Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-03-07Malware Traffic AnalysisBrad Duncan
2024-03-07 (THURSDAY): LATRODECTUS INFECTION LEADS TO LUMMA STEALER
Latrodectus Lumma Stealer
2024-01-19paloalto Networks Unit 42Ben Zhang, Billy Melicher, Bo Qu, Brad Duncan, Qi Deng, Zhanglin He
Parrot TDS: A Persistent and Evolving Malware Campaign
Parrot TDS Parrot TDS WebShell
2023-10-03Malware Traffic AnalysisBrad Duncan
2023-10-03 (Tuesday) - PikaBot infection with Cobalt Strike
Cobalt Strike Pikabot
2023-06-13MandiantAlexander Marvi, BRAD SLAYBAUGH, Ron Craft, Rufus Brown
VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886)
UNC3886
2023-06-05Malware Traffic AnalysisBrad Duncan
30 DAYS OF FORMBOOK: DAY 1, MONDAY 2023-06-05
Formbook
2023-05-30SANS ISCBrad Duncan
Malspam pushes ModiLoader (DBatLoader) infection for Remcos RAT
DBatLoader
2023-05-30Palo Alto Networks Unit 42Brad Duncan
Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
IcedID PhotoLoader
2023-04-21Jamf BlogFerdous Saljooki, Jaron Bradley
BlueNoroff APT group targets macOS with ‘RustBucket’ Malware
RustBucket
2023-04-12InfoSec Handlers Diary BlogBrad Duncan
Recent IcedID (Bokbot) activity
IcedID PhotoLoader
2023-04-12SANS ISCBrad Duncan
Recent IcedID (Bokbot) activity
IcedID
2023-03-16MandiantAlexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Muhammad Umair, TINA JOHNSON, Tufail Ahmed
Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
UNC3886
2023-02-23Jamf BlogFerdous Saljooki, Jaron Bradley, Matt Benyo
Evasive cryptojacking malware targeting macOS found lurking in pirated applications
2023-01-18SANS ISCBrad Duncan
Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware
Aurora Stealer
2023-01-03Malware Traffic AnalysisBrad Duncan
2023-01-03 (TUESDAY) - GOOGLE AD --> FAKE NOTPAD++ PAGE --> RHADAMANTHYS STEALER
Rhadamanthys
2022-12-15ISCBrad Duncan
Google ads lead to fake software pages pushing IcedID (Bokbot)
IcedID
2022-09-01[redacted]Ben Armstrong, Brad Pittack, Danny Quist, Lauren Pearce
BianLian Ransomware Gang Gives It a Go!
BianLian BianLian
2022-08-19SANS ISCBrad Duncan
Brazil malspam pushes Astaroth (Guildma) malware
Astaroth
2022-08-12SANS ISCBrad Duncan
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike
Cobalt Strike DarkVNC IcedID
2022-08-03Palo Alto Networks Unit 42Brad Duncan
Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware
BazarBackdoor BumbleBee Cobalt Strike Conti
2022-07-27SANS ISCBrad Duncan
IcedID (Bokbot) with Dark VNC and Cobalt Strike
DarkVNC IcedID