADER |
2024-02-28
⋅
Twitter (@haxrob)
⋅
Tweet series regarding GTPDOOR GTPDOOR |
2024-02-27
⋅
Twitter (@greglesnewich)
⋅
Tweet with context on TA421 / APT29 / Midnight Blizzard / BlueBravo / Cozy Bear WINELOADER |
2024-02-26
⋅
Twitter (@embee_research)
⋅
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples NetSupportManager RAT |
2024-01-05
⋅
Twitter (@X__Junior)
⋅
Tweet about a SpectralBlur Linux sample SpectralBlur |
2024-01-05
⋅
Twitter (@greglesnewich)
⋅
Tweets about a SpectralBlur a macOS sample SpectralBlur |
2023-12-20
⋅
Twitter (@embee_research)
⋅
Defeating Obfuscated Malware Scripts - Cobalt Strike Cobalt Strike |
2023-12-19
⋅
Twitter (@embee_research)
⋅
Free Ghidra Tutorials for Beginners Cobalt Strike DarkGate |
2023-12-08
⋅
Twitter (@Myrtus0x0)
⋅
Tweet naming the family Unidentified 111 (Latrodectus) |
2023-12-08
⋅
Twitter (@embee_research)
⋅
Ghidra Basics - Manual Shellcode Analysis and C2 Extraction Cobalt Strike |
2023-12-06
⋅
Twitter (@embee_research)
⋅
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings Vidar |
2023-12-03
⋅
Twitter (@vxunderground)
⋅
Tweet about ALPHV group compromising Tipalti to pressure its clients. BlackCat BlackCat |
2023-12-01
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on Danabot leading to cactus ransomware Cactus DanaBot |
2023-11-30
⋅
Twitter (@embee_research)
⋅
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates QakBot |
2023-11-27
⋅
Twitter (@embee_research)
⋅
Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian) BianLian |
2023-11-26
⋅
Twitter (@embee_research)
⋅
Identifying Suspected PrivateLoader Servers with Censys PrivateLoader |
2023-11-22
⋅
Twitter (@embee_research)
⋅
Practical Queries for Malware Infrastructure - Part 3 (Advanced Examples) BianLian Xtreme RAT NjRAT QakBot RedLine Stealer Remcos |
2023-11-19
⋅
Twitter (@embee_research)
⋅
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike Amadey Cobalt Strike RedLine Stealer SmokeLoader |