|
Up
|
|
|
|
|
2023-01-01 - The Mac Malware of 2022.pdf
|
|
|
|
|
2023-01-03 - BitRAT Now Sharing Sensitive Bank Data as a Lure.pdf
|
|
|
|
|
2023-01-03 - Raspberry Robin Detected ITW Targeting Insurance & Financial Institutes In Europe.pdf
|
|
|
|
|
2023-01-04 - An In-Depth Look at PLAY Ransomware.pdf
|
|
|
|
|
2023-01-04 - Pupy RAT hiding under WerFault’s cover.pdf
|
|
|
|
|
2023-01-04 - Rackspace confirms Play ransomware was behind recent cyberattack.pdf
|
|
|
|
|
2023-01-04 - UNC1151 Group Indicators of Compromise (IOC).pdf
|
|
|
|
|
2023-01-04 - Unpacking RedLine Stealer.pdf
|
|
|
|
|
2023-01-05 - A crowning achievement- Exploring the exploit of Royal ransomware.pdf
|
|
|
|
|
2023-01-05 - A Deep Dive Into poweRAT- a Newly Discovered Stealer-RAT Combo Polluting PyPI.pdf
|
|
|
|
|
2023-01-05 - Blindeagle Targeting Ecuador with Sharpened Tools.pdf
|
|
|
|
|
2023-01-05 - Bluebottle- Campaign Hits Banks in French-speaking Countries in Africa.pdf
|
|
|
|
|
2023-01-05 - Emulating the Highly Sophisticated North Korean Adversary Lazarus Group.pdf
|
|
|
|
|
2023-01-05 - Gootloader Command & Control.pdf
|
|
|
|
|
2023-01-05 - SpyNote- Spyware with RAT capabilities targeting Financial Institutions.pdf
|
|
|
|
|
2023-01-05 - Turla- A Galaxy of Opportunity.pdf
|
|
|
|
|
2023-01-05 - What is Gootloader-.pdf
|
|
|
|
|
2023-01-06 - Coldriver Group Research Report.pdf
|
|
|
|
|
2023-01-06 - Distribution of NetSupport RAT Malware Disguised as a Pokemon Game.pdf
|
|
|
|
|
2023-01-06 - LummaC2 Stealer- A Potent Threat To Crypto Users.pdf
|
|
|
|
|
2023-01-09 - [QuickNote] Another nice PlugX sample.pdf
|
|
|
|
|
2023-01-09 - Dark Web Profile- Royal Ransomware.pdf
|
|
|
|
|
2023-01-09 - Emotet returns and deploys loaders.pdf
|
|
|
|
|
2023-01-09 - Gootkit Loader Actively Targets Australian Healthcare Industry.pdf
|
|
|
|
|
2023-01-09 - Unwrapping Ursnifs Gifts.pdf
|
|
|
|
|
2023-01-10 - Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN.pdf
|
|
|
|
|
2023-01-10 - Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges.pdf
|
|
|
|
|
2023-01-10 - Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it.pdf
|
|
|
|
|
2023-01-10 - StrongPity espionage campaign targeting Android users.pdf
|
|
|
|
|
2023-01-10 - The Rebranded Crypter- ScrubCrypt.pdf
|
|
|
|
|
2023-01-11 - Calling from the Underground- An alternative way to penetrate corporate networks.pdf
|
|
|
|
|
2023-01-11 - Dark Pink - New APT hitting Asia-Pacific, Europe that goes deeper and darker.pdf
|
|
|
|
|
2023-01-11 - Increasing The Sting of HIVE Ransomware.pdf
|
|
|
|
|
2023-01-12 - CyOps Lighthouse- Vidar Stealer.pdf
|
|
|
|
|
2023-01-12 - Gootloader Malware Leads to Cobalt Strike and Hand-on-Keyboard Activity.pdf
|
|
|
|
|
2023-01-12 - NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO.pdf
|
|
|
|
|
2023-01-12 - QakBot Malware Used Unpatched Vulnerability to Bypass Windows OS Security Feature.pdf
|
|
|
|
|
2023-01-12 - Rhadamanthys- New Stealer Spreading Through Google Ads.pdf
|
|
|
|
|
2023-01-13 - Getting Rusty and Stringy with Luna Ransomware.pdf
|
|
|
|
|
2023-01-13 - Grandoreiro banking malware- deciphering the DGA.pdf
|
|
|
|
|
2023-01-13 - Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack.pdf
|
|
|
|
|
2023-01-13 - The cyber police exposed a hacker group that attacked foreign companies with an encryption virus.pdf
|
|
|
|
|
2023-01-16 - Cybercrime, RFQ from Turkey carries AgentTesla and zgRAT.pdf
|
|
|
|
|
2023-01-16 - Dancing With Shellcodes- Analyzing Rhadamanthys Stealer.pdf
|
|
|
|
|
2023-01-16 - ProxyNotShell – OWASSRF – Merry Xchange.pdf
|
|
|
|
|
2023-01-17 - Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks.pdf
|
|
|
|
|
2023-01-17 - Kasablanka Group Probably Conducted Compaigns Targeting Russia.pdf
|
|
|
|
|
2023-01-18 - A long way to SectopRat.pdf
|
|
|
|
|
2023-01-18 - Chinese Playful Taurus Activity in Iran.pdf
|
|
|
|
|
2023-01-19 - Following the LNK metadata trail.pdf
|
|
|
|
|
2023-01-19 - Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations.pdf
|
|
|
|
|
2023-01-19 - Gigabud RAT- New Android RAT Masquerading as Government Agencies.pdf
|
|
|
|
|
2023-01-19 - Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475).pdf
|
|
|
|
|
2023-01-20 - Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware.pdf
|
|
|
|
|
2023-01-20 - Emotet Returns With New Methods of Evasion.pdf
|
|
|
|
|
2023-01-20 - Samsung investigating claims of hack on South Korea systems, internal employee platform.pdf
|
|
|
|
|
2023-01-22 - BadBazaar- iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs.pdf
|
|
|
|
|
2023-01-23 - A -strange font- Smishing Campaign that changes behaviour based on User-Agent, and abuses Duck DNS.pdf
|
|
|
|
|
2023-01-23 - Activation Context Cache Poisoning- Exploiting CSRSS for Privilege Escalation.pdf
|
|
|
|
|
2023-01-23 - Black Basta – Technical Analysis.pdf
|
|
|
|
|
2023-01-23 - FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft.pdf
|
|
|
|
|
2023-01-23 - The Titan Stealer- Notorious Telegram Malware Campaign - Uptycs.pdf
|
|
|
|
|
2023-01-24 - [Urgent] A Chinese hacker organization that declared hacking war on Korea...-KISA will hack- notice.pdf
|
|
|
|
|
2023-01-24 - Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity.pdf
|
|
|
|
|
2023-01-24 - DragonSpark - Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation.pdf
|
|
|
|
|
2023-01-24 - The Year of the Wiper.pdf
|
|
|
|
|
2023-01-24 - Unmasking Venom Spider.pdf
|
|
|
|
|
2023-01-25 - Python-Based PY-RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection.pdf
|
|
|
|
|
2023-01-25 - Securonix Security Advisory- Python-Based PY RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection.pdf
|
|
|
|
|
2023-01-25 - TA444- The APT Startup Aimed at Acquisition (of Your Funds).pdf
|
|
|
|
|
2023-01-25 - The Rise of Amadey Bot- A Growing Concern for Internet Security.pdf
|
|
|
|
|
2023-01-26 - Abraham's Ax Likely Linked to Moses Staff.pdf
|
|
|
|
|
2023-01-26 - Alleged French cybercriminal to appear in Seattle on indictment for conspiracy, computer intrusion, wire fraud and aggravated identity theft.pdf
|
|
|
|
|
2023-01-26 - Chinese PlugX Malware Hidden in Your USB Devices-.pdf
|
|
|
|
|
2023-01-26 - CryptBot Infostealer- Malware Analysis.pdf
|
|
|
|
|
2023-01-26 - Hiding In PlainSight - Proxying DLL Loads To Hide From ETWTI Stack Tracing.pdf
|
|
|
|
|
2023-01-26 - New Mimic Ransomware Abuses Everything APIs for its Encryption Process.pdf
|
|
|
|
|
2023-01-26 - Over 50,000 instances of DRAGONBRIDGE activity disrupted in 2022.pdf
|
|
|
|
|
2023-01-26 - Unpacking Emotet Malware.pdf
|
|
|
|
|
2023-01-26 - Welcome to Goot Camp- Tracking the Evolution of GOOTLOADER Operations.pdf
|
|
|
|
|
2023-01-27 - Old Bot in New Bottle- Amadey Botnet Back in Action Via Phishing Sites.pdf
|
|
|
|
|
2023-01-27 - SwiftSlicer- New destructive wiper malware strikes Ukraine.pdf
|
|
|
|
|
2023-01-29 - Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks.pdf
|
|
|
|
|
2023-01-29 - Petya-Not Petya Ransomware Analysis.pdf
|
|
|
|
|
2023-01-30 - Following the Scent of TrickGate- 6-Year-Old Packer Used to Deploy the Most Wanted Malware.pdf
|
|
|
|
|
2023-01-31 - Vidar Info-Stealer Malware Distributed via Malvertising on Google.pdf
|
|
|
|
|
2023-02-01 - HeadCrab- A Novel State-of-the-Art Redis Malware in a Global Campaign.pdf
|
|
|
|
|
2023-02-01 - New LockBit Green ransomware variant borrows code from Conti ransomware.pdf
|
|
|
|
|
2023-02-01 - Uncovering LockBit Black’s Attack Chain and Anti-forensic activity.pdf
|
|
|
|
|
2023-02-02 - [Zero2Automated] Complete Custom Sample Challenge Analysis.pdf
|
|
|
|
|
2023-02-02 - DoNot Team (APT-C-35) Analysis of Latest Campaign- Sophisticated Excel Macro Attack Targeting Pakistan.pdf
|
|
|
|
|
2023-02-02 - Hive Ransomware Technical Analysis and Initial Access Discovery.pdf
|
|
|
|
|
2023-02-02 - Iran responsible for Charlie Hebdo attacks.pdf
|
|
|
|
|
2023-02-02 - Malware analysis- part 7. Yara rule example for CRC32. CRC32 in REvil ransomware.pdf
|
|
|
|
|
2023-02-02 - New APT34 Malware Targets The Middle East.pdf
|
|
|
|
|
2023-02-02 - North Korea hacking organization, Fair Trade Commission impersonation phishing attack in progress.pdf
|
|
|
|
|
2023-02-02 - Update to the REF2924 intrusion set and related campaigns.pdf
|
|
|
|
|
2023-02-03 - AgentVX And Taurus.pdf
|
|
|
|
|
2023-02-03 - Ave Maria and the Chambers of Warzone RAT.pdf
|
|
|
|
|
2023-02-03 - HookBot – A New Mobile Malware.pdf
|
|
|
|
|
2023-02-03 - Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide.pdf
|
|
|
|
|
2023-02-03 - Threat Actors Abuse AI-Generated Youtube Videos to Spread Stealer Malware.pdf
|
|
|
|
|
2023-02-03 - UAC-0114 Group aka Winter Vivern Attack Detection- Hackers Launch Phishing Campaigns Targeting Government Entities of Ukraine and Poland.pdf
|
|
|
|
|
2023-02-05 - Analysing A Sample Of Arechclient2.pdf
|
|
|
|
|
2023-02-06 - Behind the Attack- Paradies Clipper Malware.pdf
|
|
|
|
|
2023-02-06 - Qakbot mechanizes distribution of malicious OneNote notebooks.pdf
|
|
|
|
|
2023-02-06 - Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations.pdf
|
|
|
|
|
2023-02-07 - Cl0p Ransomware Targets Linux Systems with Flawed Encryption - Decryptor Available.pdf
|
|
|
|
|
2023-02-07 - Hide your Hypervisor- Analysis of ESXiArgs Ransomware.pdf
|
|
|
|
|
2023-02-07 - Released- Decryptor for Cl0p ransomware’s Linux variant.pdf
|
|
|
|
|
2023-02-07 - The Approach of TA413 for Tibetan Targets.pdf
|
|
|
|
|
2023-02-08 - AsyncRAT- Analysing the Three Stages of Execution.pdf
|
|
|
|
|
2023-02-08 - Dota 2 Under Attack- How a V8 Bug Was Exploited in the Game.pdf
|
|
|
|
|
2023-02-08 - Earth Zhulong- Familiar Patterns Target Southeast Asian Firms.pdf
|
|
|
|
|
2023-02-08 - Graphiron- New Russian Information Stealing Malware Deployed Against Ukraine.pdf
|
|
|
|
|
2023-02-08 - Investigating Intrusions From Intriguing Exploits.pdf
|
|
|
|
|
2023-02-08 - Play Store App Serves Coper Via GitHub.pdf
|
|
|
|
|
2023-02-08 - Screentime- Sometimes It Feels Like Somebody's Watching Me.pdf
|
|
|
|
|
2023-02-08 - SteelClover Attacks Distributing Malware Via Google Ads Increased.pdf
|
|
|
|
|
2023-02-09 - Defeating VMProtect’s Latest Tricks.pdf
|
|
|
|
|
2023-02-09 - Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs.pdf
|
|
|
|
|
2023-02-09 - StopRansomware- Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities.pdf
|
|
|
|
|
2023-02-09 - Technical analysis of Godfather android malware.pdf
|
|
|
|
|
2023-02-10 - Bypassing MFA- A Forensic Look At Evilginx2 Phishing Kit.pdf
|
|
|
|
|
2023-02-10 - Malware analysis- part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware.pdf
|
|
|
|
|
2023-02-10 - ShortAndMalicious — PikaBot and the Matanbuchus connection.pdf
|
|
|
|
|
2023-02-10 - Uncle Sow- Dark Caracal in Latin America.pdf
|
|
|
|
|
2023-02-11 - AsyncRAT OneNote Dropper.pdf
|
|
|
|
|
2023-02-12 - TrueBot Analysis Part I - A short glimpse into packed TrueBot samples.pdf
|
|
|
|
|
2023-02-13 - Beepin’ Out of the Sandbox- Analyzing a New, Extremely Evasive Malware.pdf
|
|
|
|
|
2023-02-13 - Dalbit (m00nlight)- Chinese Hacker Group’s APT Attack Campaign.pdf
|
|
|
|
|
2023-02-13 - Mylobot- Investigating a proxy botnet.pdf
|
|
|
|
|
2023-02-13 - Royal Ransomware Deep Dive.pdf
|
|
|
|
|
2023-02-14 - Hangeul (HWP) malware using steganography- RedEyes (ScarCruft).pdf
|
|
|
|
|
2023-02-14 - Havoc Across the Cyberspace.pdf
|
|
|
|
|
2023-02-14 - New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated.pdf
|
|
|
|
|
2023-02-14 - Vice-Society spreads its own ransomware.pdf
|
|
|
|
|
2023-02-14 - Writing a decryptor for Jaff ransomware.pdf
|
|
|
|
|
2023-02-15 - DarkBit Ransomware Targets Israel with Command-Line Options and Optimized Encryption Routines.pdf
|
|
|
|
|
2023-02-15 - How to Identify IcedID Network Traffic.pdf
|
|
|
|
|
2023-02-15 - Paradise Ransomware Distributed Through AweSun Vulnerability Exploitation.pdf
|
|
|
|
|
2023-02-15 - Recent TZW Campaigns Revealed As Part of GlobeImposter Malware Family.pdf
|
|
|
|
|
2023-02-15 - Scandinavian Airlines hit by cyberattack, ‘Anonymous Sudan’ claims responsibility.pdf
|
|
|
|
|
2023-02-16 - APT SideCopy Targeting Indian Government Entities - Analysis of the new version of ReverseRAT.pdf
|
|
|
|
|
2023-02-16 - Fog of war- how the Ukraine conflict transformed the cyber threat landscape.pdf
|
|
|
|
|
2023-02-16 - Invitation to a Secret Event- Uncovering Earth Yako’s Campaigns.pdf
|
|
|
|
|
2023-02-16 - Mass Attack buhtiRansom - CVE-2022–47986.pdf
|
|
|
|
|
2023-02-16 - Operation Silent Watch- Desktop Surveillance in Azerbaijan and Armenia.pdf
|
|
|
|
|
2023-02-16 - Three Cases of Cyber Attacks on the Security Service of Ukraine and NATO Allies, Likely by Russian State-Sponsored Gamaredon.pdf
|
|
|
|
|
2023-02-16 - WIP26 Espionage - Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks.pdf
|
|
|
|
|
2023-02-17 - Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack.pdf
|
|
|
|
|
2023-02-18 - TrueBot Analysis Part II - Static unpacker.pdf
|
|
|
|
|
2023-02-19 - Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS.pdf
|
|
|
|
|
2023-02-20 - Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers.pdf
|
|
|
|
|
2023-02-20 - Stealc- a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1.pdf
|
|
|
|
|
2023-02-20 - Vidar Stealer H&M Campaign.pdf
|
|
|
|
|
2023-02-21 - Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers.pdf
|
|
|
|
|
2023-02-21 - Technical Analysis of Rhadamanthys Obfuscation Techniques.pdf
|
|
|
|
|
2023-02-22 - Hydrochasma- Previously Unknown Group Targets Medical and Shipping Organizations in Asia.pdf
|
|
|
|
|
2023-02-22 - New Phishing Attack Detection Attributed to the UAC-0050 and UAC-0096 Groups Spreading Remcos Spyware.pdf
|
|
|
|
|
2023-02-23 - A tale of Phobos - how we almost cracked a ransomware using CUDA.pdf
|
|
|
|
|
2023-02-23 - Berbew Backdoor Spotted In The Wild.pdf
|
|
|
|
|
2023-02-23 - Clasiopa- New Group Targets Materials Research.pdf
|
|
|
|
|
2023-02-23 - Evasive cryptojacking malware targeting macOS found lurking in pirated applications.pdf
|
|
|
|
|
2023-02-23 - Getting Dumped- A Trust Relationship Destroyed by Lorenz.pdf
|
|
|
|
|
2023-02-23 - How to detect Brute Ratel activities.pdf
|
|
|
|
|
2023-02-23 - Technical Advisory- Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966.pdf
|
|
|
|
|
2023-02-23 - The DoNot APT.pdf
|
|
|
|
|
2023-02-23 - WinorDLL64- A backdoor from the vast Lazarus arsenal-.pdf
|
|
|
|
|
2023-02-24 - A year of wiper attacks in Ukraine.pdf
|
|
|
|
|
2023-02-24 - Desde Chile con Malware (From Chile with Malware).pdf
|
|
|
|
|
2023-02-24 - Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool.pdf
|
|
|
|
|
2023-02-24 - Qbot testing malvertising campaigns-.pdf
|
|
|
|
|
2023-02-24 - Snip3 Crypter Reveals New TTPs Over Time.pdf
|
|
|
|
|
2023-02-26 - Emotet Campaign.pdf
|
|
|
|
|
2023-02-26 - PikaBot Tiny loader that seems very familiar.pdf
|
|
|
|
|
2023-02-27 - Blind Eagle Deploys Fake UUE Files and Fsociety to Target Colombia's Judiciary, Financial, Public, and Law Enforcement Entities.pdf
|
|
|
|
|
2023-02-27 - Hunting PrivateLoader- The malware behind InstallsKey PPI service.pdf
|
|
|
|
|
2023-02-27 - Lumma Stealer targets YouTubers via Spear-phishing Email.pdf
|
|
|
|
|
2023-02-27 - Stealc- a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 2.pdf
|
|
|
|
|
2023-02-27 - The increasing presence of pro-Russia hacktivists.pdf
|
|
|
|
|
2023-02-28 - Can You See It Now- An Emerging LockBit Campaign.pdf
|
|
|
|
|
2023-02-28 - Cryptocurrency Entities at Risk- Threat Actor Uses Parallax RAT for Infiltration.pdf
|
|
|
|
|
2023-02-28 - Malvertising Surges to Distribute Malware.pdf
|
|
|
|
|
2023-02-28 - SCARLETEEL- Operation leveraging Terraform, Kubernetes, and AWS for data theft.pdf
|
|
|
|
|
2023-02-28 - XLoader-FormBook- Encryption Analysis and Malware Decryption.pdf
|
|
|
|
|
2023-03-01 - BlackLotus UEFI bootkit- Myth confirmed.pdf
|
|
|
|
|
2023-03-01 - Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting.pdf
|
|
|
|
|
2023-03-01 - OneNote- A Growing Threat for Malware Distribution.pdf
|
|
|
|
|
2023-03-01 - Slippy Spider.pdf
|
|
|
|
|
2023-03-02 - Behind the Breaches- Mapping Threat Actors and Their CVE Exploits.pdf
|
|
|
|
|
2023-03-02 - MQsTTang- Mustang Panda’s latest backdoor treads new ground with Qt and MQTT.pdf
|
|
|
|
|
2023-03-02 - QakBot C2 Traffic.pdf
|
|
|
|
|
2023-03-02 - Redirection Roulette- Thousands of hijacked websites in East Asia redirecting visitors to other sites.pdf
|
|
|
|
|
2023-03-02 - StopRansomware- Royal Ransomware.pdf
|
|
|
|
|
2023-03-04 - Bumblebee DocuSign Campaign.pdf
|
|
|
|
|
2023-03-04 - KL Remota - Brazilian Malware Bank.pdf
|
|
|
|
|
2023-03-06 - Brute Ratel - Scandinavian Defence.pdf
|
|
|
|
|
2023-03-06 - Core DoppelPaymer ransomware gang members targeted in Europol operation.pdf
|
|
|
|
|
2023-03-06 - Nevada Ransomware- Yet Another Nokayawa Variant Nevada ransomware.pdf
|
|
|
|
|
2023-03-06 - Nevada Ransomware- Yet Another Nokoyawa Variant.pdf
|
|
|
|
|
2023-03-06 - New HiatusRAT Router Malware Covertly Spies On Victims.pdf
|
|
|
|
|
2023-03-06 - Private Malware for Sale- A Closer Look at AresLoader.pdf
|
|
|
|
|
2023-03-06 - Schlag gegen international agierendes Netzwerk von Cyber-Kriminellen.pdf
|
|
|
|
|
2023-03-07 - Don’t Answer That! Russia-Aligned TA499 Beleaguers Targets with Video Call Requests.pdf
|
|
|
|
|
2023-03-07 - Emotet malware attacks return after three-month break.pdf
|
|
|
|
|
2023-03-07 - Emotet Sending Malicious Emails After Three-Month Hiatus.pdf
|
|
|
|
|
2023-03-07 - Internal documents show Mexican army used spyware against civilians, set up secret military intelligence unit.pdf
|
|
|
|
|
2023-03-07 - Love scam or espionage- Transparent Tribe lures Indian and Pakistani officials.pdf
|
|
|
|
|
2023-03-07 - Pandas with a Soul- Chinese Espionage Attacks Against Southeast Asian Government Entities.pdf
|
|
|
|
|
2023-03-07 - Qakbot Evolves to OneNote Malware Distribution.pdf
|
|
|
|
|
2023-03-07 - SYS01 Stealer.pdf
|
|
|
|
|
2023-03-07 - Using Memory Analysis to Detect EDR-Nullifying Malware.pdf
|
|
|
|
|
2023-03-08 - CHM malware (Kimsuky) disguised questionnaires related to North Korea.pdf
|
|
|
|
|
2023-03-08 - GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP.pdf
|
|
|
|
|
2023-03-08 - Ransomware review- March 2023.pdf
|
|
|
|
|
2023-03-08 - Suspected Chinese Campaign to Persist on SonicWall Devices, Highlights Importance of Monitoring Edge Devices.pdf
|
|
|
|
|
2023-03-09 - A border-hopping PlugX USB worm takes its act on the road.pdf
|
|
|
|
|
2023-03-09 - BatLoader Continues to Abuse Google Search Ads to Deliver Vidar Stealer and Ursnif.pdf
|
|
|
|
|
2023-03-09 - BlackSnake Ransomware Emerges from Chaos Ransomware’s Shadow.pdf
|
|
|
|
|
2023-03-09 - COBALT ILLUSION Masquerades as Atlantic Council Employee.pdf
|
|
|
|
|
2023-03-09 - DUCKTAIL- Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection.pdf
|
|
|
|
|
2023-03-09 - IceFire Ransomware Returns - Now Targeting Linux Enterprise Networks.pdf
|
|
|
|
|
2023-03-09 - Malvertising through search engines.pdf
|
|
|
|
|
2023-03-09 - Nexus- The Latest Android Banking Trojan with SOVA Connections.pdf
|
|
|
|
|
2023-03-09 - PlugX Malware Being Distributed via Vulnerability Exploitation.pdf
|
|
|
|
|
2023-03-09 - Prometei botnet improves modules and exhibits new capabilities in recent updates.pdf
|
|
|
|
|
2023-03-09 - Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970.pdf
|
|
|
|
|
2023-03-09 - Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW.pdf
|
|
|
|
|
2023-03-09 - The Untold Story of the BlackLotus UEFI Bootkit.pdf
|
|
|
|
|
2023-03-09 - The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries.pdf
|
|
|
|
|
2023-03-10 - [Press Release] Beware of malicious code infection impersonating a national advisory organization.pdf
|
|
|
|
|
2023-03-10 - FBI and international cops catch a NetWire RAT.pdf
|
|
|
|
|
2023-03-10 - From Royal With Love.pdf
|
|
|
|
|
2023-03-10 - How Do You Like Dem Eggs- I like Mine Scrambled, Really Scrambled - A Look at Recent more_eggs Samples.pdf
|
|
|
|
|
2023-03-10 - Sophisticated APT29 Campaign Abuses Notion API to Target the European Commission.pdf
|
|
|
|
|
2023-03-10 - Xenomorph v3- a new variant with ATS targeting more than 400 institutions.pdf
|
|
|
|
|
2023-03-11 - Analyzing GuLoader.pdf
|
|
|
|
|
2023-03-12 - Makop- The Toolkit of a Criminal Gang.pdf
|
|
|
|
|
2023-03-13 - Beyond Bullets and Bombs- An Examination of Armageddon Group’s Cyber Warfare Against Ukraine.pdf
|
|
|
|
|
2023-03-13 - CatB Ransomware - File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking.pdf
|
|
|
|
|
2023-03-13 - DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit.pdf
|
|
|
|
|
2023-03-13 - Emotet Returns, Now Adopts Binary Padding for Evasion.pdf
|
|
|
|
|
2023-03-14 - Magniber ransomware actors used a variant of Microsoft SmartScreen bypass.pdf
|
|
|
|
|
2023-03-14 - NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine.pdf
|
|
|
|
|
2023-03-14 - South Korean Android Banking Menace - Fakecalls.pdf
|
|
|
|
|
2023-03-14 - Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency.pdf
|
|
|
|
|
2023-03-14 - The slow Tick‑ing time bomb- Tick APT group compromise of a DLP software developer in East Asia.pdf
|
|
|
|
|
2023-03-14 - The Zeus Trojan Malware - Definition and Prevention.pdf
|
|
|
|
|
2023-03-15 - (Ab)using Adobe Acrobat Sign to distribute malware.pdf
|
|
|
|
|
2023-03-15 - DotRunPEX - Demystifying New Virtualized .NET Injector used in the Wild.pdf
|
|
|
|
|
2023-03-15 - QBot- Laying the Foundations for Black Basta Ransomware Activity.pdf
|
|
|
|
|
2023-03-15 - SideCopy Continues to Target Indian Defense Organization.pdf
|
|
|
|
|
2023-03-15 - Unmasking MedusaLocker Ransomware.pdf
|
|
|
|
|
2023-03-16 - Bee-Ware of Trigona, An Emerging Ransomware Strain.pdf
|
|
|
|
|
2023-03-16 - CryptBot.pdf
|
|
|
|
|
2023-03-16 - FBI shuts down 11-year-old NetWire RAT malware.pdf
|
|
|
|
|
2023-03-16 - Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation.pdf
|
|
|
|
|
2023-03-16 - IPFS- A New Data Frontier or a New Cybercriminal Hideout-.pdf
|
|
|
|
|
2023-03-16 - MoqHao Part 3- Recent Global Targeting Trends.pdf
|
|
|
|
|
2023-03-16 - Peeking at Reaper’s surveillance operations.pdf
|
|
|
|
|
2023-03-16 - Winter Vivern - Uncovering a Wave of Global Espionage.pdf
|
|
|
|
|
2023-03-17 - CVE-2023-23397- Exploitations in the Wild – What You Need to Know.pdf
|
|
|
|
|
2023-03-17 - KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks.pdf
|
|
|
|
|
2023-03-17 - Kimsuky group appears to be exploiting OneNote like the cybercrime group.pdf
|
|
|
|
|
2023-03-17 - ShellBot Malware Being Distributed to Linux SSH Servers.pdf
|
|
|
|
|
2023-03-17 - Thawing the permafrost of ICEDID Summary.pdf
|
|
|
|
|
2023-03-19 - Gozi - Italian ShellCode Dance.pdf
|
|
|
|
|
2023-03-19 - ScrubCrypt - The Rebirth of Jlaive.pdf
|
|
|
|
|
2023-03-19 - Vawtrak Analysis.pdf
|
|
|
|
|
2023-03-20 - Cybergun- Technical Analysis of the Armageddon's Infostealer.pdf
|
|
|
|
|
2023-03-20 - Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking.pdf
|
|
|
|
|
2023-03-20 - IcedID’s VNC Backdoors- Dark Cat, Anubis & Keyhole.pdf
|
|
|
|
|
2023-03-20 - Move, Patch, Get Out the Way- 2022 Zero-Day Exploitation Continues at an Elevated Pace.pdf
|
|
|
|
|
2023-03-20 - NAPLISTENER- more bad dreams from developers of SIESTAGRAPH.pdf
|
|
|
|
|
2023-03-20 - When the Absence of Noise Becomes Signal- Defensive Considerations for Lazarus FudModule.pdf
|
|
|
|
|
2023-03-21 - Bad magic- new APT found in the area of Russo-Ukrainian conflict.pdf
|
|
|
|
|
2023-03-21 - BlackCat v3 Decryptor Scripts.pdf
|
|
|
|
|
2023-03-21 - Nexus- a new Android botnet-.pdf
|
|
|
|
|
2023-03-21 - The Unintentional Leak- A glimpse into the attack vectors of APT37.pdf
|
|
|
|
|
2023-03-22 - Emotet Resumes Spam Operations, Switches to OneNote.pdf
|
|
|
|
|
2023-03-22 - New loader on the bloc - AresLoader.pdf
|
|
|
|
|
2023-03-22 - The 5x5—Conflict in Ukraine’s information environment.pdf
|
|
|
|
|
2023-03-22 - We (Did!) Start the Fire- Hacktivists Increasingly Claim Targeting of OT Systems.pdf
|
|
|
|
|
2023-03-23 - Emerging Threats- AgentTesla – A Review and Detection Strategies.pdf
|
|
|
|
|
2023-03-23 - Kimsuky group distributes malware disguised as a profile file (GitHub).pdf
|
|
|
|
|
2023-03-23 - Operation Tainted Love - Chinese APTs Target Telcos in New Attacks.pdf
|
|
|
|
|
2023-03-23 - Scarcruft Bolsters Arsenal for targeting individual Android devices.pdf
|
|
|
|
|
2023-03-23 - UNC961 in the Multiverse of Mandiant- Three Encounters with a Financially Motivated Threat Actor.pdf
|
|
|
|
|
2023-03-24 - APT attacks on industrial organizations in H2 2022.pdf
|
|
|
|
|
2023-03-24 - Aurora- The Dark Dawn and its Menacing Effects.pdf
|
|
|
|
|
2023-03-24 - Bypassing Qakbot Anti-Analysis.pdf
|
|
|
|
|
2023-03-24 - Guidance for investigating attacks using CVE-2023-23397.pdf
|
|
|
|
|
2023-03-25 - [QuickNote] Decrypting the C2 configuration of Warzone RAT.pdf
|
|
|
|
|
2023-03-26 - Updates from the MaaS- new threats delivered through NullMixer.pdf
|
|
|
|
|
2023-03-27 - AsyncRAT Crusade- Detections and Defense.pdf
|
|
|
|
|
2023-03-27 - DBatLoader- Actively Distributing Malwares Targeting European Businesses.pdf
|
|
|
|
|
2023-03-27 - Fork in the Ice- The New Era of IcedID.pdf
|
|
|
|
|
2023-03-27 - REF2924- how to maintain persistence as an (advanced-) threat.pdf
|
|
|
|
|
2023-03-27 - Rhadamanthys- The “Everything Bagel” Infostealer.pdf
|
|
|
|
|
2023-03-28 - APT43- North Korean Group Uses Cybercrime to Fund Espionage Operations.pdf
|
|
|
|
|
2023-03-28 - Chinotto Backdoor Technical Analysis of the APT Reaper’s Powerful Weapon.pdf
|
|
|
|
|
2023-03-28 - LimeRAT Malware Analysis- Extracting the Config.pdf
|
|
|
|
|
2023-03-28 - Mélofée- a new alien malware in the Panda's toolset targeting Linux hosts.pdf
|
|
|
|
|
2023-03-28 - Reversing Complex PowerShell Malware.pdf
|
|
|
|
|
2023-03-28 - Tofsee Botnet- Proxying and Mining.pdf
|
|
|
|
|
2023-03-29 - BumbleBee notes.pdf
|
|
|
|
|
2023-03-29 - CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers.pdf
|
|
|
|
|
2023-03-29 - DuckTail- Dissecting a complex infection chain started from social engineering.pdf
|
|
|
|
|
2023-03-29 - Ironing out (the macOS details) of a Smooth Operator.pdf
|
|
|
|
|
2023-03-29 - New OpcJacker Malware Distributed via Fake VPN Malvertising.pdf
|
|
|
|
|
2023-03-29 - SmoothOperator - Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack.pdf
|
|
|
|
|
2023-03-29 - Spyware vendors use 0-days and n-days against popular platforms.pdf
|
|
|
|
|
2023-03-29 -- SITUATIONAL AWARENESS -- CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers.pdf
|
|
|
|
|
2023-03-30 - 3CX Desktop App Compromised (CVE-2023-29059).pdf
|
|
|
|
|
2023-03-30 - 3CX Supply Chain Attack.pdf
|
|
|
|
|
2023-03-30 - 3CX Supply Chain Compromise Leads to ICONIC Incident.pdf
|
|
|
|
|
2023-03-30 - 3CX VoIP Software Compromise & Supply Chain Threats.pdf
|
|
|
|
|
2023-03-30 - 3CX- Supply Chain Attack Affects Thousands of Users Worldwide.pdf
|
|
|
|
|
2023-03-30 - Backdoored 3CXDesktopApp Installer Used in Active Threat Campaign.pdf
|
|
|
|
|
2023-03-30 - Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan.pdf
|
|
|
|
|
2023-03-30 - Developing Story- Information on Attacks Involving 3CX Desktop App.pdf
|
|
|
|
|
2023-03-30 - Elastic users protected from SUDDENICON’s supply chain attack.pdf
|
|
|
|
|
2023-03-30 - eSentire Threat Intelligence Malware Analysis- BatLoader.pdf
|
|
|
|
|
2023-03-30 - Exploitation is a Dish Best Served Cold- Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe.pdf
|
|
|
|
|
2023-03-30 - Forensic Triage of a Windows System running the Backdoored 3CX Desktop App.pdf
|
|
|
|
|
2023-03-30 - From Innocence to Malice- The OneNote Malware Campaign Uncovered.pdf
|
|
|
|
|
2023-03-30 - GoatRAT Attacks Automated Payment Systems.pdf
|
|
|
|
|
2023-03-30 - Magniber ransomware analysis- Tiny Tracer in action.pdf
|
|
|
|
|
2023-03-30 - TAG Bulletin- Q1 2023.pdf
|
|
|
|
|
2023-03-30 - Technical Analysis of Xloader’s Code Obfuscation in Version 4.3.pdf
|
|
|
|
|
2023-03-30 - X-Force Prevents Zero Day from Going Anywhere.pdf
|
|
|
|
|
2023-03-31 - 3CX Supply Chain Attack Campaign Campaign Analysis.pdf
|
|
|
|
|
2023-03-31 - A Comprehensive Analysis of the 3CX Attack.pdf
|
|
|
|
|
2023-03-31 - Initial Implants and Network Analysis Suggest the 3CX Supply Chain Operation Goes Back to Fall 2022.pdf
|
|
|
|
|
2023-03-31 - Moqhao masters new tricks.pdf
|
|
|
|
|
2023-03-31 - Red flags flew over software supply chain-compromised 3CX update.pdf
|
|
|
|
|
2023-03-31 - Splunk Insights- Investigating the 3CXDesktopApp Supply Chain Compromise.pdf
|
|
|
|
|
2023-03-31 - TrueBot Analysis Part III - Capabilities.pdf
|
|
|
|
|
2023-04-01 - Ironing out (the macOS) details of a Smooth Operator (Part II).pdf
|
|
|
|
|
2023-04-01 - SmoothOperator.pdf
|
|
|
|
|
2023-04-02 - AresLoader Taking a closer look at this new loader.pdf
|
|
|
|
|
2023-04-03 - A Royal Analysis of Royal Ransom.pdf
|
|
|
|
|
2023-04-03 - ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access.pdf
|
|
|
|
|
2023-04-03 - Not just an infostealer- Gopuram backdoor deployed through 3CX supply chain attack.pdf
|
|
|
|
|
2023-04-04 - A Blog with NoName.pdf
|
|
|
|
|
2023-04-04 - Mantis- New Tooling Used in Attacks Against Palestinian Targets.pdf
|
|
|
|
|
2023-04-04 - Rorschach – A New Sophisticated and Fast Ransomware.pdf
|
|
|
|
|
2023-04-04 - Typhon Reborn V2- Updated stealer features enhanced anti-analysis and evasion capabilities.pdf
|
|
|
|
|
2023-04-05 - Automating Qakbot Decode At Scale.pdf
|
|
|
|
|
2023-04-05 - Everything you need to know about the LummaC2 Stealer- Leveraging IDA Python and Unicorn to deobfuscate Windows API Hashing.pdf
|
|
|
|
|
2023-04-05 - How we’re protecting users from government-backed attacks from North Korea.pdf
|
|
|
|
|
2023-04-06 - Neutralizing Tofsee Spambot – Part 1 - Binary file vaccine.pdf
|
|
|
|
|
2023-04-06 - Neutralizing Tofsee Spambot – Part 2 - InMemoryConfig store vaccine.pdf
|
|
|
|
|
2023-04-06 - Neutralizing Tofsee Spambot – Part 3 - Network-based kill switch.pdf
|
|
|
|
|
2023-04-06 - PhotoLoader ICEDID.pdf
|
|
|
|
|
2023-04-07 - Attack chain leads to XWORM and AGENTTESLA.pdf
|
|
|
|
|
2023-04-07 - MERCURY and DEV-1084- Destructive attack on hybrid environment.pdf
|
|
|
|
|
2023-04-08 - [QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam.pdf
|
|
|
|
|
2023-04-08 - Dcrat - Manual De-obfuscation of .NET Malware.pdf
|
|
|
|
|
2023-04-09 - LummaC2 BreakDown.pdf
|
|
|
|
|
2023-04-10 - March 2023’s Most Wanted Malware- New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files.pdf
|
|
|
|
|
2023-04-10 - Redline Stealer - Static Analysis and C2 Extraction.pdf
|
|
|
|
|
2023-04-11 - BumbleBee hunting with a Velociraptor.pdf
|
|
|
|
|
2023-04-11 - DEV-0196- QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia.pdf
|
|
|
|
|
2023-04-11 - Guidance for investigating attacks using CVE-2022-21894- The BlackLotus campaign.pdf
|
|
|
|
|
2023-04-11 - Sweet QuaDreams- A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers.pdf
|
|
|
|
|
2023-04-12 - Following the Lazarus group by tracking DeathNote campaign.pdf
|
|
|
|
|
2023-04-12 - Lazarus DeathNote campaign.pdf
|
|
|
|
|
2023-04-12 - Maximizing Threat Detections of Qakbot with Osquery.pdf
|
|
|
|
|
2023-04-12 - Recent IcedID (Bokbot) activity.pdf
|
|
|
|
|
2023-04-12 - XMRig is one of the most widespread malicious miners, that exploits hardware to mine Monero.pdf
|
|
|
|
|
2023-04-13 - Aurora Stealer deep dive Analysis.pdf
|
|
|
|
|
2023-04-13 - CERT Polska and SKW warn against the activities of Russian spies.pdf
|
|
|
|
|
2023-04-13 - Chameleon- A New Android Malware Spotted In The Wild.pdf
|
|
|
|
|
2023-04-13 - Continuing our work to hold cybercriminal ecosystems accountable.pdf
|
|
|
|
|
2023-04-13 - Detecting QakBot- WSF attachments, OneNote files, and generic attack surface reduction.pdf
|
|
|
|
|
2023-04-13 - Espionage campaign linked to Russian intelligence services.pdf
|
|
|
|
|
2023-04-13 - Money Ransomware- The Latest Double Extortion Group.pdf
|
|
|
|
|
2023-04-13 - Quasar Chaos- Open Source Ransomware Meets Open Source RAT.pdf
|
|
|
|
|
2023-04-13 - Read The Manual Locker- A Private RaaS Provider.pdf
|
|
|
|
|
2023-04-13 - The (Not so) Secret War on Discord.pdf
|
|
|
|
|
2023-04-13 - Threat actors strive to cause Tax Day headaches.pdf
|
|
|
|
|
2023-04-14 - Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor.pdf
|
|
|
|
|
2023-04-14 - Lockbit changes color.pdf
|
|
|
|
|
2023-04-14 - PlutoCrypt - A CryptoJoker Ransomware Variant.pdf
|
|
|
|
|
2023-04-15 - Dissecting Npm Malware- Five Packages And Their Evil Install Scripts.pdf
|
|
|
|
|
2023-04-16 - XORStringsNet.pdf
|
|
|
|
|
2023-04-17 - 8220 Gang Uses Log4Shell Vulnerability to Install CoinMiner.pdf
|
|
|
|
|
2023-04-17 - An in-depth look at the Golang Windows calls.pdf
|
|
|
|
|
2023-04-17 - Butting Heads with a Threat Actor on an Engagement.pdf
|
|
|
|
|
2023-04-17 - Noname057(16) Attack Tracker.pdf
|
|
|
|
|
2023-04-17 - Trigona Ransomware Attacking MS-SQL Servers.pdf
|
|
|
|
|
2023-04-18 - An Analysis of the BabLock (aka Rorschach) Ransomware (IoCs).pdf
|
|
|
|
|
2023-04-18 - An Analysis of the BabLock (aka Rorschach) Ransomware.pdf
|
|
|
|
|
2023-04-18 - Automating Qakbot Detection at Scale With Velociraptor.pdf
|
|
|
|
|
2023-04-18 - DDosia Project- How NoName057(16) is trying to improve the efficiency of DDoS attacks.pdf
|
|
|
|
|
2023-04-18 - Giving a Face to the Malware Proxy Service ‘Faceless’.pdf
|
|
|
|
|
2023-04-18 - How Microsoft names threat actors.pdf
|
|
|
|
|
2023-04-18 - Introducing DevOpt- A Multifunctional Backdoor Arsenal.pdf
|
|
|
|
|
2023-04-18 - M-Trends 2023.pdf
|
|
|
|
|
2023-04-18 - Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets.pdf
|
|
|
|
|
2023-04-18 - PrivateLoader- Analyzing the Encryption and Decryption of a Modern Loader.pdf
|
|
|
|
|
2023-04-18 - Raspberry Robin- Anti-Evasion How-To & Exploit Analysis.pdf
|
|
|
|
|
2023-04-18 - State-sponsored campaigns target global network infrastructure.pdf
|
|
|
|
|
2023-04-18 - Triple Threat- NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains.pdf
|
|
|
|
|
2023-04-18 - U.S. Citizens and Russian Intelligence Officers Charged with Conspiring to Use U.S. Citizens as Illegal Agents of the Russian Government.pdf
|
|
|
|
|
2023-04-18 - What Makes Invalid Printer Loader So Stealthy-.pdf
|
|
|
|
|
2023-04-19 - A new group of Shadow ransomware attacks large industrial enterprises in Russia.pdf
|
|
|
|
|
2023-04-19 - AllaKore(d) the SideCopy Train.pdf
|
|
|
|
|
2023-04-19 - March 2023 broke ransomware attack records with 459 incidents.pdf
|
|
|
|
|
2023-04-19 - Play Ransomware Group Using New Custom Data-Gathering Tools.pdf
|
|
|
|
|
2023-04-19 - Rorschach Ransomware Analysis with Attack Flow.pdf
|
|
|
|
|
2023-04-19 - Ukraine remains Russia’s biggest cyber focus in 2023.pdf
|
|
|
|
|
2023-04-19 - ‘AuKill’ EDR killer malware abuses Process Explorer driver.pdf
|
|
|
|
|
2023-04-20 - 3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible.pdf
|
|
|
|
|
2023-04-20 - An analysis of syscall usage in Cobalt Strike Beacons.pdf
|
|
|
|
|
2023-04-20 - Bumblebee Malware Distributed Via Trojanized Installer Downloads.pdf
|
|
|
|
|
2023-04-20 - CryptNET Ransomware.pdf
|
|
|
|
|
2023-04-20 - DAAM Android Botnet being distributed through Trojanized Applications.pdf
|
|
|
|
|
2023-04-20 - Daggerfly- APT Actor Targets Telecoms Company in Africa.pdf
|
|
|
|
|
2023-04-20 - EvilExtractor – All-in-One Stealer.pdf
|
|
|
|
|
2023-04-20 - Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack.pdf
|
|
|
|
|
2023-04-20 - New OCX HARVESTER Attack Campaign Leverages a Modernized More_eggs Suite to Target Victims.pdf
|
|
|
|
|
2023-04-20 - PichichiH0ll0wer - New Process hollowing loader.pdf
|
|
|
|
|
2023-04-20 - Security Update Thursday 20 April 2023 – Initial Intrusion Vector Found.pdf
|
|
|
|
|
2023-04-20 - Uncovering nation state watering hole credential harvesting campaigns targeting human rights activists by APT threat group UCID902.pdf
|
|
|
|
|
2023-04-20 - Xiaoqiying-Genesis Day Threat Actor Group Targets South Korea, Taiwan.pdf
|
|
|
|
|
2023-04-21 - BlueNoroff APT group targets macOS with ‘RustBucket’ Malware.pdf
|
|
|
|
|
2023-04-21 - MuddyWaters back with DarkBit.pdf
|
|
|
|
|
2023-04-21 - X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe.pdf
|
|
|
|
|
2023-04-23 - exposing the internals of Aurora Stealer Builder.pdf
|
|
|
|
|
2023-04-23 - in2al5dp3in4er Loader.pdf
|
|
|
|
|
2023-04-24 - Detecting and decrypting Sliver C2 – a threat hunter’s guide.pdf
|
|
|
|
|
2023-04-24 - Open-Source Gh0st RAT Still Haunting Inboxes 15 Years After Release.pdf
|
|
|
|
|
2023-04-24 - Tomiris called, they want their Turla malware back.pdf
|
|
|
|
|
2023-04-24 - U.S. Sanctions 3 North Koreans for Supporting Hacking Group Known for Crypto Thefts.pdf
|
|
|
|
|
2023-04-24 - ViperSoftX Updates Encryption, Steals Data.pdf
|
|
|
|
|
2023-04-25 - Elastic Security Labs discovers the LOBSHOT malware.pdf
|
|
|
|
|
2023-04-26 - Chinese Alloy Taurus Updates PingPull Malware.pdf
|
|
|
|
|
2023-04-26 - Chinese hackers use new Linux malware variants for espionage.pdf
|
|
|
|
|
2023-04-26 - Evasive Panda APT group delivers malware via updates for popular Chinese software.pdf
|
|
|
|
|
2023-04-26 - EvilExtractor Network Forensics.pdf
|
|
|
|
|
2023-04-26 - Gootloader Unloaded- Researchers Launch Multi-Pronged Offensive Against Gootloader, Cutting Off Traffic to Thousands of Gootloader Web Pages and Using the Operator’s Very Own Tactics to Protect End-Users.pdf
|
|
|
|
|
2023-04-26 - RokRAT Malware Distributed Through LNK Files (.lnk)- RedEyes (ScarCruft).pdf
|
|
|
|
|
2023-04-26 - RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture.pdf
|
|
|
|
|
2023-04-26 - Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram.pdf
|
|
|
|
|
2023-04-26 - Unpacking BellaCiao- A Closer Look at Iran’s Latest Malware.pdf
|
|
|
|
|
2023-04-27 - CatB Ransomware- A New Threat Exploiting DLL Side-Loading.pdf
|
|
|
|
|
2023-04-27 - Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities- BouldSpy.pdf
|
|
|
|
|
2023-04-27 - The Week in Security- A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries.pdf
|
|
|
|
|
2023-04-28 - Beyond Banking- IcedID Gets Forked.pdf
|
|
|
|
|
2023-04-28 - Rapture, a Ransomware Family With Similarities to Paradise.pdf
|
|
|
|
|
2023-04-28 - Unleashing the Power of Shimcache with Chainsaw.pdf
|
|
|
|
|
2023-05-01 - Attack trends related to the attack campaign DangerousPassword.pdf
|
|
|
|
|
2023-05-01 - Chain Reaction- RokRAT's Missing Link.pdf
|
|
|
|
|
2023-05-01 - RTM Locker ransomware targets VMware ESXi servers.pdf
|
|
|
|
|
2023-05-02 - Attack on Security Titans- Earth Longzhi Returns With New Tricks.pdf
|
|
|
|
|
2023-05-02 - IcedID Malware- Traversing Through its Various Incarnations.pdf
|
|
|
|
|
2023-05-02 - Transparent Tribe APT actively lures Indian Army amidst increased targeting of Educational Institutions.pdf
|
|
|
|
|
2023-05-03 - Meta’s Adversarial Threat Report, First Quarter 2023.pdf
|
|
|
|
|
2023-05-03 - New Mustang Panda’s campaing against Australia.pdf
|
|
|
|
|
2023-05-03 - RecordBreaker Stealer Distributed via Hacked YouTube Accounts.pdf
|
|
|
|
|
2023-05-03 - Teasing the Secrets From Threat Actors- Malware Configuration Parsing at Scale.pdf
|
|
|
|
|
2023-05-03 - UnpacMe Weekly- New Version of IcedId Loader.pdf
|
|
|
|
|
2023-05-04 - Eastern Asian Android Assault - FluHorse.pdf
|
|
|
|
|
2023-05-04 - Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign.pdf
|
|
|
|
|
2023-05-04 - Not quite an Easter egg- a new family of Trojan subscribers on Google Play.pdf
|
|
|
|
|
2023-05-04 - Sandworm Attackers Use WinRAR to Wipe Data from Government Devices.pdf
|
|
|
|
|
2023-05-04 - Unpacking ICEDID.pdf
|
|
|
|
|
2023-05-05 - Deep Dive Into PIPEDREAM’s OPC UA Module, MOUSEHOLE.pdf
|
|
|
|
|
2023-05-05 - Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites.pdf
|
|
|
|
|
2023-05-05 - Stealc- A new stealer emerges in 2023.pdf
|
|
|
|
|
2023-05-07 - StrelaStealer Under the radar email credential stealer in development.pdf
|
|
|
|
|
2023-05-08 - Extracting DDosia targets from process memory.pdf
|
|
|
|
|
2023-05-08 - Malware analysis report- WinDealer (LuoYu Threat Group).pdf
|
|
|
|
|
2023-05-08 - SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey.pdf
|
|
|
|
|
2023-05-09 - Advanced Cyberchef Tips - AsyncRAT Loader.pdf
|
|
|
|
|
2023-05-09 - Akira Ransomware is “bringin’ 1988 back”.pdf
|
|
|
|
|
2023-05-09 - eSentire Threat Intelligence Malware Analysis- Vidar Stealer.pdf
|
|
|
|
|
2023-05-09 - Hunting Russian Intelligence “Snake” Malware.pdf
|
|
|
|
|
2023-05-09 - Managed XDR Investigation of Ducktail in Trend Micro Vision One.pdf
|
|
|
|
|
2023-05-09 - MetaStealer string decryption and DGA overview.pdf
|
|
|
|
|
2023-05-09 - Threat Assessment- Royal Ransomware.pdf
|
|
|
|
|
2023-05-10 - BPFDoor Malware Evolves – Stealthy Sniffing Backdoor Ups Its Game.pdf
|
|
|
|
|
2023-05-10 - Deconstructing a Cybersecurity Event.pdf
|
|
|
|
|
2023-05-10 - Hunting for Ursnif.pdf
|
|
|
|
|
2023-05-10 - spynote.pdf
|
|
|
|
|
2023-05-10 - Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020.pdf
|
|
|
|
|
2023-05-11 - Malware development trick - part 28- Dump lsass.exe. Simple C++ example..pdf
|
|
|
|
|
2023-05-11 - Malware development trick - part 28- Dump lsass.exe. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-05-11 - Stealthier version of Linux BPFDoor malware spotted in the wild.pdf
|
|
|
|
|
2023-05-12 - BlackSuit Ransomware Strikes Windows and Linux Users.pdf
|
|
|
|
|
2023-05-12 - Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups.pdf
|
|
|
|
|
2023-05-12 - Ongoing MEME4CHAN Attack-Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads.pdf
|
|
|
|
|
2023-05-13 - Mallox affiliate leverages PureCrypter in MS-SQL exploitation campaigns.pdf
|
|
|
|
|
2023-05-14 - Fun with the new bpfdoor (2023).pdf
|
|
|
|
|
2023-05-14 - Silent Echoes- The Hidden Dialogue among Malware Entities — Spotlight on AMOS InfoStealer.pdf
|
|
|
|
|
2023-05-15 - Botnet Fenix - New botnet going after tax payers in Mexico and Chile.pdf
|
|
|
|
|
2023-05-15 - Hypervisor Jackpotting, Part 3- Lack of Antivirus Support Opens the Door to Adversary Attacks.pdf
|
|
|
|
|
2023-05-15 - Lancefly- Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors.pdf
|
|
|
|
|
2023-05-15 - LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea.pdf
|
|
|
|
|
2023-05-15 - Quasar Rat Analysis - Identification of 64 Quasar Servers Using Shodan and Censys.pdf
|
|
|
|
|
2023-05-16 - 8220 Gang Evolves With New Strategies.pdf
|
|
|
|
|
2023-05-16 - OilAlpha- A Likely Pro-Houthi Group Targeting Entities Across the Arabian Peninsula.pdf
|
|
|
|
|
2023-05-16 - Russian Hacker “Wazawaka” Indicted for Ransomware.pdf
|
|
|
|
|
2023-05-16 - The Dragon Who Sold his Camaro- Analyzing a Custom Router Implant.pdf
|
|
|
|
|
2023-05-16 - The Growing Threat from Infostealers.pdf
|
|
|
|
|
2023-05-17 - Andariel’s “Jupiter” malware and the case of the curious C2.pdf
|
|
|
|
|
2023-05-17 - APT28 leverages multiple phishing techniques to target Ukrainian civil society.pdf
|
|
|
|
|
2023-05-17 - Deobfuscating the Latest GuLoader- Automating Analysis with Ghidra Scripting.pdf
|
|
|
|
|
2023-05-17 - Detailed Analysis of AlphaSeed, a new version of Kimsuky’s AppleSeed written in Golang.pdf
|
|
|
|
|
2023-05-17 - Identifying the Nexus of Scaled Ad Fraud.pdf
|
|
|
|
|
2023-05-17 - Visualizing QakBot Infrastructure.pdf
|
|
|
|
|
2023-05-18 - How Hackers Use Binary Padding to Outsmart Sandboxes and Infiltrate Your Systems.pdf
|
|
|
|
|
2023-05-18 - Identifying Laplas Infrastructure Using Shodan and Censys.pdf
|
|
|
|
|
2023-05-18 - Looking Closer at BPF Bytecode in BPFDoor.pdf
|
|
|
|
|
2023-05-18 - SparkRAT Being Distributed Within a Korean VPN Installer.pdf
|
|
|
|
|
2023-05-18 - Zimperium’s MTD Against OilAlpha- A Comprehensive Defense Strategy.pdf
|
|
|
|
|
2023-05-19 - Analysis of Amadey Bot Infrastructure Using Shodan.pdf
|
|
|
|
|
2023-05-19 - CloudWizard APT- the bad magic story goes on.pdf
|
|
|
|
|
2023-05-19 - Malware source code investigation- AsyncRAT.pdf
|
|
|
|
|
2023-05-19 - Rust-Based Info Stealers Abuse GitHub Codespaces.pdf
|
|
|
|
|
2023-05-20 - Kraken - The Deep Sea Lurker Part 1.pdf
|
|
|
|
|
2023-05-20 - Peachtree Orthopedics alerts patients to cyberattack; third patient data breach in seven years.pdf
|
|
|
|
|
2023-05-21 - PCAPeek.pdf
|
|
|
|
|
2023-05-22 - [Case study] Decrypt strings using Dumpulator.pdf
|
|
|
|
|
2023-05-22 - Back in Black- BlackByte Ransomware returns with its New Technology (NT) version.pdf
|
|
|
|
|
2023-05-22 - BlackCat Ransomware Deploys New Signed Kernel Driver.pdf
|
|
|
|
|
2023-05-22 - Bluenoroff’s RustBucket campaign.pdf
|
|
|
|
|
2023-05-22 - Cloud-based Malware Delivery- The Evolution of GuLoader.pdf
|
|
|
|
|
2023-05-22 - IcedID Macro Ends in Nokoyawa Ransomware.pdf
|
|
|
|
|
2023-05-22 - Kimsuky Group Using Meterpreter to Attack Web Servers.pdf
|
|
|
|
|
2023-05-22 - The Hunt for VENOM SPIDER PART 2.pdf
|
|
|
|
|
2023-05-23 - Android app breaking bad- From legitimate screen recording to file exfiltration within a year.pdf
|
|
|
|
|
2023-05-23 - DarkCloud Infostealer Being Distributed via Spam Emails.pdf
|
|
|
|
|
2023-05-23 - Kimsuky - Ongoing Campaign Using Tailored Reconnaissance Toolkit.pdf
|
|
|
|
|
2023-05-23 - Meet the GoldenJackal APT group. Don’t expect any howls.pdf
|
|
|
|
|
2023-05-23 - Scratching the Surface of Rhysida Ransomware.pdf
|
|
|
|
|
2023-05-23 - Taming the Storm- Understanding and Mitigating the Consequences of CVE-2023-27350.pdf
|
|
|
|
|
2023-05-23 - Technical analysis and considerations on Strela malware.pdf
|
|
|
|
|
2023-05-24 - AA23-144a- People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection.pdf
|
|
|
|
|
2023-05-24 - Agrius Deploys MoneyBird in Targeted Attacks against Israeli Organizations.pdf
|
|
|
|
|
2023-05-24 - Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations.pdf
|
|
|
|
|
2023-05-24 - CryptoClippy is Evolving to Pilfer Even More Financial Data.pdf
|
|
|
|
|
2023-05-24 - Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023.pdf
|
|
|
|
|
2023-05-24 - Technical Analysis of Pikabot.pdf
|
|
|
|
|
2023-05-24 - Unmasking Ransomware Using Stylometric Analysis- Shadow, 8BASE, Rancoz.pdf
|
|
|
|
|
2023-05-24 - Volt Typhoon targets US critical infrastructure with living-off-the-land techniques.pdf
|
|
|
|
|
2023-05-25 - COSMICENERGY- New OT Malware Possibly Related To Russian Emergency Response Exercises.pdf
|
|
|
|
|
2023-05-25 - Invicta Stealer Spreading Through Phony GoDaddy Refund Invoices.pdf
|
|
|
|
|
2023-05-25 - New tricks of APT29 – update on the CERT.PL report.pdf
|
|
|
|
|
2023-05-26 - Kraken - The Deep Sea Lurker Part 2.pdf
|
|
|
|
|
2023-05-26 - Malware development trick - part 30- Find PID via NtGetNextProcess. Simple CPlusPlus example.pdf
|
|
|
|
|
2023-05-26 - Moneybird Ransomware.pdf
|
|
|
|
|
2023-05-26 - New Info Stealer Bandit Stealer Targets Browsers, Wallets.pdf
|
|
|
|
|
2023-05-26 - Threat Brief- Attacks on Critical Infrastructure Attributed to Insidious Taurus (aka Volt Typhoon).pdf
|
|
|
|
|
2023-05-29 - GobRAT malware written in Go language targeting Linux routers.pdf
|
|
|
|
|
2023-05-30 - BlackCat (ALPHV) ransomware levels up for stealth, speed and exfiltration.pdf
|
|
|
|
|
2023-05-30 - Cold as Ice- Answers to Unit 42 Wireshark Quiz for IcedID.pdf
|
|
|
|
|
2023-05-30 - Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals.pdf
|
|
|
|
|
2023-05-31 - Investigating BlackSuit Ransomware’s Similarities to Royal.pdf
|
|
|
|
|
2023-06-01 - Encrypted Chaos- Analysis of Crytox Ransomware.pdf
|
|
|
|
|
2023-06-01 - Operation Triangulation- iOS devices targeted with previously unknown malware.pdf
|
|
|
|
|
2023-06-01 - Qakbot- Retool, Reinfect, Recycle.pdf
|
|
|
|
|
2023-06-02 - Malware analysis report- SNOWYAMBER (+APT29 related malwares).pdf
|
|
|
|
|
2023-06-02 - Malware analysis report- SNOWYAMBER (And APT29 related malwares).pdf
|
|
|
|
|
2023-06-02 - Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft.pdf
|
|
|
|
|
2023-06-03 - Technical Analysis of Bandit Stealer.pdf
|
|
|
|
|
2023-06-04 - Malware development trick - part 31- Run shellcode via SetTimer. Simple C++ example..pdf
|
|
|
|
|
2023-06-04 - Malware development trick - part 31- Run shellcode via SetTimer. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-06-05 - 30 DAYS OF FORMBOOK- DAY 1, MONDAY 2023-06-05.pdf
|
|
|
|
|
2023-06-05 - Iran Cyber Threat Overview.pdf
|
|
|
|
|
2023-06-05 - Satacom delivers browser extension that steals cryptocurrency.pdf
|
|
|
|
|
2023-06-06 - ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK).pdf
|
|
|
|
|
2023-06-06 - Kimsuky Strikes Again- New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence.pdf
|
|
|
|
|
2023-06-06 - RedLine Technical Analysis Report.pdf
|
|
|
|
|
2023-06-06 - Xollam, the Latest Face of TargetCompany.pdf
|
|
|
|
|
2023-06-07 - Analysis and Reversing of srvnet2.sys.pdf
|
|
|
|
|
2023-06-07 - Malware development trick - part 32. Syscalls - part 1. Simple C++ example..pdf
|
|
|
|
|
2023-06-07 - Malware development trick - part 32. Syscalls - part 1. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-06-08 - Detecting and mitigating a multi-stage AiTM phishing and BEC campaign.pdf
|
|
|
|
|
2023-06-08 - DynamicRAT — A full-fledged Java Rat.pdf
|
|
|
|
|
2023-06-08 - Lazarus Group exploiting vulnerabilities in domestic financial security solutions.pdf
|
|
|
|
|
2023-06-08 - Practical Queries for Identifying Malware Infrastructure- An informal page for storing Censys-Shodan queries.pdf
|
|
|
|
|
2023-06-08 - Stealth Soldier Backdoor Used in Targeted Espionage Attacks in North Africa.pdf
|
|
|
|
|
2023-06-09 - Elastic charms SPECTRALVIPER.pdf
|
|
|
|
|
2023-06-09 - Malware development trick - part 33. Syscalls - part 2. Simple C++ example..pdf
|
|
|
|
|
2023-06-09 - Malware development trick - part 33. Syscalls - part 2. Simple CPluPlus example..pdf
|
|
|
|
|
2023-06-09 - SmashJacker (ChromeLoader variant).pdf
|
|
|
|
|
2023-06-10 - IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment.pdf
|
|
|
|
|
2023-06-12 - A Truly Graceful Wipe Out.pdf
|
|
|
|
|
2023-06-12 - About PowerHarbor, a new malware used by SteelClover.pdf
|
|
|
|
|
2023-06-12 - Deep dive into the Pikabot cyber threat.pdf
|
|
|
|
|
2023-06-12 - Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency.pdf
|
|
|
|
|
2023-06-13 - Core Werewolf targets the defense industry and critical infrastructure.pdf
|
|
|
|
|
2023-06-13 - ICS attack classifications- differentiating between cyberwarfare, cyberterrorism, and hacktivism.pdf
|
|
|
|
|
2023-06-13 - VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886).pdf
|
|
|
|
|
2023-06-13 - VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors.pdf
|
|
|
|
|
2023-06-14 - Cadet Blizzard emerges as a novel and distinct Russian threat actor.pdf
|
|
|
|
|
2023-06-14 - Fake Security Researcher GitHub Repositories Deliver Malicious Implant.pdf
|
|
|
|
|
2023-06-14 - Picus Cyber Threat Intelligence Report May 2023- Top 10 MITRE ATT&CK Techniques.pdf
|
|
|
|
|
2023-06-15 - Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China.pdf
|
|
|
|
|
2023-06-15 - Darth Vidar- The Aesir Strike Back.pdf
|
|
|
|
|
2023-06-15 - Double Action, Triple Infection, and a New RAT- SideCopy’s Persistent Targeting of Indian Defence.pdf
|
|
|
|
|
2023-06-15 - eSentire Threat Intelligence Malware Analysis- Resident Campaign.pdf
|
|
|
|
|
2023-06-15 - Malware analysis report- Babuk ransomware.pdf
|
|
|
|
|
2023-06-15 - Mystic Stealer- The New Kid on the Block.pdf
|
|
|
|
|
2023-06-15 - Resident Campaign.pdf
|
|
|
|
|
2023-06-15 - Shuckworm- Inside Russia’s Relentless Cyber Campaign Against Ukraine.pdf
|
|
|
|
|
2023-06-15 - Tracking Diicot- an emerging Romanian threat actor.pdf
|
|
|
|
|
2023-06-16 - PicassoLoader and Cobalt Strike Beacon Detection- UAC-0057 aka GhostWriter Hacking Group Attacks the Ukrainian Leading Military Educational Institution.pdf
|
|
|
|
|
2023-06-16 - Through the Cortex XDR Lens- Uncovering a New Activity Group Targeting Governments in the Middle East and Africa.pdf
|
|
|
|
|
2023-06-19 - Malware AV-VM evasion - part 17- bypass UAC via fodhelper.exe. Simple C++ example..pdf
|
|
|
|
|
2023-06-19 - Malware AV-VM evasion - part 17- bypass UAC via fodhelper.exe. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-06-20 - BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities.pdf
|
|
|
|
|
2023-06-20 - Cyber Shadows Pact- Darknet Parliament (KillNet, Anonymous Sudan, REvil).pdf
|
|
|
|
|
2023-06-20 - Tsunami DDoS Malware Distributed to Linux SSH Servers.pdf
|
|
|
|
|
2023-06-21 - Dissecting TriangleDB, a Triangulation spyware implant.pdf
|
|
|
|
|
2023-06-21 - Fortinet Reverses Flutter-based Android Malware “Fluhorse”.pdf
|
|
|
|
|
2023-06-21 - Graphican- Flea Uses New Backdoor in Attacks Targeting Foreign Ministries.pdf
|
|
|
|
|
2023-06-21 - Initial research exposing JOKERSPY.pdf
|
|
|
|
|
2023-06-21 - Ransomware Redefined- RedEnergy Stealer-as-a-Ransomware attacks.pdf
|
|
|
|
|
2023-06-22 - Business as Usual- Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft.pdf
|
|
|
|
|
2023-06-22 - Goot to Loot - How a Gootloader Infection Led to Credential Access.pdf
|
|
|
|
|
2023-06-22 - LockBit Green and phishing that targets organizations.pdf
|
|
|
|
|
2023-06-22 - Malware Analysis Gh0stBins, Chinese RAT- Malware Analysis, Protocol Description, RDP Stream Recovery.pdf
|
|
|
|
|
2023-06-22 - PindOS- New JavaScript Dropper Delivering Bumblebee and IcedID.pdf
|
|
|
|
|
2023-06-23 - An Overview of the Different Versions of the Trigona Ransomware.pdf
|
|
|
|
|
2023-06-23 - Clop Ransomware- History, Timeline, And Adversary Simulation.pdf
|
|
|
|
|
2023-06-23 - Deep Dive into GOOTLOADER Malware and Its Infection Chain.pdf
|
|
|
|
|
2023-06-23 - Detecting New MULTI STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities to Drop Multiple RAT Payloads With Security Analytics.pdf
|
|
|
|
|
2023-06-23 - Detecting New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities to Drop Multiple RAT Payloads With Security Analytics.pdf
|
|
|
|
|
2023-06-23 - Detecting New MULTI-STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities to Drop Multiple RAT Payloads With Security Analytics.pdf
|
|
|
|
|
2023-06-23 - Inside KangaPack- the Kangaroo packer with native decryption.pdf
|
|
|
|
|
2023-06-23 - Malware source code investigation- Paradise Ransomware.pdf
|
|
|
|
|
2023-06-23 - ObserverStealer- Unmasking the New Contender in Cyber Crime.pdf
|
|
|
|
|
2023-06-23 - Phylum Discovers Sophisticated Ongoing Attack on NPM.pdf
|
|
|
|
|
2023-06-24 - SmokeLoader - Malware Analysis and Decoding With Procmon.pdf
|
|
|
|
|
2023-06-26 - Anatsa banking Trojan hits UK, US and DACH with new campaign.pdf
|
|
|
|
|
2023-06-27 - The Trickbot-Conti Crypters- Where Are They Now-.pdf
|
|
|
|
|
2023-06-27 - The Underground Economist- Volume 3, Issue 12.pdf
|
|
|
|
|
2023-06-28 - Andariel’s silly mistakes and a new malware family.pdf
|
|
|
|
|
2023-06-28 - Charming Kitten Updates POWERSTAR with an InterPlanetary Twist.pdf
|
|
|
|
|
2023-06-28 - Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts.pdf
|
|
|
|
|
2023-06-28 - Kimsuky Attack Group Abusing Chrome Remote Desktop.pdf
|
|
|
|
|
2023-06-28 - Meduza Stealer or The Return of The Infamous Aurora Stealer.pdf
|
|
|
|
|
2023-06-28 - Red Wolf is back to spy on commercial firms Red Wolf is back to spy on commercial firms.pdf
|
|
|
|
|
2023-06-28 - Sowing Chaos and Reaping Rewards in Confluence and Jira.pdf
|
|
|
|
|
2023-06-29 - Decrypted- Akira Ransomware.pdf
|
|
|
|
|
2023-06-29 - Following NoName057(16) DDoSia Project’s Targets.pdf
|
|
|
|
|
2023-06-29 - GuLoader- Navigating a Maze of Intricacy.pdf
|
|
|
|
|
2023-06-29 - PhonyC2- Revealing a New Malicious Command & Control Framework by MuddyWater.pdf
|
|
|
|
|
2023-06-29 - Rhysida Ransomware - RaaS Crawls Out of Crimeware Undergrowth to Attack Chilean Army.pdf
|
|
|
|
|
2023-06-29 - The DPRK strikes using a new variant of RUSTBUCKET.pdf
|
|
|
|
|
2023-06-30 - Cobalt Strike’s Deployment with Hardware Breakpoint for AMSI Bypass.pdf
|
|
|
|
|
2023-06-30 - Formbook unpacking.pdf
|
|
|
|
|
2023-06-30 - Monthly news - July 2023.pdf
|
|
|
|
|
2023-07-03 - Chinese Threat Actors Targeting Europe in SmugX Campaign.pdf
|
|
|
|
|
2023-07-03 - Crysis Threat Actor Installing Venus Ransomware Through RDP.pdf
|
|
|
|
|
2023-07-04 - Fort Worth officials say leaked data came from Public Information Act request.pdf
|
|
|
|
|
2023-07-04 - Reversing a recent IcedID Crypter.pdf
|
|
|
|
|
2023-07-04 - Suspected Maha Grass Organization Uses WarHawk Backdoor Variant Spyder to Spy on Multiple Countries.pdf
|
|
|
|
|
2023-07-04 - Unleashing the Viper - A Technical Analysis of WhiteSnake Stealer.pdf
|
|
|
|
|
2023-07-05 - Anatomy of Silentbob’s Cloud Attack.pdf
|
|
|
|
|
2023-07-05 - Belarusian hacktivists сlaim to breach country’s leading state university.pdf
|
|
|
|
|
2023-07-05 - BlueNoroff - How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection.pdf
|
|
|
|
|
2023-07-05 - Patchwork Group Utilizing WarHawk Backdoor Variant -Spyder- for Espionage against Multiple Countries.pdf
|
|
|
|
|
2023-07-06 - [QuickNote] Examining Formbook Campaign via Phishing Emails.pdf
|
|
|
|
|
2023-07-06 - Increased Truebot Activity Infects U.S. and Canada Based Networks.pdf
|
|
|
|
|
2023-07-06 - The five-day job- A BlackByte ransomware intrusion case study.pdf
|
|
|
|
|
2023-07-06 - What’s up with Emotet-.pdf
|
|
|
|
|
2023-07-07 - Beyond appearances- unknown actor using APT29’s TTP against Chinese users.pdf
|
|
|
|
|
2023-07-07 - Exploitation of Mitel MiVoice Connect SA CVE-2022-29499.pdf
|
|
|
|
|
2023-07-07 - Eyes on Android-S.O.V.A botnet sample.pdf
|
|
|
|
|
2023-07-07 - Malware development trick - part 34- Find PID via WTSEnumerateProcesses. Simple C++ example..pdf
|
|
|
|
|
2023-07-07 - Malware development trick - part 34- Find PID via WTSEnumerateProcesses. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-07-07 - The TOITOIN Trojan- Analyzing a New Multi-Stage Attack Targeting LATAM Region.pdf
|
|
|
|
|
2023-07-08 - CloudEyE — From .lnk to Shellcode.pdf
|
|
|
|
|
2023-07-08 - RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit.pdf
|
|
|
|
|
2023-07-10 - Defend Against the Latest Active Directory Certificate Services Threats.pdf
|
|
|
|
|
2023-07-11 - Analysis of the Rekoobe Backdoor Being Used In Attacks Against Linux Systems in Korea.pdf
|
|
|
|
|
2023-07-11 - Breaking into the Bandit Stealer Malware Infrastructure.pdf
|
|
|
|
|
2023-07-11 - SCARLETEEL 2.0- Fargate, Kubernetes, and Crypto.pdf
|
|
|
|
|
2023-07-11 - Storm-0978 attacks reveal financial and espionage motives.pdf
|
|
|
|
|
2023-07-12 - CustomerLoader- a new malware distributing a wide variety of payloads.pdf
|
|
|
|
|
2023-07-12 - DangerousPassword attacks targeting developers' Windows, macOS, and Linux environments.pdf
|
|
|
|
|
2023-07-12 - Diplomats Beware- Cloaked Ursa Phishing With a Twist.pdf
|
|
|
|
|
2023-07-12 - LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros.pdf
|
|
|
|
|
2023-07-12 - Mitigating CVE-2023-3595 and CVE-2023-3596 Impacting Rockwell Automation ControlLogix Firmware.pdf
|
|
|
|
|
2023-07-12 - New invitation from APT29 to use CCleaner.pdf
|
|
|
|
|
2023-07-12 - Routers From The Underground- Exposing AVrecon.pdf
|
|
|
|
|
2023-07-12 - The GRU's Disruptive Playbook.pdf
|
|
|
|
|
2023-07-13 - Detecting BPFDoor Backdoor Variants Abusing BPF Filters.pdf
|
|
|
|
|
2023-07-13 - Malware analysis report- BlackCat ransomware.pdf
|
|
|
|
|
2023-07-13 - TeamTNT Reemerged with New Aggressive Cloud Campaign.pdf
|
|
|
|
|
2023-07-13 - TrueBot Analysis Part IV - Config Extraction.pdf
|
|
|
|
|
2023-07-14 - Analysis of Storm-0558 techniques for unauthorized email access.pdf
|
|
|
|
|
2023-07-14 - Possible Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad.pdf
|
|
|
|
|
2023-07-15 - Deep Analysis of GCleaner.pdf
|
|
|
|
|
2023-07-15 - Malware source code investigation- BlackLotus - part 1.pdf
|
|
|
|
|
2023-07-16 - Lobshot- Lobshot a basic hVNC bot.pdf
|
|
|
|
|
2023-07-16 - Malware development- persistence - part 22. Windows Setup. Simple C++ example..pdf
|
|
|
|
|
2023-07-16 - Malware development- persistence - part 22. Windows Setup. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-07-17 - 8Base ransomware stays unseen for a year.pdf
|
|
|
|
|
2023-07-17 - The New Release of Danabot Version 3- What You Need to Know.pdf
|
|
|
|
|
2023-07-18 - FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware.pdf
|
|
|
|
|
2023-07-18 - NemesisProject.pdf
|
|
|
|
|
2023-07-18 - Security alert- social engineering campaign targets technology industry employees (Jade Sleet-Storm-0954).pdf
|
|
|
|
|
2023-07-18 - Space Pirates- a look into the group's unconventional techniques, new attack vectors, and tools.pdf
|
|
|
|
|
2023-07-18 - Stealth Mode- Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection.pdf
|
|
|
|
|
2023-07-18 - Ursnif VS Italy- Il PDF del Destino.pdf
|
|
|
|
|
2023-07-19 - BYOS – Bundle Your Own Stealer.pdf
|
|
|
|
|
2023-07-19 - Escalating Privileges via Third-Party Windows Installers.pdf
|
|
|
|
|
2023-07-19 - Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41.pdf
|
|
|
|
|
2023-07-19 - Military topics become the focus- The threat of fake hunter APT organizations continues to be exposed.pdf
|
|
|
|
|
2023-07-19 - P2PInfect- The Rusty Peer-to-Peer Self-Replicating Worm.pdf
|
|
|
|
|
2023-07-20 - Analyzing a New .NET variant of LaplasClipper- retrieving the config.pdf
|
|
|
|
|
2023-07-20 - JumpCloud Intrusion - Attacker Infrastructure Links Compromise to North Korean APT Activity.pdf
|
|
|
|
|
2023-07-20 - KillNet Showcases New Capabilities While Repeating Older Tactics.pdf
|
|
|
|
|
2023-07-20 - Threat Group Assessment- Mallox Ransomware.pdf
|
|
|
|
|
2023-07-21 - Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519).pdf
|
|
|
|
|
2023-07-21 - First Known Targeted OSS Supply Chain Attacks Against the Banking Sector.pdf
|
|
|
|
|
2023-07-21 - Ransomware Spotlight- Play.pdf
|
|
|
|
|
2023-07-22 - HookBot Android Malware Builder Panel and APK Source.pdf
|
|
|
|
|
2023-07-23 - Malware via VHD Files, an Excellent Choice.pdf
|
|
|
|
|
2023-07-24 - Deep Analysis of Vidar Stealer.pdf
|
|
|
|
|
2023-07-24 - Lazarus Threat Group Attacking Windows Servers to Use as Malware Distribution Points.pdf
|
|
|
|
|
2023-07-24 - North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack.pdf
|
|
|
|
|
2023-07-24 - Norway government ministries hit by cyber attack.pdf
|
|
|
|
|
2023-07-24 - Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C..pdf
|
|
|
|
|
2023-07-25 - Akira’s Play with Linux.pdf
|
|
|
|
|
2023-07-25 - Amadey Threat Analysis and Detections.pdf
|
|
|
|
|
2023-07-25 - EVOLUTION OF RUSSIAN APT29 – NEW ATTACKS AND TECHNIQUES UNCOVERED.pdf
|
|
|
|
|
2023-07-25 - Hibernating Qakbot- A Comprehensive Study and In-depth Campaign Analysis.pdf
|
|
|
|
|
2023-07-25 - Who and What is Behind the Malware Proxy Service SocksEscort-.pdf
|
|
|
|
|
2023-07-26 - Christmas in July- A finely wrapped Malware Proxy Service.pdf
|
|
|
|
|
2023-07-26 - Conti and Akira- Chained Together.pdf
|
|
|
|
|
2023-07-26 - Incident Response trends Q2 2023- Data theft extortion rises, while healthcare is still most-targeted vertical.pdf
|
|
|
|
|
2023-07-26 - Into the tank with Nitrogen.pdf
|
|
|
|
|
2023-07-26 - Major Malaysian water utilities company hit by hackers; Ranhill offline; hackers claim databases and backups deleted.pdf
|
|
|
|
|
2023-07-27 - Are Akira Ransomware's Crypto-Locking Malware Days Numbered-.pdf
|
|
|
|
|
2023-07-27 - Are Akira Ransomware's Crypto-Locking Malware Days Numbered.pdf
|
|
|
|
|
2023-07-27 - Dark Web Profile- 8Base Ransomware.pdf
|
|
|
|
|
2023-07-28 - CISA Releases Malware Analysis Reports on Barracuda Backdoors.pdf
|
|
|
|
|
2023-07-28 - Inside the IcedID BackConnect Protocol (Part 2).pdf
|
|
|
|
|
2023-07-28 - MAR-10454006-r1.v2 SUBMARINE Backdoor.pdf
|
|
|
|
|
2023-07-28 - MAR-10454006-r2.v1 SEASPY Backdoor.pdf
|
|
|
|
|
2023-07-28 - Scattered Spider Threat Actor Profile.pdf
|
|
|
|
|
2023-07-29 - Linux version of Abyss Locker ransomware targets VMware ESXi servers.pdf
|
|
|
|
|
2023-07-29 - Unknown powershell backdoor with ties to new Zloader.pdf
|
|
|
|
|
2023-07-31 - Bandit Stealer Garbled.pdf
|
|
|
|
|
2023-07-31 - Cado Security Labs Encounter Novel Malware, Redis P2Pinfect.pdf
|
|
|
|
|
2023-07-31 - China-Backed Hackers Threaten Texas Military Sites, Utilities.pdf
|
|
|
|
|
2023-07-31 - Out of the Sandbox- WikiLoader Digs Sophisticated Evasion.pdf
|
|
|
|
|
2023-07-31 - Pikabot deep analysis.pdf
|
|
|
|
|
2023-07-31 - SpyNote continues to attack financial institutions.pdf
|
|
|
|
|
2023-08-01 - Analysis of Recent Activities of the Mylobot Botnet.pdf
|
|
|
|
|
2023-08-01 - BatLoader Continues Signed MSIX App Package Abuse.pdf
|
|
|
|
|
2023-08-01 - Illicit Brand Impersonation - A Threat Hunting Approach.pdf
|
|
|
|
|
2023-08-01 - NodeStealer 2.0 – The Python Version- Stealing Facebook Business Accounts.pdf
|
|
|
|
|
2023-08-01 - Sliver C2 Being Distributed Through Korean Program Development Company.pdf
|
|
|
|
|
2023-08-02 - BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023.pdf
|
|
|
|
|
2023-08-02 - HUI Loader — Malware Analysis Note.pdf
|
|
|
|
|
2023-08-02 - Lazarus Group Launches First Open Source Supply Chain Attacks Targeting Crypto Sector.pdf
|
|
|
|
|
2023-08-02 - Midnight Blizzard conducts targeted social engineering over Microsoft Teams.pdf
|
|
|
|
|
2023-08-03 - DarkGate Keylogger Analysis- Masterofnone.pdf
|
|
|
|
|
2023-08-03 - Reptile Malware Targeting Linux Systems.pdf
|
|
|
|
|
2023-08-03 - Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection.pdf
|
|
|
|
|
2023-08-03 - What’s happening in the world of crimeware- Emotet, DarkGate and LokiBot.pdf
|
|
|
|
|
2023-08-06 - DarkGate - Threat Breakdown Journey.pdf
|
|
|
|
|
2023-08-07 - Comrades in Arms- - North Korea Compromises Sanctioned Russian Missile Engineering Company.pdf
|
|
|
|
|
2023-08-07 - Latest Batloader Campaigns Use Pyarmor Pro for Evasion.pdf
|
|
|
|
|
2023-08-07 - New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware.pdf
|
|
|
|
|
2023-08-08 - CrowdStrike observes massive spike in identity-based attacks.pdf
|
|
|
|
|
2023-08-08 - The Rhysida Ransomware- Activity Analysis And Ties To Vice Society.pdf
|
|
|
|
|
2023-08-08 - What Cisco Talos knows about the Rhysida ransomware.pdf
|
|
|
|
|
2023-08-09 - An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector.pdf
|
|
|
|
|
2023-08-09 - Rhysida ransomware behind recent attacks on healthcare.pdf
|
|
|
|
|
2023-08-09 - Understanding BumbleBee- The delivery of Bumblee.pdf
|
|
|
|
|
2023-08-10 - Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete- The Case of CVE-2023-36874.pdf
|
|
|
|
|
2023-08-10 - Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT.pdf
|
|
|
|
|
2023-08-10 - Focus on DroxiDat-SystemBC.pdf
|
|
|
|
|
2023-08-10 - German Embassy Lure- Likely Part of Campaign Against NATO Aligned Ministries of Foreign Affairs.pdf
|
|
|
|
|
2023-08-10 - Gootloader- Why your Legal Document Search May End in Misery.pdf
|
|
|
|
|
2023-08-10 - GuLoader Malware Disguised as Tax Invoices and Shipping Statements (Detected by MDS Products).pdf
|
|
|
|
|
2023-08-10 - JanelaRAT - Repurposed BX RAT variant targeting FinTech users in the LATAM region.pdf
|
|
|
|
|
2023-08-10 - MoustachedBouncer- Espionage against foreign diplomats in Belarus.pdf
|
|
|
|
|
2023-08-10 - Unveiling the Dominance of Scams Amidst a 24% Surge in Blocked Attacks.pdf
|
|
|
|
|
2023-08-14 - Monti Ransomware Unleashes a New Encryptor for Linux.pdf
|
|
|
|
|
2023-08-15 - Raccoon Stealer Announce Return After Hiatus.pdf
|
|
|
|
|
2023-08-15 - StealC Delivered via Deceptive Google Sheets.pdf
|
|
|
|
|
2023-08-16 - APT-K-47 “Mysterious Elephant”, a new APT organization in South Asia.pdf
|
|
|
|
|
2023-08-17 - Chinese Entanglement - DLL Hijacking in the Asian Gambling Sector.pdf
|
|
|
|
|
2023-08-17 - Godfather Android Banking Trojan Technical Analysis.pdf
|
|
|
|
|
2023-08-17 - No Rest For The Wicked- HiatusRAT Takes Little Time Off In A Return To Action.pdf
|
|
|
|
|
2023-08-17 - Scattered Spider- The Modus Operandi.pdf
|
|
|
|
|
2023-08-18 - Understanding BumbleBee- The malicious behavior of BumbleBee.pdf
|
|
|
|
|
2023-08-18 - Understanding Syscalls- Direct, Indirect, and Cobalt Strike Implementation.pdf
|
|
|
|
|
2023-08-21 - On the Horizon- Ransomed.vc Ransomware Group Spotted in the Wild.pdf
|
|
|
|
|
2023-08-21 - XLoader's Latest Trick - New macOS Variant Disguised as Signed OfficeNote App.pdf
|
|
|
|
|
2023-08-22 - Agniane Stealer- Dark Web’s Crypto Threat.pdf
|
|
|
|
|
2023-08-22 - Analysis of APT Attack Cases Targeting Web Services of Korean Corporations.pdf
|
|
|
|
|
2023-08-22 - Analyzing the new attack activity of the Andariel group.pdf
|
|
|
|
|
2023-08-22 - Carderbee- APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong.pdf
|
|
|
|
|
2023-08-22 - FBI Identifies Cryptocurrency Funds Stolen by DPRK.pdf
|
|
|
|
|
2023-08-23 - Akira- Pulling on the chains of ransomware.pdf
|
|
|
|
|
2023-08-23 - Defending Against 8base- Uncovering Their Arsenal and Crafting Responses.pdf
|
|
|
|
|
2023-08-23 - Malware-as-a-Service- Redline Stealer Variants Demonstrate a Low-Barrier-to-Entry Threat.pdf
|
|
|
|
|
2023-08-24 - Flax Typhoon using legitimate software to quietly access Taiwanese organizations.pdf
|
|
|
|
|
2023-08-24 - Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT.pdf
|
|
|
|
|
2023-08-24 - Lazarus Group's infrastructure reuse leads to discovery of new malware.pdf
|
|
|
|
|
2023-08-24 - Revisting BLISTER- New development of the BLISTER loader.pdf
|
|
|
|
|
2023-08-24 - Signs of MuddyWater Developments Found in the DNS.pdf
|
|
|
|
|
2023-08-24 - XWorm- Technical Analysis of a New Malware Version.pdf
|
|
|
|
|
2023-08-24 - “Proxy” Based Phishing Attacks Are on the Rise Again.pdf
|
|
|
|
|
2023-08-25 - Shining some light on the DarkGate loader.pdf
|
|
|
|
|
2023-08-25 - Technical analysis of WarZoneRAT malware.pdf
|
|
|
|
|
2023-08-25 - Warzone RAT configuration extractor.pdf
|
|
|
|
|
2023-08-26 - ClearFake Malware Analysis.pdf
|
|
|
|
|
2023-08-26 - Tracking Adversaries- Scattered Spider, the BlackCat affiliate.pdf
|
|
|
|
|
2023-08-28 - APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities.pdf
|
|
|
|
|
2023-08-28 - Defender Experts Chronicles- A Deep Dive into Storm-0867.pdf
|
|
|
|
|
2023-08-28 - DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability.pdf
|
|
|
|
|
2023-08-28 - HTML Smuggling Leads to Domain Wide Ransomware.pdf
|
|
|
|
|
2023-08-28 - MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file –.pdf
|
|
|
|
|
2023-08-29 - Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868).pdf
|
|
|
|
|
2023-08-29 - Documents and Resources related to the Disruption of the QakBot Malware and Botnet.pdf
|
|
|
|
|
2023-08-29 - FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown.pdf
|
|
|
|
|
2023-08-29 - Kinsing Malware Exploits Novel Openfire Vulnerability.pdf
|
|
|
|
|
2023-08-29 - Law Enforcement Takes Down QakBot.pdf
|
|
|
|
|
2023-08-29 - Qakbot - the takedown and the remediation.pdf
|
|
|
|
|
2023-08-29 - Qakbot Botnet Disruption.pdf
|
|
|
|
|
2023-08-29 - Qakbot Malware Disrupted in International Cyber Takedown.pdf
|
|
|
|
|
2023-08-29 - U.S. Hacks QakBot, Quietly Removes Botnet Infections.pdf
|
|
|
|
|
2023-08-30 - A Fake Signal App Was Planted On Google Play By China-Linked Hackers.pdf
|
|
|
|
|
2023-08-30 - A Look Into DuckTail.pdf
|
|
|
|
|
2023-08-30 - APT34 Unleashes New Wave of Phishing Attack with Variant of SideTwist Trojan.pdf
|
|
|
|
|
2023-08-30 - Earth Estries Targets Government, Tech for Cyberespionage.pdf
|
|
|
|
|
2023-08-30 - Gazavat - Expiro DMSniff connection and DGA analysis.pdf
|
|
|
|
|
2023-08-30 - IT threat evolution in Q2 2023.pdf
|
|
|
|
|
2023-08-30 - Trickbot in Light of Trickleaks Data.pdf
|
|
|
|
|
2023-08-31 - A Deep Dive into Brute Ratel C4 Payloads.pdf
|
|
|
|
|
2023-08-31 - Analysis of Andariel’s New Attack Activities.pdf
|
|
|
|
|
2023-08-31 - Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers.pdf
|
|
|
|
|
2023-08-31 - From Hidden Bee to Rhadamanthys - The Evolution of Custom Executable Formats.pdf
|
|
|
|
|
2023-08-31 - One month later, Ranhill still hasn’t fully recovered from cyberattack.pdf
|
|
|
|
|
2023-08-31 - Reverse engineering SuperBear RAT.pdf
|
|
|
|
|
2023-08-31 - SapphireStealer- Open-source information stealer enables credential and data theft.pdf
|
|
|
|
|
2023-09-01 - Malicious LNK that distributes backdoors- RedEyes (ScarCruft).pdf
|
|
|
|
|
2023-09-01 - Understanding BumbleBee- BumbleBee’s malware configuration and clusters.pdf
|
|
|
|
|
2023-09-04 - A deep dive into DCRAT-DarkCrystalRAT malware.pdf
|
|
|
|
|
2023-09-04 - Amadey- New encoding with old tricks.pdf
|
|
|
|
|
2023-09-04 - Cert.lv- activist groups supported by Russia perform cyber attacks on Latvian state institutions.pdf
|
|
|
|
|
2023-09-04 - CHM Malware Using Fukushima Contaminated Water Discharge- RedEyes (ScarCruft).pdf
|
|
|
|
|
2023-09-05 - BlueShell malware used in APT attacks targeting Korea and Thailand.pdf
|
|
|
|
|
2023-09-05 - Chae$ 4- New Chaes Malware Variant Targeting Financial and Logistics Customers.pdf
|
|
|
|
|
2023-09-05 - MultiPlatform HTTP Reverse Shell.pdf
|
|
|
|
|
2023-09-06 - DarkGate Loader Malware Delivered via Microsoft Teams.pdf
|
|
|
|
|
2023-09-06 - Mac users targeted in new malvertising campaign delivering Atomic Stealer.pdf
|
|
|
|
|
2023-09-06 - Pizza Hut Australia leaks one million customers' details, claims ShinyHunters hacking group.pdf
|
|
|
|
|
2023-09-06 - Steal-It Campaign.pdf
|
|
|
|
|
2023-09-06 - The Rise of the Lumma Info-Stealer.pdf
|
|
|
|
|
2023-09-07 - 'From Russia with a 71'- Uncovering Gamaredon's fast flux infrastructure. New apex domains and ASN-IP diversity patterns discovered.pdf
|
|
|
|
|
2023-09-07 - Active North Korean campaign targeting security researchers.pdf
|
|
|
|
|
2023-09-07 - China, North Korea pursue new targets while honing cyber capabilities.pdf
|
|
|
|
|
2023-09-07 - Critical Energy Infrastructure Facility Attack In Ukraine.pdf
|
|
|
|
|
2023-09-07 - Evolution of USB-Borne Malware, Raspberry Robin.pdf
|
|
|
|
|
2023-09-07 - MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors.pdf
|
|
|
|
|
2023-09-07 - Multiple Foreign Nationals Charged in Connection with Trickbot Malware and Conti Ransomware Conspiracies.pdf
|
|
|
|
|
2023-09-07 - My Tea’s not cold. An overview of China’s cyber threat.pdf
|
|
|
|
|
2023-09-07 - New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware.pdf
|
|
|
|
|
2023-09-07 - PTI-257 (ex-Wizard Spider) - IOCs.pdf
|
|
|
|
|
2023-09-07 - The Case of LummaC2 v4.0.pdf
|
|
|
|
|
2023-09-07 - The Infamous Mirai Trojan Evolves- New “Pandora” Variant Targets Android TVs.pdf
|
|
|
|
|
2023-09-08 - Carderbee Targets Hong Kong in Supply Chain Attack.pdf
|
|
|
|
|
2023-09-08 - RomCom RAT- Not Your Typical Love Story.pdf
|
|
|
|
|
2023-09-08 - Uncovering DDGroup — A long-time threat actor.pdf
|
|
|
|
|
2023-09-11 - BlueShell Used in APT Attacks Against Korean and Thai Targets.pdf
|
|
|
|
|
2023-09-11 - From Caribbean shores to your devices- analyzing Cuba ransomware.pdf
|
|
|
|
|
2023-09-11 - From ERMAC to Hook- Investigating the technical differences between two Android malware variants.pdf
|
|
|
|
|
2023-09-11 - OriginBotnet Spreads via Malicious Word Document.pdf
|
|
|
|
|
2023-09-12 - A peek into APT36’s updated arsenal.pdf
|
|
|
|
|
2023-09-12 - Email campaigns leverage updated DBatLoader to deliver RATs, stealers.pdf
|
|
|
|
|
2023-09-12 - Malware distributor Storm-0324 facilitates ransomware access.pdf
|
|
|
|
|
2023-09-12 - Redfly- Espionage Actors Continue to Target Critical Infrastructure.pdf
|
|
|
|
|
2023-09-12 - The Transportation sector cyber threat overview.pdf
|
|
|
|
|
2023-09-13 - New Ransomware Threats and the Rising Menace of Telegram.pdf
|
|
|
|
|
2023-09-14 - Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets.pdf
|
|
|
|
|
2023-09-14 - Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets.pdf
|
|
|
|
|
2023-09-14 - Sekoia.io mid-2023 Ransomware Threat Landscape.pdf
|
|
|
|
|
2023-09-15 - Reverse engineering natively-compiled .NET apps.pdf
|
|
|
|
|
2023-09-15 - The DGA of BumbleBee.pdf
|
|
|
|
|
2023-09-15 - Threat Group Assessment- Muddled Libra.pdf
|
|
|
|
|
2023-09-18 - -Scattered Spider- group launches ransomware attacks while expanding targets in hospitality, retail.pdf
|
|
|
|
|
2023-09-18 - CapraTube - Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones.pdf
|
|
|
|
|
2023-09-18 - Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement.pdf
|
|
|
|
|
2023-09-18 - HijackLoader Targets Hotels- A Technical Analysis.pdf
|
|
|
|
|
2023-09-18 - Who's Behind the 8Base Ransomware Website-.pdf
|
|
|
|
|
2023-09-19 - New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants.pdf
|
|
|
|
|
2023-09-19 - ShortAndMalicious — DarkGate.pdf
|
|
|
|
|
2023-09-19 - Unveiling the Shadows- The Dark Alliance between GuLoader and Remcos.pdf
|
|
|
|
|
2023-09-20 - Behind the Scenes of BBTok- Analyzing a Banker’s Server Side Components.pdf
|
|
|
|
|
2023-09-20 - Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic.pdf
|
|
|
|
|
2023-09-20 - Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape.pdf
|
|
|
|
|
2023-09-20 - Unmasking USDoD- The Enigma of the Cyber Realm.pdf
|
|
|
|
|
2023-09-21 - Cyber Soft Power - China’s Continental Takeover.pdf
|
|
|
|
|
2023-09-21 - OilRig’s Outer Space and Juicy Mix- Same ol’ rig, new drill pipes.pdf
|
|
|
|
|
2023-09-21 - Quick Malware Analysis- PIKABOT INFECTION WITH COBALT STRIKE pcap from 2023-05-23.pdf
|
|
|
|
|
2023-09-21 - Sandman APT - A Mystery Group Targeting Telcos with a LuaJIT Toolkit.pdf
|
|
|
|
|
2023-09-21 - Secrets of commercial RATs! NanoCore dissected.pdf
|
|
|
|
|
2023-09-22 - Backchannel Diplomacy- APT29’s Rapidly Evolving Diplomatic Phishing Operations.pdf
|
|
|
|
|
2023-09-22 - DarkGate IOCs.pdf
|
|
|
|
|
2023-09-22 - More on DreamLand.pdf
|
|
|
|
|
2023-09-22 - Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus.pdf
|
|
|
|
|
2023-09-22 - Unmasking the Godfather.pdf
|
|
|
|
|
2023-09-23 - BunnyLoader, the newest Malware-as-a-Service.pdf
|
|
|
|
|
2023-09-25 - A ransomware group claims to have breached ‘all Sony systems’.pdf
|
|
|
|
|
2023-09-25 - Malware development trick - part 36- Enumerate process modules. Simple C example..pdf
|
|
|
|
|
2023-09-25 - Malware development trick - part 36- Enumerate process modules. Simple C++ example..pdf
|
|
|
|
|
2023-09-25 - REArchive- Reverse engineering APT37’s GOLDBACKDOOR dropper.pdf
|
|
|
|
|
2023-09-25 - Securonix Threat Labs Security Advisory- New STARK VORTEX Attack Campaign- Threat Actors Use Drone Manual Lures to Deliver MerlinAgent Payloads.pdf
|
|
|
|
|
2023-09-25 - Warning- Newly Discovered APT Attacker AtlasCross Exploits Red Cross Blood Drive Phishing for Cyberattack.pdf
|
|
|
|
|
2023-09-26 - Analyzing Lu0Bot- A Node.js Malware with Near-Unlimited Capabilities.pdf
|
|
|
|
|
2023-09-27 - A Deep Dive into Brute Ratel C4 payloads – Part 2.pdf
|
|
|
|
|
2023-09-27 - Dark River. You can't see them, but they're there.pdf
|
|
|
|
|
2023-09-27 - Uncovering the “Easy Stealer” Infostealer.pdf
|
|
|
|
|
2023-09-27 - ‘Ransomed.VC’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo.pdf
|
|
|
|
|
2023-09-28 - Exploring ScamClub Payloads via Deobfuscation Using Abstract Syntax Trees.pdf
|
|
|
|
|
2023-09-28 - Loader Galore - TaskLoader at the start of a Pay-per-Install Infection Chain.pdf
|
|
|
|
|
2023-09-28 - The Scattered Spider Ransomware Group’s Secret Weapons- Social Engineering and Fluent English.pdf
|
|
|
|
|
2023-09-28 - The security pitfalls of social media sites offering ID-based authentication.pdf
|
|
|
|
|
2023-09-29 - Lazarus luring employees with trojanized coding challenges- The case of a Spanish aerospace company.pdf
|
|
|
|
|
2023-10-01 - .NET Assembly Obfuscation for Memory Scanner Evasion.pdf
|
|
|
|
|
2023-10-01 - ShinyHunters’ 22-Year-Old Member Pleads Guilty to Cyber Extortion, Causing $6 Million in Damage.pdf
|
|
|
|
|
2023-10-02 - LightSpy mAPT Mobile Payment System Attack.pdf
|
|
|
|
|
2023-10-03 - 2023-10-03 (Tuesday) - PikaBot infection with Cobalt Strike.pdf
|
|
|
|
|
2023-10-03 - Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE).pdf
|
|
|
|
|
2023-10-03 - Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more).pdf
|
|
|
|
|
2023-10-03 - NATO 'actively addressing' alleged cyberattack affecting some websites.pdf
|
|
|
|
|
2023-10-03 - Rhadamanthys malware analysis- How infostealers use VMs to avoid analysis.pdf
|
|
|
|
|
2023-10-03 - Stealc Malware Analysis.pdf
|
|
|
|
|
2023-10-04 - Developing Yara Signatures for Malware - Practical Examples.pdf
|
|
|
|
|
2023-10-05 - Chinese State-Sponsored Cyber Espionage Activity Targeting Semiconductor Industry in East Asia.pdf
|
|
|
|
|
2023-10-05 - Introduction to DotNet Configuration Extraction - RevengeRAT.pdf
|
|
|
|
|
2023-10-05 - Operation Jacana- Foundling hobbits in Guyana.pdf
|
|
|
|
|
2023-10-05 - Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown.pdf
|
|
|
|
|
2023-10-05 - Securonix Threat Labs Monthly Intelligence Insights – September 2023.pdf
|
|
|
|
|
2023-10-05 - Unveiling activities of Tropic Trooper 2023- deep analysis of Xiangoop Loader and EntryShell payload.pdf
|
|
|
|
|
2023-10-05 - Unveiling activities of Tropic Trooper 2023.pdf
|
|
|
|
|
2023-10-06 - Hacking Group ‘Cyber Av3ngers’ Claims Responsibility for Yavne Power Outages- What You Need to Know.pdf
|
|
|
|
|
2023-10-09 - Cyber Criminals Using EvilProxy Phishing Kit To Target Senior Executives in U.S. Firms.pdf
|
|
|
|
|
2023-10-09 - IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits.pdf
|
|
|
|
|
2023-10-10 - Assessed Cyber Structure and Alignments of North Korea in 2023.pdf
|
|
|
|
|
2023-10-10 - Grayling- Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan.pdf
|
|
|
|
|
2023-10-10 - Hacktivists take sides in Israel-Palestinian war.pdf
|
|
|
|
|
2023-10-10 - How To Develop Yara Rules for .NET Malware Using IL ByteCodes.pdf
|
|
|
|
|
2023-10-10 - Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers.pdf
|
|
|
|
|
2023-10-11 - Automatic disruption of human-operated attacks through containment of compromised user accounts.pdf
|
|
|
|
|
2023-10-11 - Hacker Group “Caracal Kitten” Targets KDP Activists With Malware.pdf
|
|
|
|
|
2023-10-12 - CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations.pdf
|
|
|
|
|
2023-10-12 - DarkGate Opens Organizations for Attack via Skype, Teams.pdf
|
|
|
|
|
2023-10-12 - Forensic Timeline of an IcedID Infection.pdf
|
|
|
|
|
2023-10-13 - Analysis Report on Lazarus Threat Group’s Volgmer and Scout Malware.pdf
|
|
|
|
|
2023-10-13 - Disclosing the BLOODALCHEMY backdoor.pdf
|
|
|
|
|
2023-10-13 - Rewterz Threat Alert – Power Supplier’s Network Infiltrated for 6 Months by “Redfly” Hackers – Active IOCs.pdf
|
|
|
|
|
2023-10-13 - The Good, the Bad and the Ugly in Cybersecurity – Week 41.pdf
|
|
|
|
|
2023-10-15 - Chinese Cyber- Resources for Western Researchers.pdf
|
|
|
|
|
2023-10-15 - Colonial Pipeline attributes ransomware claims to ‘unrelated’ third-party data breach.pdf
|
|
|
|
|
2023-10-16 - A hack in hand is worth two in the bush.pdf
|
|
|
|
|
2023-10-16 - ClearFake- a newcomer to the “fake updates” threats landscape.pdf
|
|
|
|
|
2023-10-16 - Decoding a Simple Visual Basic (.vbs) Script - DarkGate Loader.pdf
|
|
|
|
|
2023-10-17 - APT trends report Q3 2023.pdf
|
|
|
|
|
2023-10-17 - Dark Peep 2- War and a Piece of Hilarity.pdf
|
|
|
|
|
2023-10-17 - Lumma Stealer actively deployed in multiple campaigns.pdf
|
|
|
|
|
2023-10-17 - PROSPERNOT (PROSPERO-AS) The Little AS That Could. Part 1.pdf
|
|
|
|
|
2023-10-18 - Ghidra Tutorial - Using Entropy To Locate a Cobalt Strike Decryption Function.pdf
|
|
|
|
|
2023-10-18 - Government-backed actors exploiting WinRAR vulnerability.pdf
|
|
|
|
|
2023-10-18 - Qubitstrike - An Emerging Malware Campaign Targeting Jupyter Notebooks.pdf
|
|
|
|
|
2023-10-18 - Threat Actor Profile- SiegedSec.pdf
|
|
|
|
|
2023-10-19 - Crambus- New Campaign Targets Middle Eastern Government.pdf
|
|
|
|
|
2023-10-20 - Authorities confirm RagnarLocker ransomware taken down during international sting.pdf
|
|
|
|
|
2023-10-20 - Decoding a Cobalt Strike .hta Loader Using CyberChef and Emulation.pdf
|
|
|
|
|
2023-10-20 - IcedID gets Loaded.pdf
|
|
|
|
|
2023-10-20 - Malware and cryptography 21- encrypt-decrypt payload via WAKE. Simple C++ example..pdf
|
|
|
|
|
2023-10-20 - Malware and cryptography 21- encrypt-decrypt payload via WAKE. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-10-21 - Malware analysis NJ RAT 0.7NC & 0.6.4.pdf
|
|
|
|
|
2023-10-23 - Advice For Catching a RedLine Stealer.pdf
|
|
|
|
|
2023-10-23 - Cobalt Strike .VBS Loader - Decoding with Advanced CyberChef and Emulation.pdf
|
|
|
|
|
2023-10-23 - From Copacabana to Barcelona- The Cross-Continental Threat of Brazilian Banking Malware.pdf
|
|
|
|
|
2023-10-23 - The outstanding stealth of Operation Triangulation.pdf
|
|
|
|
|
2023-10-24 - Malware stories- Deworming the XWorm.pdf
|
|
|
|
|
2023-10-24 - The Israel-Hamas War - Cyber Domain State-Sponsored Activity of Interest.pdf
|
|
|
|
|
2023-10-25 - Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan.pdf
|
|
|
|
|
2023-10-25 - Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers.pdf
|
|
|
|
|
2023-10-26 - How to catch a wild triangle.pdf
|
|
|
|
|
2023-10-26 - Rhysida Ransomware Technical Analysis.pdf
|
|
|
|
|
2023-10-26 - SmartApeSG.pdf
|
|
|
|
|
2023-10-27 - A cascade of compromise- unveiling Lazarus’ new campaign.pdf
|
|
|
|
|
2023-10-27 - A Guide to Scattered Spider Data Breaches.pdf
|
|
|
|
|
2023-10-27 - GHOSTPULSE haunts victims using defense evasion bag o' tricks.pdf
|
|
|
|
|
2023-10-27 - Hackers escalate- leak 200k CCSD students’ data; claim to still have access to CCSD email system.pdf
|
|
|
|
|
2023-10-27 - Remcos Downloader Analysis - Manual Deobfuscation of Visual Basic and Powershell.pdf
|
|
|
|
|
2023-10-27 - Security Analyst Summit 2023- key research.pdf
|
|
|
|
|
2023-10-30 - 30TH OCTOBER – THREAT INTELLIGENCE REPORT.pdf
|
|
|
|
|
2023-10-30 - BiBi Wiper.pdf
|
|
|
|
|
2023-10-30 - Managed Security Services Provider (MSSP) Market News- 30 October 2023.pdf
|
|
|
|
|
2023-10-30 - Nitrogen Campaign 2.0 - Reloads with Enhanced Capabilities Leading to ALPHV-BlackCat Ransomware.pdf
|
|
|
|
|
2023-10-30 - Unpacking .NET Malware With Process Hacker and Dnspy.pdf
|
|
|
|
|
2023-10-31 - Elastic catches DPRK passing out KANDYKORN.pdf
|
|
|
|
|
2023-10-31 - From Albania to the Middle East- The Scarred Manticore is Listening.pdf
|
|
|
|
|
2023-10-31 - Over the Kazuar’s Nest- Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla).pdf
|
|
|
|
|
2023-10-31 - Prolific Puma- Shadowy Link Shortening Service Enables Cybercrime.pdf
|
|
|
|
|
2023-11-01 - Malware Dropped Through a ZPAQ Archive.pdf
|
|
|
|
|
2023-11-01 - Malware Unpacking With Memory Dumps - Intermediate Methods (Pe-Sieve, Process Hacker, Hxd and Pe-bear).pdf
|
|
|
|
|
2023-11-01 - MuddyWater eN-Able spear-phishing with new TTPs.pdf
|
|
|
|
|
2023-11-01 - New DarkGate Variant Uses a New Loading Approach.pdf
|
|
|
|
|
2023-11-01 - Popping Blisters for research- An overview of past payloads and exploring recent developments.pdf
|
|
|
|
|
2023-11-01 - RedLine Stealer Malware Analysis.pdf
|
|
|
|
|
2023-11-01 - Vietnamese Information Stealer Campaigns Target Professionals on LinkedIn.pdf
|
|
|
|
|
2023-11-02 - From DarkGate to DanaBot.pdf
|
|
|
|
|
2023-11-02 - Jeffco Public Schools hit by the same threat actors that hit Clark County School District — and via the same way.pdf
|
|
|
|
|
2023-11-02 - Monthly news - November 2023.pdf
|
|
|
|
|
2023-11-02 - Unveiling Socks5Systemz- The Rise of a New Proxy Service via PrivateLoader and Amadey.pdf
|
|
|
|
|
2023-11-03 - GhostSec- From Fighting ISIS to Possibly Targeting Israel with RaaS.pdf
|
|
|
|
|
2023-11-03 - Looney Tunables Vulnerability Exploited by Kinsing.pdf
|
|
|
|
|
2023-11-03 - The Five Families- Hacker Collaboration Redefining the Game.pdf
|
|
|
|
|
2023-11-06 - Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors.pdf
|
|
|
|
|
2023-11-06 - GootBot – Gootloader’s new approach to post-exploitation.pdf
|
|
|
|
|
2023-11-06 - Iran-linked hackers attack Israeli education and tech organizations.pdf
|
|
|
|
|
2023-11-06 - SideCopy’s Multi-platform Onslaught- Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT.pdf
|
|
|
|
|
2023-11-06 - Unpacking Malware With Hardware Breakpoints - Cobalt Strike.pdf
|
|
|
|
|
2023-11-07 - Malware development trick - part 37- Enumerate process modules via VirtualQueryEx. Simple C++ example..pdf
|
|
|
|
|
2023-11-07 - Malware development trick - part 37- Enumerate process modules via VirtualQueryEx. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-11-07 - New Gootloader Variant “GootBot” Changes the Game in Malware Tactics.pdf
|
|
|
|
|
2023-11-08 - MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel.pdf
|
|
|
|
|
2023-11-09 - Agonizing Serpens Attack Detection- Iran-Backed Hackers Target Israeli Tech Firms and Educational Institutions.pdf
|
|
|
|
|
2023-11-09 - IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations.pdf
|
|
|
|
|
2023-11-09 - Microsoft shares threat intelligence at CYBERWARCON 2023.pdf
|
|
|
|
|
2023-11-09 - Modern Asian APT Groups TTPs.pdf
|
|
|
|
|
2023-11-09 - Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology.pdf
|
|
|
|
|
2023-11-09 - Tasnim News Hacked By WeRedEvils.pdf
|
|
|
|
|
2023-11-10 - Detection of attacks exploiting asset management software (Andariel Group).pdf
|
|
|
|
|
2023-11-10 - Ducktail fashion week.pdf
|
|
|
|
|
2023-11-10 - The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits.pdf
|
|
|
|
|
2023-11-11 - A Unified Front Against Cyber Mercenaries.pdf
|
|
|
|
|
2023-11-13 - Decrypting the Mystery of MedusaLocker.pdf
|
|
|
|
|
2023-11-14 - HostingHunter Series- CHANG WAY TECHNOLOGIES CO. LIMITED.pdf
|
|
|
|
|
2023-11-14 - Remcos RAT Detection- UAC-0050 Hackers Launch Phishing Attacks Impersonating the Security Service of Ukraine.pdf
|
|
|
|
|
2023-11-14 - Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World.pdf
|
|
|
|
|
2023-11-14 - TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities.pdf
|
|
|
|
|
2023-11-14 - Taking The Elevator Down To Ring 0.pdf
|
|
|
|
|
2023-11-15 - Identifying Simple Pivot Points in Malware Infrastructure - RisePro Stealer.pdf
|
|
|
|
|
2023-11-15 - Investigating the New Rhysida Ransomware.pdf
|
|
|
|
|
2023-11-16 - Approaching stealers devs - a brief interview with LummaC2.pdf
|
|
|
|
|
2023-11-16 - BlackCat plays with malvertising traps to lure corporate victims.pdf
|
|
|
|
|
2023-11-16 - Scattered Spider.pdf
|
|
|
|
|
2023-11-17 - A deep dive into Phobos ransomware, recently deployed by 8Base group.pdf
|
|
|
|
|
2023-11-17 - Malware Spotlight – Into the Trash- Analyzing LitterDrifter.pdf
|
|
|
|
|
2023-11-17 - Understanding the Phobos affiliate structure and activity.pdf
|
|
|
|
|
2023-11-19 - A Look at IPStorm - Cross-Platform Malware Written in Go.pdf
|
|
|
|
|
2023-11-19 - Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike.pdf
|
|
|
|
|
2023-11-19 - PikaBot Is Back With a Vengeance - Part 2.pdf
|
|
|
|
|
2023-11-20 - Are DarkGate and PikaBot the new QakBot-.pdf
|
|
|
|
|
2023-11-20 - CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits.pdf
|
|
|
|
|
2023-11-20 - DarkGate Internals.pdf
|
|
|
|
|
2023-11-20 - Unveiling LummaC2 stealer’s novel Anti-Sandbox technique- Leveraging trigonometry for human behavior detection.pdf
|
|
|
|
|
2023-11-21 - Hacking Employers and Seeking Employment- Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors.pdf
|
|
|
|
|
2023-11-21 - PlayCrypt Ransomware-as-a-Service Expands Threat from Script Kiddies and Sophisticated Attackers.pdf
|
|
|
|
|
2023-11-21 - Scattered Spider Attack Analysis.pdf
|
|
|
|
|
2023-11-21 - Stealthy WailingCrab Malware misuses MQTT Messaging Protocol.pdf
|
|
|
|
|
2023-11-21 - The Continued Evolution of the DarkGate Malware-as-a-Service.pdf
|
|
|
|
|
2023-11-21 - The Platform Matters- A Comparative Study on Linux and Windows Ransomware Attacks.pdf
|
|
|
|
|
2023-11-21 - Tracking Vidar Infrastructure with Censys.pdf
|
|
|
|
|
2023-11-21 - Unmasking NJRat- A Deep Dive into a Notorious Remote Access Trojan Part1.pdf
|
|
|
|
|
2023-11-22 - Practical Queries for Malware Infrastructure - Part 3 (Advanced Examples).pdf
|
|
|
|
|
2023-11-23 - Israel-Hamas War Spotlight- Shaking the Rust Off SysJoker.pdf
|
|
|
|
|
2023-11-23 - Malware analysis Remcos RAT- 4.9.2 Pro.pdf
|
|
|
|
|
2023-11-23 - Malware and cryptography 22- encrypt-decrypt payload via XTEA. Simple C++ example..pdf
|
|
|
|
|
2023-11-23 - Malware and cryptography 22- encrypt-decrypt payload via XTEA. Simple CPlusPlus example..pdf
|
|
|
|
|
2023-11-23 - ParaSiteSnatcher- How Malicious Chrome Extensions Target Brazil.pdf
|
|
|
|
|
2023-11-23 - Unveiling the Deceptive Dance- Phobos Ransomware Masquerading As VX-Underground.pdf
|
|
|
|
|
2023-11-24 - Approaching stealers devs - a brief interview with Recordbreaker.pdf
|
|
|
|
|
2023-11-26 - From Infection to Encryption- Tracing the Impact of RYUK Ransomware.pdf
|
|
|
|
|
2023-11-26 - Identifying Suspected PrivateLoader Servers with Censys.pdf
|
|
|
|
|
2023-11-27 - Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian).pdf
|
|
|
|
|
2023-11-28 - Aki-RATs – Command and Control Party.pdf
|
|
|
|
|
2023-11-28 - Approaching stealers devs - a brief interview with Meduza.pdf
|
|
|
|
|
2023-11-28 - GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ.pdf
|
|
|
|
|
2023-11-28 - RisePro Malware Analysis- Exploring C2 Communication of a New Version.pdf
|
|
|
|
|
2023-11-29 - Akira Ransomware.pdf
|
|
|
|
|
2023-11-29 - Emerging MaaS Operator Sordeal Releases Nova Infostealer.pdf
|
|
|
|
|
2023-11-30 - Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates.pdf
|
|
|
|
|
2023-11-30 - AeroBlade on the Hunt Targeting the U.S. Aerospace Industry.pdf
|
|
|
|
|
2023-11-30 - Approaching stealers devs - a brief interview with Vidar.pdf
|
|
|
|
|
2023-11-30 - Promon discovers new Android banking malware, “FjordPhantom”.pdf
|
|
|
|
|
2023-11-30 - Uncovering the Serpent.pdf
|
|
|
|
|
2023-12-01 - Cases of attacks disguised as North Korean market price analysis documents, etc. CVE-2022-41128 vulnerability called with HWP, HWPX, DOCX, XLSX files.pdf
|
|
|
|
|
2023-12-01 - Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey).pdf
|
|
|
|
|
2023-12-01 - Monthly news - December 2023.pdf
|
|
|
|
|
2023-12-01 - New Tool Set Found Used Against Organizations in the Middle East, Africa and the US.pdf
|
|
|
|
|
2023-12-01 - Russian developer of Trickbot malware pleads guilty, faces 35-year sentence.pdf
|
|
|
|
|
2023-12-02 - Approaching stealers devs - a brief interview with Amadey.pdf
|
|
|
|
|
2023-12-02 - Threat Hunting Malware Infrastructure.pdf
|
|
|
|
|
2023-12-03 - Linux version of Qilin ransomware focuses on VMware ESXi.pdf
|
|
|
|
|
2023-12-03 - SkidSec Hacker Group Announces Plans to Spread North Korean Propaganda Through Hacked Printers in South Korea.pdf
|
|
|
|
|
2023-12-04 - Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks.pdf
|
|
|
|
|
2023-12-04 - P2Pinfect - New Variant Targets MIPS Devices.pdf
|
|
|
|
|
2023-12-04 - SQL Brute Force leads to Bluesky Ransomware.pdf
|
|
|
|
|
2023-12-05 - Approaching stealers devs - a brief interview with StealC.pdf
|
|
|
|
|
2023-12-05 - BlueNoroff- new Trojan attacking macOS users.pdf
|
|
|
|
|
2023-12-05 - TA422’s Dedicated Exploitation Loop—the Same Week After Week.pdf
|
|
|
|
|
2023-12-05 - The Tortoise and The Malwahare.pdf
|
|
|
|
|
2023-12-06 - Getting gooey with GULOADER- deobfuscating the downloader.pdf
|
|
|
|
|
2023-12-06 - Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings.pdf
|
|
|
|
|
2023-12-06 - Nebula Broker- offensive operations made in Italy.pdf
|
|
|
|
|
2023-12-06 - The csharp-streamer RAT.pdf
|
|
|
|
|
2023-12-06 - Unmasking the Enigma- A Historical Dive into the World of PlugX Malware.pdf
|
|
|
|
|
2023-12-06 - Unveiling “Vetta Loader”- A custom loader hitting Italy and spread through infected USB Drives.pdf
|
|
|
|
|
2023-12-07 - DanaBot's Latest Move- Deploying Latrodectus.pdf
|
|
|
|
|
2023-12-07 - Fighting Ursa Aka APT28- Illuminating a Covert Campaign.pdf
|
|
|
|
|
2023-12-07 - Russian influence and cyber operations adapt for long haul and exploit war fatigue.pdf
|
|
|
|
|
2023-12-07 - Star Blizzard increases sophistication and evasion in ongoing attacks.pdf
|
|
|
|
|
2023-12-07 - UK names FSB unit behind hack-and-leak campaigns, summons Russian ambassador.pdf
|
|
|
|
|
2023-12-08 - Approaching stealers devs - a brief interview with Meta.pdf
|
|
|
|
|
2023-12-08 - Ghidra Basics - Manual Shellcode Analysis and C2 Extraction.pdf
|
|
|
|
|
2023-12-08 - ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware.pdf
|
|
|
|
|
2023-12-09 - AST based GootLoader unpacker, C2 extractor and deobfuscator.pdf
|
|
|
|
|
2023-12-10 - Malware development- persistence - part 23. LNK files. Simple Powershell example..pdf
|
|
|
|
|
2023-12-10 - Rhysida Ransomware and the Detection Opportunities.pdf
|
|
|
|
|
2023-12-11 - Mustang Panda’s PlugX new variant targetting Taiwanese government and diplomats.pdf
|
|
|
|
|
2023-12-11 - Operation Blacksmith- Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang.pdf
|
|
|
|
|
2023-12-11 - Sandman APT - China-Based Adversaries Embrace Lua.pdf
|
|
|
|
|
2023-12-12 - November 2023’s Most Wanted Malware- New AsyncRAT Campaign Discovered while FakeUpdates Re-Entered the Top Ten after Brief Hiatus.pdf
|
|
|
|
|
2023-12-12 - Rhysida Ransomware- History, TTPs And Adversary Emulation Plans.pdf
|
|
|
|
|
2023-12-12 - Threat actors misuse OAuth applications to automate financially driven attacks.pdf
|
|
|
|
|
2023-12-12 - Ukrainian intelligence attacks and paralyses Russia's tax system.pdf
|
|
|
|
|
2023-12-13 - Disrupting the gateway services to cybercrime.pdf
|
|
|
|
|
2023-12-13 - FakeSG campaign, Akira ransomware and AMOS macOS stealer.pdf
|
|
|
|
|
2023-12-13 - Kuiper ransomware analysis- Stairwell’s technical report.pdf
|
|
|
|
|
2023-12-13 - Malware in the wild book.pdf
|
|
|
|
|
2023-12-13 - Rhysida Ransomware.pdf
|
|
|
|
|
2023-12-13 - Routers Roasting on an Open Firewall- the KV-botnet Investigation.pdf
|
|
|
|
|
2023-12-13 - Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally.pdf
|
|
|
|
|
2023-12-13 - Scammers Weaponize Google Forms in New BazarCall Attack.pdf
|
|
|
|
|
2023-12-13 - TeamCity Intrusion Saga- APT29 Suspected Among the Attackers Exploiting CVE-2023-42793.pdf
|
|
|
|
|
2023-12-14 - Bad Zip and new Packer for Android-BianLian.pdf
|
|
|
|
|
2023-12-14 - Gaza Cybergang - Unified Front Targeting Hamas Opposition.pdf
|
|
|
|
|
2023-12-14 - Imperva Detects Undocumented 8220 Gang Activities.pdf
|
|
|
|
|
2023-12-14 - Opening a Can of Whoop Ads- Detecting and Disrupting a Malvertising Campaign Distributing Backdoors.pdf
|
|
|
|
|
2023-12-14 - Rhadamanthys v0.5.0 – A Deep Dive into the Stealer’s Components.pdf
|
|
|
|
|
2023-12-15 - Github Repo for Malicord.pdf
|
|
|
|
|
2023-12-15 - PikaBot distributed via malicious search ads.pdf
|
|
|
|
|
2023-12-18 - Analysing a Widespread Microsoft 365 Credential Harvesting Campaign.pdf
|
|
|
|
|
2023-12-18 - Innovation in Cyber Intrusions- The Evolution of TA544.pdf
|
|
|
|
|
2023-12-18 - Organizing malware analysis with Colander- example on Android-WyrmSpy.pdf
|
|
|
|
|
2023-12-18 - Rewterz Threat Update – Microsoft Warns of Emerging Threat by Storm-0539 Behind Gift Card Frauds.pdf
|
|
|
|
|
2023-12-19 - Seedworm- Iranian Hackers Target Telecoms Orgs in North and East Africa.pdf
|
|
|
|
|
2023-12-20 - CryptoGuard- An asymmetric approach to the ransomware battle.pdf
|
|
|
|
|
2023-12-20 - GhostLocker Ransomware Analysis Report (Paywall).pdf
|
|
|
|
|
2023-12-20 - Operation HamsaUpdate - A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk.pdf
|
|
|
|
|
2023-12-20 - The Origin of OriginLogger & Agent Tesla.pdf
|
|
|
|
|
2023-12-21 - Android Banking Trojan Chameleon can now bypass any Biometric Authentication.pdf
|
|
|
|
|
2023-12-21 - Bandook - A Persistent Threat That Keeps Evolving.pdf
|
|
|
|
|
2023-12-21 - BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates.pdf
|
|
|
|
|
2023-12-21 - BPF Memory Forensics with Volatility 3.pdf
|
|
|
|
|
2023-12-22 - Smoke and Mirrors- Understanding The Workings of Wazawaka.pdf
|
|
|
|
|
2023-12-23 - IceNova Malware Profile.pdf
|
|
|
|
|
2023-12-23 - Scattered Spider spins a troublesome web.pdf
|
|
|
|
|
2023-12-24 - Barracuda Email Security Gateway Appliance (ESG) Vulnerability.pdf
|
|
|
|
|
2023-12-26 - Pikabot Loader analysis, round 2!.pdf
|
|
|
|
|
2023-12-26 - Pure Logs Stealer Fails to Impress.pdf
|
|
|
|
|
2023-12-27 - Malicious code impersonating the National Tax Service created by Konni.pdf
|
|
|
|
|
2023-12-27 - Mallox Evading AMSI.pdf
|
|
|
|
|
2023-12-27 - Operation Triangulation- The last (hardware) mystery.pdf
|
|
|
|
|
2023-12-27 - Operation Triangulation- What You Get When Attack iPhones of Researchers.pdf
|
|
|
|
|
2023-12-27 - Pivoting through a Sea of indicators to spot Turtles.pdf
|
|
|
|
|
2023-12-28 - MetaStealer Part 2, Google Cookie Refresher Madness and Stealer Drama.pdf
|
|
|
|
|
2023-12-28 - New Rugmi Malware Loader Surges with Hundreds of Daily Detections.pdf
|
|
|
|
|
2023-12-28 - Trend Analysis on Kimsuky Group’s Attacks Using AppleSeed.pdf
|
|
|
|
|
2023-12-29 - Microsoft Storm-1152 Crackdown- Stopping Threat Actors.pdf
|
|
|
|
|
2023-12-30 - Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs.pdf
|
|
|
|