Click here to download all references as Bib-File.
2022-08-01 ⋅ Twitter (@sekoia_io) ⋅ Tweet on Turla's CyberAzov activity CyberAzov |
2022-07-26 ⋅ Cert-UA ⋅ UAC-0010 (Armageddon) cyberattacks using the GammaLoad.PS1_v2 malware (CERT-UA#5003,5013,5069,5071) |
2022-06-28 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on malware used against Steel Industry in Iran Meteor Predatory Sparrow |
2022-06-28 ⋅ Twitter (@_icebre4ker_) ⋅ Revive and Coper are using similar phishing template and app Coper |
2022-05-12 ⋅ Cert-UA ⋅ Uac-0010 (Armageddon) cyberattacks using GammaLoad.PS1_v2 malware (CERT-UA#4634,4648) |
2022-04-27 ⋅ Binary Defense ⋅ Detecting Ransomware’s Stealthy Boot Configuration Edits |
2022-04-21 ⋅ eSentire ⋅ Hackers Spearphish Corporate Hiring Managers with Poisoned Resumes, Infecting Them with the More_Eggs Malware, Warns eSentire More_eggs |
2022-04-14 ⋅ Medium (@DCSO_CyTec) ⋅ 404 — File still found SideWinder |
2022-04-04 ⋅ The DFIR Report ⋅ Stolen Images Campaign Ends in Conti Ransomware Conti IcedID |
2022-03-12 ⋅ Twitter (@ET_Labs) ⋅ A quick thread examining the network artifacts of the HermeticWizard spreading HermeticWizard |
2022-03-10 ⋅ Twitter (@teamcymru_S2) ⋅ Tweet on Crimson RAT infrastructure used by APT36 Crimson RAT |
2022-02-28 ⋅ Twitter (@M_haggis) ⋅ Tweet on parsing Daxin driver metadata using powershell Daxin |
2022-02-26 ⋅ Atomic Matryoshka ⋅ Infographic: APTs in South America Imminent Monitor RAT Machete |
2022-02-21 ⋅ Atomic Matryoshka ⋅ Ousaban MSI Installer Analysis Ousaban |
2022-02-17 ⋅ Twitter (@Honeymoon_IoC) ⋅ Tweets on win.prometei caught via Cowrie Prometei |
2022-01-28 ⋅ Atomic Matryoshka ⋅ Malware Headliners: LokiBot Loki Password Stealer (PWS) |
2022-01-24 ⋅ Twitter (@_icebre4ker_) ⋅ Vultur Dropper on Google Play Store Vultur |
2022-01-22 ⋅ Atomic Matryoshka ⋅ Malware Headliners: Emotet Emotet |
2022-01-21 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on WhiteLambert malware Lambert |
2022-01-20 ⋅ Cybleinc ⋅ Deep Dive Into Ragnar_locker Ransomware Gang RagnarLocker |