|
Up
|
|
|
|
|
2021-01-01 - The Mac Malware of 2020 - a comprehensive analysis of the year's new malware.pdf
|
|
|
|
|
2021-01-02 - As Understanding of Russian Hacking Grows, So Does Alarm.pdf
|
|
|
|
|
2021-01-02 - How Russia’s ‘Info Warrior’ Hackers Let Kremlin Play Geopolitics on the Cheap.pdf
|
|
|
|
|
2021-01-03 - Babuk Ransomware.pdf
|
|
|
|
|
2021-01-04 - Building a Custom Malware Analysis Lab Environment.pdf
|
|
|
|
|
2021-01-04 - China's APT hackers move to ransomware attacks.pdf
|
|
|
|
|
2021-01-04 - Darknet Threat Actors Are Not Playing Games with the Gaming Industry.pdf
|
|
|
|
|
2021-01-04 - Detecting Supernova Malware- SolarWinds Continued.pdf
|
|
|
|
|
2021-01-04 - DRIDEX Stopping Serial Killer- Catching the Next Strike.pdf
|
|
|
|
|
2021-01-04 - Finding Targeted SUNBURST Victims with pDNS.pdf
|
|
|
|
|
2021-01-04 - Royal Road! Re-Dive.pdf
|
|
|
|
|
2021-01-04 - TransLink confirms ransomware data theft, still restoring systems.pdf
|
|
|
|
|
2021-01-05 - [Threat Analysis] CLOP Ransomware that Attacked Korean Distribution Giant.pdf
|
|
|
|
|
2021-01-05 - An Overview of the DoppelPaymer Ransomware.pdf
|
|
|
|
|
2021-01-05 - Attack from Mustang Panda- My rabbit is back!.pdf
|
|
|
|
|
2021-01-05 - Discharging ElectroRAT.pdf
|
|
|
|
|
2021-01-05 - Earth Wendigo Injects JavaScript Backdoor to Service Worker for Mailbox Exfiltration.pdf
|
|
|
|
|
2021-01-05 - Manual analysis of new PowerSplit maldocs delivering Emotet.pdf
|
|
|
|
|
2021-01-05 - Operation ElectroRAT- Attacker Creates Fake Companies to Drain Your Crypto Wallets.pdf
|
|
|
|
|
2021-01-05 - Red team's perspective on the TTPs in Sunburst's backdoor.pdf
|
|
|
|
|
2021-01-05 - ‘I Was Running Two Parallel Lives’- An Ex-Secret Service Agent Opens Up About Going Undercover To Catch Cybercriminals.pdf
|
|
|
|
|
2021-01-06 - A Deep Dive into Lokibot Infection Chain.pdf
|
|
|
|
|
2021-01-06 - A Trump Sex Video- No, It's a RAT!.pdf
|
|
|
|
|
2021-01-06 - All About Doki Malware.pdf
|
|
|
|
|
2021-01-06 - Department of Justice Statement on Solarwinds Update.pdf
|
|
|
|
|
2021-01-06 - Expanding Range and Improving Speed- A RansomExx Approach.pdf
|
|
|
|
|
2021-01-06 - Hackers start exploiting the new backdoor in Zyxel devices.pdf
|
|
|
|
|
2021-01-06 - Holiday Bazar- Tracking a TrickBot-Related Ransomware Incident.pdf
|
|
|
|
|
2021-01-06 - How to Slam a Door on the Cutwail Botnet- Enforce DMARC.pdf
|
|
|
|
|
2021-01-06 - ReconHellcat Uses NIST Theme as Lure To Deliver New BlackSoul Malware.pdf
|
|
|
|
|
2021-01-06 - Retrohunting APT37- North Korean APT used VBA self decode technique to inject RokRat.pdf
|
|
|
|
|
2021-01-06 - SolarWinds_Countermeasures.pdf
|
|
|
|
|
2021-01-06 - Supply Chain Compromise.pdf
|
|
|
|
|
2021-01-07 - Avoiding supply-chain attacks similar to SolarWinds Orion’s (SUNBURST).pdf
|
|
|
|
|
2021-01-07 - Malware using new Ezuri memory loader.pdf
|
|
|
|
|
2021-01-07 - Meet Oski Stealer- An In-depth Analysis of the Popular Credential Stealer.pdf
|
|
|
|
|
2021-01-07 - SolarWinds- How a Rare DGA Helped Attacker Communications Fly Under the Radar.pdf
|
|
|
|
|
2021-01-07 - TA551- Email Attack Campaign Switches from Valak to IcedID.pdf
|
|
|
|
|
2021-01-08 - A Golden SAML Journey- SolarWinds Continued.pdf
|
|
|
|
|
2021-01-08 - Alert (AA21-008A)- Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments.pdf
|
|
|
|
|
2021-01-08 - Charming Kitten’s Christmas Gift.pdf
|
|
|
|
|
2021-01-08 - Leonardo S.p.A. Data Breach Analysis.pdf
|
|
|
|
|
2021-01-08 - Ransomware Delivered Using RDP Brute-Force Attack.pdf
|
|
|
|
|
2021-01-08 - The malware analyst’s guide to aPLib decompression.pdf
|
|
|
|
|
2021-01-09 - Command and Control Traffic Patterns.pdf
|
|
|
|
|
2021-01-09 - ezuri_unpack.pdf
|
|
|
|
|
2021-01-09 - Malware Development- Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking.pdf
|
|
|
|
|
2021-01-10 - MAN1, Moskal, Hancitor and a side of Ransomware.pdf
|
|
|
|
|
2021-01-11 - Darkside Ransomware Decryption Tool.pdf
|
|
|
|
|
2021-01-11 - Exclusive- FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources.pdf
|
|
|
|
|
2021-01-11 - FADE DEAD - Adventures in Reversing Malicious Run-Only AppleScripts.pdf
|
|
|
|
|
2021-01-11 - New Findings From Our Investigation of SUNBURST.pdf
|
|
|
|
|
2021-01-11 - Operation Spalax- Targeted malware attacks in Colombia.pdf
|
|
|
|
|
2021-01-11 - Robust Indicators of Compromise for SUNBURST.pdf
|
|
|
|
|
2021-01-11 - Sunburst backdoor – code overlaps with Kazuar.pdf
|
|
|
|
|
2021-01-11 - SUNSPOT- An Implant in the Build Process.pdf
|
|
|
|
|
2021-01-11 - Trickbot Still Alive and Well.pdf
|
|
|
|
|
2021-01-11 - xHunt Campaign- New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement.pdf
|
|
|
|
|
2021-01-12 - Abusing cloud services to fly under the radar.pdf
|
|
|
|
|
2021-01-12 - Confucius APT deploys Warzone RAT.pdf
|
|
|
|
|
2021-01-12 - Cybereason vs. Conti Ransomware.pdf
|
|
|
|
|
2021-01-12 - Going Rogue- a Mastermind behind Android Malware Returns with a New RAT.pdf
|
|
|
|
|
2021-01-12 - Important Update from Mimecast.pdf
|
|
|
|
|
2021-01-12 - Multiple vulnerabilities found in FiberHome HG6245D routers.pdf
|
|
|
|
|
2021-01-12 - New Android spyware targets users in Pakistan.pdf
|
|
|
|
|
2021-01-12 - New Variant of Ursnif Continuously Targeting Italy.pdf
|
|
|
|
|
2021-01-12 - Opening “STEELCORGI”- A Sophisticated APT Swiss Army Knife.pdf
|
|
|
|
|
2021-01-12 - Slamming The Backdoor On BazarLoader.pdf
|
|
|
|
|
2021-01-12 - UNC2452- What We Know So Far.pdf
|
|
|
|
|
2021-01-13 - [RE019] From A to X analyzing some real cases which used recent Emotet samples.pdf
|
|
|
|
|
2021-01-13 - A Rare Look Inside a Cryptojacking Campaign and its Profit.pdf
|
|
|
|
|
2021-01-13 - Analysis Report (AR21-013A)- Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services.pdf
|
|
|
|
|
2021-01-13 - Github Repository- BlackNET 3.7.0.1.pdf
|
|
|
|
|
2021-01-13 - Gitlab RCE Stealth Shellbot.pdf
|
|
|
|
|
2021-01-13 - Hancitor activity resumes after a hoilday break.pdf
|
|
|
|
|
2021-01-13 - Passive Income of Cyber Criminals- Dissecting Bitcoin Multiplier Scam.pdf
|
|
|
|
|
2021-01-13 - Reviving MuddyC3 Used by MuddyWater (IRAN) APT.pdf
|
|
|
|
|
2021-01-13 - 年度最慘漏洞!深入探究 Oracle WebLogic CVE-2020-14882.pdf
|
|
|
|
|
2021-01-14 - Higaisa or Winnti- APT41 backdoors, old and new.pdf
|
|
|
|
|
2021-01-14 - Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender.pdf
|
|
|
|
|
2021-01-14 - Killed In Translation.pdf
|
|
|
|
|
2021-01-14 - New Analysis Puts Magecart Interconnectivity into Focus.pdf
|
|
|
|
|
2021-01-14 - Python Cryptominer Botnet Quickly Adopts Latest Vulnerabilities.pdf
|
|
|
|
|
2021-01-14 - Real-Time Phishing Kit Targets Brazilian Central Bank.pdf
|
|
|
|
|
2021-01-14 - The Devil’s in the Details- SUNBURST Attribution.pdf
|
|
|
|
|
2021-01-14 - You Can Run, But You Can’t Hide- Advanced Emotet Updates.pdf
|
|
|
|
|
2021-01-15 - Detecting Malicious C2 Activity -SpawnAs & SMB Lateral Movement in CobaltStrike.pdf
|
|
|
|
|
2021-01-15 - How we’re helping to reshape the software supply chain ecosystem securely.pdf
|
|
|
|
|
2021-01-15 - Joker’s Stash, the Largest Carding Marketplace, Shuts Down.pdf
|
|
|
|
|
2021-01-15 - Last Dash for Jokers Stash Carding forum may close in 30 days.pdf
|
|
|
|
|
2021-01-15 - Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks.pdf
|
|
|
|
|
2021-01-15 - Sign over Your Hashes – Stealing NetNTLM Hashes via Outlook Signatures.pdf
|
|
|
|
|
2021-01-15 - SolarWinds- Insights into Attacker Command and Control Process.pdf
|
|
|
|
|
2021-01-15 - Windows Finger command abused by phishing to download malware.pdf
|
|
|
|
|
2021-01-16 - Babuk Ransomware v3.pdf
|
|
|
|
|
2021-01-16 - Iran’s Cyber Campaign, and Coercive Recruitment Methods.pdf
|
|
|
|
|
2021-01-16 - Oski Stealer - A Credential Theft Malware.pdf
|
|
|
|
|
2021-01-17 - Backdooring MSBuild.pdf
|
|
|
|
|
2021-01-18 - All That for a Coinminer-.pdf
|
|
|
|
|
2021-01-18 - Botnet Deploys Cloud and Container Attack Techniques.pdf
|
|
|
|
|
2021-01-18 - Docx Files Template-Injection.pdf
|
|
|
|
|
2021-01-18 - Extracting Shellcode in ICEID .PNG Steganography.pdf
|
|
|
|
|
2021-01-18 - IObit forums hacked in widespread DeroHE ransomware attack.pdf
|
|
|
|
|
2021-01-18 - IObit forums hacked to spread ransomware to its members.pdf
|
|
|
|
|
2021-01-18 - Linux.Midrashim- Assembly x64 ELF virus.pdf
|
|
|
|
|
2021-01-18 - Raindrop- New Malware Discovered in SolarWinds Investigation.pdf
|
|
|
|
|
2021-01-18 - Trump’s Worst, Most Bizarre Statements About ‘the Cyber’.pdf
|
|
|
|
|
2021-01-19 - Dridex Malicious Document Analysis- Automating the Extraction of Payload URLs.pdf
|
|
|
|
|
2021-01-19 - FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet.pdf
|
|
|
|
|
2021-01-19 - Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments.pdf
|
|
|
|
|
2021-01-19 - Mandiant Azure AD Investigator- Focusing on UNC2452 TTPs.pdf
|
|
|
|
|
2021-01-19 - Oh, So You Got IOCs- Being a Good CTI Consumer.pdf
|
|
|
|
|
2021-01-19 - Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452.pdf
|
|
|
|
|
2021-01-19 - Tools used within the network invaded by attack group Lazarus.pdf
|
|
|
|
|
2021-01-19 - VPNFilter Two Years Later- Routers Still Compromised.pdf
|
|
|
|
|
2021-01-19 - Wireshark Tutorial- Examining Emotet Infection Traffic.pdf
|
|
|
|
|
2021-01-20 - Anchor and Lazarus together again-.pdf
|
|
|
|
|
2021-01-20 - Commonly Known Tools Used by Lazarus.pdf
|
|
|
|
|
2021-01-20 - Deep dive into the Solorigate second-stage activation- From SUNBURST to TEARDROP and Raindrop.pdf
|
|
|
|
|
2021-01-20 - Emulation of Kernel Mode Rootkits With Speakeasy.pdf
|
|
|
|
|
2021-01-20 - MoqHao Part 1- Identifying Phishing Infrastructure.pdf
|
|
|
|
|
2021-01-20 - XDR investigation uncovers PlugX, unique technique in APT attack.pdf
|
|
|
|
|
2021-01-21 - Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack.pdf
|
|
|
|
|
2021-01-21 - MrbMiner- Cryptojacking to bypass international sanctions.pdf
|
|
|
|
|
2021-01-21 - Necro在频繁升级,新版本开始使用PyInstaller和DGA.pdf
|
|
|
|
|
2021-01-21 - Powershell Dropping a REvil Ransomware.pdf
|
|
|
|
|
2021-01-21 - Silencing Microsoft Defender for Endpoint using firewall rules.pdf
|
|
|
|
|
2021-01-21 - Solarwinds Attack- Sunburst's DLL Technical Analysis.pdf
|
|
|
|
|
2021-01-21 - Vadokrist- A wolf in sheep’s clothing.pdf
|
|
|
|
|
2021-01-22 - Another File Extension to Block in your MTA- .jnlp.pdf
|
|
|
|
|
2021-01-22 - Change in Perspective on the Utility of SUNBURST-related Network Indicators.pdf
|
|
|
|
|
2021-01-22 - DreamBus Botnet - Technical Analysis.pdf
|
|
|
|
|
2021-01-22 - LDAP Channel Binding and Signing.pdf
|
|
|
|
|
2021-01-22 - Malware Analysis Report No2.pdf
|
|
|
|
|
2021-01-22 - Necro is going to version 3 and using PyInstaller and DGA.pdf
|
|
|
|
|
2021-01-22 - SolarWinds- How Sunburst Sends Data Back to the Attackers.pdf
|
|
|
|
|
2021-01-23 - Deep Dive Into SectopRat.pdf
|
|
|
|
|
2021-01-23 - RIFT- Analysing a Lazarus Shellcode Execution Method.pdf
|
|
|
|
|
2021-01-23 - Yet Another Bazar Loader DGA.pdf
|
|
|
|
|
2021-01-24 - Another ransomware (Avaddon) now uses DDoS attacks to force victims to pay.pdf
|
|
|
|
|
2021-01-24 - Catching Debuggers with Section Hashing.pdf
|
|
|
|
|
2021-01-24 - Finding SUNBURST victims and targets by using passive DNS, OSINT.pdf
|
|
|
|
|
2021-01-24 - The only command you will ever need to understand and fix your Group Policies (GPO).pdf
|
|
|
|
|
2021-01-24 - VisualDoor- SonicWall SSL-VPN Exploit.pdf
|
|
|
|
|
2021-01-25 - A detailed analysis of ELMER Backdoor used by APT16.pdf
|
|
|
|
|
2021-01-25 - Affiliates vs Hunters- Fighting the DarkSide.pdf
|
|
|
|
|
2021-01-25 - Fake Office 365 Used for Phishing Attacks on C-Suite Targets.pdf
|
|
|
|
|
2021-01-25 - Individuato sito che veicola in Italia un APK malevolo.pdf
|
|
|
|
|
2021-01-25 - New campaign targeting security researchers.pdf
|
|
|
|
|
2021-01-25 - On attribution- APT28, APT29…Turla- No, they are NOT the same.pdf
|
|
|
|
|
2021-01-25 - Twenty-three SUNBURST Targets Identified.pdf
|
|
|
|
|
2021-01-25 - Ungilded Secrets- A New Paradigm for Key Security.pdf
|
|
|
|
|
2021-01-26 - Cybereason vs. RansomEXX Ransomware.pdf
|
|
|
|
|
2021-01-26 - DPRK Malware Targeting Security Researchers.pdf
|
|
|
|
|
2021-01-26 - Examining a Sodinokibi Attack.pdf
|
|
|
|
|
2021-01-26 - GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure.pdf
|
|
|
|
|
2021-01-26 - Important Security Update.pdf
|
|
|
|
|
2021-01-26 - Mimecast links security breach to SolarWinds hackers.pdf
|
|
|
|
|
2021-01-26 - Nefilim Ransomware Attack Uses “Ghost” Credentials.pdf
|
|
|
|
|
2021-01-26 - New Year, New Version of DanaBot.pdf
|
|
|
|
|
2021-01-26 - North Korea APT Might Have Used a Mobile 0day Too-.pdf
|
|
|
|
|
2021-01-26 - Ongoing Analysis of SolarWinds Impacts.pdf
|
|
|
|
|
2021-01-26 - Operation Dream Job by Lazarus.pdf
|
|
|
|
|
2021-01-26 - PANDORABOX - North Koreans target security researchers.pdf
|
|
|
|
|
2021-01-26 - Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication.pdf
|
|
|
|
|
2021-01-26 - Ransomware- Analyzing the data from 2020.pdf
|
|
|
|
|
2021-01-26 - Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret.pdf
|
|
|
|
|
2021-01-26 - SunBurst industrial victims.pdf
|
|
|
|
|
2021-01-26 - Threat Attribution — Chimera -Under the Radar-.pdf
|
|
|
|
|
2021-01-26 - TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version-.pdf
|
|
|
|
|
2021-01-26 - Undefeated, hackers use Visual Studio compiler features to target binary vulnerabilities security researcher.pdf
|
|
|
|
|
2021-01-26 - W4 Jan - EN - Story of the week- Ransomware on the Darkweb.pdf
|
|
|
|
|
2021-01-27 - Accellion cyber incident.pdf
|
|
|
|
|
2021-01-27 - Analysis of THREATNEEDLE C&C Communication (feat. Google TAG Warning to Researchers).pdf
|
|
|
|
|
2021-01-27 - Arrest, Seizures Tied to Netwalker Ransomware.pdf
|
|
|
|
|
2021-01-27 - CrimsonIAS- Listening for an 3v1l User.pdf
|
|
|
|
|
2021-01-27 - Department of Justice Launches Global Action Against NetWalker Ransomware.pdf
|
|
|
|
|
2021-01-27 - Emotet takedown is not like the Trickbot takedown.pdf
|
|
|
|
|
2021-01-27 - How to communicate between RAT infected devices (White paper).pdf
|
|
|
|
|
2021-01-27 - How We Hacked Azure Functions and Escaped Docker.pdf
|
|
|
|
|
2021-01-27 - International Action Targets Emotet Crimeware.pdf
|
|
|
|
|
2021-01-27 - Malware Analysis Report (AR21-027A)- MAR-10319053-1.v1 - Supernova.pdf
|
|
|
|
|
2021-01-27 - Oscorp, il “solito” malware per Android.pdf
|
|
|
|
|
2021-01-27 - Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts.pdf
|
|
|
|
|
2021-01-27 - TeamTNT delivers malware with new detection evasion tool.pdf
|
|
|
|
|
2021-01-27 - World’s most dangerous malware EMOTET disrupted through global action.pdf
|
|
|
|
|
2021-01-28 - A Look at iMessage in iOS 14.pdf
|
|
|
|
|
2021-01-28 - BazarLoader’s Elaborate Flower Shop Lure.pdf
|
|
|
|
|
2021-01-28 - BlueCrab ransomware constantly trying to bypass detection.pdf
|
|
|
|
|
2021-01-28 - Deep into the SunBurst Attack.pdf
|
|
|
|
|
2021-01-28 - Emotet Botnet Disrupted in International Cyber Operation.pdf
|
|
|
|
|
2021-01-28 - Emotet Botnet Takedown.pdf
|
|
|
|
|
2021-01-28 - Emotet disruption - Europol counterattack.pdf
|
|
|
|
|
2021-01-28 - Emotet vs. Windows Attack Surface Reduction.pdf
|
|
|
|
|
2021-01-28 - In cyber espionage, U.S. is both hunted and hunter.pdf
|
|
|
|
|
2021-01-28 - Learn how to fix PE magic numbers with Malduck.pdf
|
|
|
|
|
2021-01-28 - Osno – A Stealer and a Miner in One.pdf
|
|
|
|
|
2021-01-28 - Pro-Ocean- Rocke Group’s New Cryptojacking Malware.pdf
|
|
|
|
|
2021-01-28 - Tailoring Cobalt Strike on Target.pdf
|
|
|
|
|
2021-01-28 - ZINC attacks against security researchers.pdf
|
|
|
|
|
2021-01-29 - Chopper ASPX web shell used in targeted attack.pdf
|
|
|
|
|
2021-01-29 - Cleaning up after Emotet- the law enforcement file.pdf
|
|
|
|
|
2021-01-29 - Cloudy with a Chance of Persistent Email Access.pdf
|
|
|
|
|
2021-01-30 - Analysis of Lazarus attacks against security researchers.pdf
|
|
|
|
|
2021-01-31 - $1 Million is Just the Beginning- Q4 2020 in Network Access Sales.pdf
|
|
|
|
|
2021-01-31 - Bazar, No Ryuk-.pdf
|
|
|
|
|
2021-02-01 - Analysis of the attack activity organized by Konni APT using the topic of North Korean epidemic materials as bait.pdf
|
|
|
|
|
2021-02-01 - BazarLoader Mocks Researchers in December 2020 Malspam Campaign.pdf
|
|
|
|
|
2021-02-01 - BlueCrab ransomware, CobaltStrike hacking tool installed in corporate environment.pdf
|
|
|
|
|
2021-02-01 - DDG- A Mining Botnet Aiming at Database Servers.pdf
|
|
|
|
|
2021-02-01 - DPRK Targeting Researchers II- .Sys Payload and Registry Hunting.pdf
|
|
|
|
|
2021-02-01 - Operation NightScout- Supply‑chain attack targets online gaming in Asia.pdf
|
|
|
|
|
2021-02-01 - Pivoting- finding malware domains without seeing malicious activity.pdf
|
|
|
|
|
2021-02-01 - Relay Attacks via Cobalt Strike Beacons.pdf
|
|
|
|
|
2021-02-01 - Trickbot masrv Module.pdf
|
|
|
|
|
2021-02-01 - Urgent Security Notice- SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability.pdf
|
|
|
|
|
2021-02-01 - What tracking an attacker email infrastructure tells us about persistent cybercriminal operations.pdf
|
|
|
|
|
2021-02-02 - Babyk Ransomware won't hit charities, unless they support LGBT, BLM.pdf
|
|
|
|
|
2021-02-02 - Credit card skimmer piggybacks on Magento 1 hacking spree.pdf
|
|
|
|
|
2021-02-02 - De ataque con Malware a incidente de Ransomware.pdf
|
|
|
|
|
2021-02-02 - Exclusive- Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency - sources.pdf
|
|
|
|
|
2021-02-02 - Finding and Decoding Multi-Step Obfuscated Malware.pdf
|
|
|
|
|
2021-02-02 - Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says.pdf
|
|
|
|
|
2021-02-02 - How Vietnam-based hacking operation OceanLotus targets journalists.pdf
|
|
|
|
|
2021-02-02 - Investigation Xoth - Smartphone Location Tracking.pdf
|
|
|
|
|
2021-02-02 - Kobalos – A complex Linux threat to high performance computing infrastructure.pdf
|
|
|
|
|
2021-02-02 - Whitespace Steganography Conceals Web Shell in PHP Malware.pdf
|
|
|
|
|
2021-02-02 - XLSB- Analyzing a Microsoft Excel Binary Spreadsheet.pdf
|
|
|
|
|
2021-02-03 - A Spyware Vendor Seemingly Made a Fake WhatsApp to Hack Targets.pdf
|
|
|
|
|
2021-02-03 - Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests.pdf
|
|
|
|
|
2021-02-03 - Dissecting a RAT. Analysis of DroidJack v4.4 RAT network traffic..pdf
|
|
|
|
|
2021-02-03 - Dissemination of malicious code disguised as a document of'Amendment of Ministry of Defense's Business Report in 2021.pdf
|
|
|
|
|
2021-02-03 - Déjà vu-lnerability A Year in Review of 0-days Exploited In-The-Wild in 2020.pdf
|
|
|
|
|
2021-02-03 - Emotet Disruption- what it means for the cyber threat landscape.pdf
|
|
|
|
|
2021-02-03 - Excel spreadsheets push SystemBC malware.pdf
|
|
|
|
|
2021-02-03 - Findings From Our Ongoing Investigations.pdf
|
|
|
|
|
2021-02-03 - Hildegard- New TeamTNT Malware Targeting Kubernetes.pdf
|
|
|
|
|
2021-02-03 - Malvertising- Made in China.pdf
|
|
|
|
|
2021-02-03 - MTR casebook- Uncovering a backdoor implant in a SolarWinds Orion server.pdf
|
|
|
|
|
2021-02-03 - New cryptojacking malware called Pro-Ocean is now attacking Apache, Oracle and Redis servers.pdf
|
|
|
|
|
2021-02-03 - Ursnif Trojan has targeted over 100 Italian banks.pdf
|
|
|
|
|
2021-02-03 - Zeoticus 2.0 - Ransomware With No C2 Required.pdf
|
|
|
|
|
2021-02-04 - Abusing Google Chrome extension syncing for data exfiltration and C&C.pdf
|
|
|
|
|
2021-02-04 - Blockchain Analysis Shows Connections Between Four of 2020’s Biggest Ransomware Strains.pdf
|
|
|
|
|
2021-02-04 - Connecting the dots inside the Italian APT Landscape.pdf
|
|
|
|
|
2021-02-04 - Fonix Ransomware Decryptor.pdf
|
|
|
|
|
2021-02-05 - Behavior Clustering just got easier using new characteristics..pdf
|
|
|
|
|
2021-02-05 - CinaRAT Resurfaces with New Evasive Tactics and Techniques.pdf
|
|
|
|
|
2021-02-05 - Cybersecurity Advisory for Public Water Suppliers.pdf
|
|
|
|
|
2021-02-05 - Exploits in the Wild for WordPress File Manager RCE Vulnerability (CVE-2020-25213).pdf
|
|
|
|
|
2021-02-05 - Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping.pdf
|
|
|
|
|
2021-02-05 - Microsoft warns of increasing OAuth Office 365 phishing attacks.pdf
|
|
|
|
|
2021-02-05 - New in Ransomware- Seth-Locker, Babuk Locker, Maoloa, TeslaCrypt, and CobraLocker.pdf
|
|
|
|
|
2021-02-05 - Voltron STA The curious case of 0xFancyFilter.pdf
|
|
|
|
|
2021-02-06 - Decrypting AzoRult traffic for fun and profit.pdf
|
|
|
|
|
2021-02-07 - Dridex Malware Analysis.pdf
|
|
|
|
|
2021-02-07 - New phishing attack uses Morse code to hide malicious URLs.pdf
|
|
|
|
|
2021-02-08 - A Hacker Tried to Poison a Florida City's Water Supply, Officials Say.pdf
|
|
|
|
|
2021-02-08 - After Lightning Comes Thunder.pdf
|
|
|
|
|
2021-02-08 - Auf Tätersuche- Herausforderungen bei der Analyse von Cyber-Angriffen.pdf
|
|
|
|
|
2021-02-08 - Blocking SolarMarker Backdoor.pdf
|
|
|
|
|
2021-02-08 - Domestic Kitten – An Inside Look at the Iranian Surveillance Operations.pdf
|
|
|
|
|
2021-02-08 - Long Live, Osiris; Banking Trojan Targets German IP Addresses.pdf
|
|
|
|
|
2021-02-08 - Malware Analysis Report (AR21-039A)- SUNBURST.pdf
|
|
|
|
|
2021-02-08 - Malware Analysis Report (AR21-039B)- MAR-10320115-1.v1 - TEARDROP.pdf
|
|
|
|
|
2021-02-08 - Recommendations Following the Oldsmar Water Treatment Facility Cyber Attack.pdf
|
|
|
|
|
2021-02-08 - Reverse engineering Emotet – Our approach to protect GRNET against the trojan.pdf
|
|
|
|
|
2021-02-08 - What Is the Point of These Nation-State Indictments-.pdf
|
|
|
|
|
2021-02-09 - BazarBackdoor’s Stealthy Infiltration Evades Multiple SEGs.pdf
|
|
|
|
|
2021-02-09 - Dependency Confusion- How I Hacked Into Apple, Microsoft and Dozens of Other Companies.pdf
|
|
|
|
|
2021-02-09 - Extracting the Cobalt Strike Config from a TEARDROP Loader.pdf
|
|
|
|
|
2021-02-09 - Ghidra script to decrypt strings in Amadey 1.09.pdf
|
|
|
|
|
2021-02-09 - Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows.pdf
|
|
|
|
|
2021-02-09 - Learn Pipe Fitting for all of your Offense Projects.pdf
|
|
|
|
|
2021-02-09 - Multiple Security Updates Affecting TCP-IP- CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086.pdf
|
|
|
|
|
2021-02-09 - Threat actors now target Docker via container escape features.pdf
|
|
|
|
|
2021-02-09 - Water, Water Everywhere – But Nary a Hacker to Blame.pdf
|
|
|
|
|
2021-02-09 - Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1732 (exploited ITW).pdf
|
|
|
|
|
2021-02-10 - Lampion trojan disseminated in Portugal using COVID-19 template.pdf
|
|
|
|
|
2021-02-10 - Lookout Discovers Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict.pdf
|
|
|
|
|
2021-02-10 - Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies.pdf
|
|
|
|
|
2021-02-10 - Profiling a Currently Active High-Profile Cybercriminals Portfolio of Ransomware-Themed Extortion Email Addresses - Part Two.pdf
|
|
|
|
|
2021-02-10 - Punk Kitty Ransom - Analysing HelloKitty Ransomware Attacks.pdf
|
|
|
|
|
2021-02-10 - Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed.pdf
|
|
|
|
|
2021-02-10 - Windows kernel zero-day exploit (CVE-2021-1732) is used by BITTER APT in targeted attack.pdf
|
|
|
|
|
2021-02-11 - A Baza Valentine’s Day.pdf
|
|
|
|
|
2021-02-11 - Agent Tesla hidden in a historical anti-malware tool.pdf
|
|
|
|
|
2021-02-11 - BlackTech Updates Elf-Plead Backdoor.pdf
|
|
|
|
|
2021-02-11 - Cosmic Lynx Returns in 2021 with Updated Tricks.pdf
|
|
|
|
|
2021-02-11 - Press #1 to Play- A Look Into eCrime Menu-style Toolkits.pdf
|
|
|
|
|
2021-02-11 - Press 1 to Play- A Look Into eCrime Menu-style Toolkits.pdf
|
|
|
|
|
2021-02-11 - Visibility, Monitoring, and Critical Infrastructure Security.pdf
|
|
|
|
|
2021-02-11 - Web shell attacks continue to rise.pdf
|
|
|
|
|
2021-02-12 - AgentTesla Dropped Through Automatic Click in Microsoft Help File.pdf
|
|
|
|
|
2021-02-12 - Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams.pdf
|
|
|
|
|
2021-02-12 - New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part I.pdf
|
|
|
|
|
2021-02-12 - New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part II.pdf
|
|
|
|
|
2021-02-12 - The Many Roads Leading To Agent Tesla.pdf
|
|
|
|
|
2021-02-14 - Arm'd & Dangerous malicious code, now native on apple silicon.pdf
|
|
|
|
|
2021-02-14 - Hildegard- TeamTNT’s New Feature-Rich Malware Targeting Kubernetes.pdf
|
|
|
|
|
2021-02-15 - France Ties Russia's Sandworm to a Multiyear Hacking Spree.pdf
|
|
|
|
|
2021-02-15 - More LodaRAT infrastructure targeting Bangladesh uncovered.pdf
|
|
|
|
|
2021-02-15 - Ngrok Platform Abused by Hackers to Deliver a New Wave of Phishing Attacks.pdf
|
|
|
|
|
2021-02-15 - Ransomware Profile- Egregor.pdf
|
|
|
|
|
2021-02-16 - A Conti ransomware attack day-by-day.pdf
|
|
|
|
|
2021-02-16 - ApoMacroSploit- Apocalyptical FUD race.pdf
|
|
|
|
|
2021-02-16 - Conti ransomware- Evasive by nature.pdf
|
|
|
|
|
2021-02-16 - Cybereason vs. NetWalker Ransomware.pdf
|
|
|
|
|
2021-02-16 - Dark Net Markets Going Out of Business- Where are Users Headed to Next-.pdf
|
|
|
|
|
2021-02-16 - Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day.pdf
|
|
|
|
|
2021-02-16 - Hard lessons learned- Threat intel takeaways from the community response to Solarigate.pdf
|
|
|
|
|
2021-02-16 - Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware.pdf
|
|
|
|
|
2021-02-16 - Malvertiser “ScamClub” Bypasses Iframe Sandboxing With postMessage() Shenanigans [CVE-2021–1801].pdf
|
|
|
|
|
2021-02-16 - Q4 2020 Threat Report- A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes.pdf
|
|
|
|
|
2021-02-16 - TAG Bulletin- Q1 2021.pdf
|
|
|
|
|
2021-02-16 - What to expect when you’ve been hit with Conti ransomware.pdf
|
|
|
|
|
2021-02-17 - [RE020] ElephantRAT (Kunming version)- our latest discovered RAT of Panda and the similarities with recently Smanager RAT.pdf
|
|
|
|
|
2021-02-17 - Alert (AA21-048A)- AppleJeus- Analysis of North Korea’s Cryptocurrency Malware.pdf
|
|
|
|
|
2021-02-17 - Detect and prevent the SolarWinds build-time code injection attack.pdf
|
|
|
|
|
2021-02-17 - Don’t Get Schooled- Understanding the Threats to the Academic Industry.pdf
|
|
|
|
|
2021-02-17 - Egregor operation takes huge hit after police raids.pdf
|
|
|
|
|
2021-02-17 - ELF Malware Analysis 101- Part 3 - Advanced Analysis.pdf
|
|
|
|
|
2021-02-17 - GuLoader Snowballs via MalSpam Campaigns.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048A)- AppleJeus- Celas Trade Pro.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048B)- AppleJeus- JMT Trading.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048C)- AppleJeus- Union Crypto.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048D)- AppleJeus- Kupay Wallet.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048E)- AppleJeus- CoinGoTrade.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048F)- AppleJeus- Dorusio.pdf
|
|
|
|
|
2021-02-17 - Malware Analysis Report (AR21-048G)- AppleJeus- Ants2Whale.pdf
|
|
|
|
|
2021-02-17 - Masslogger campaigns exfiltrates user credentials.pdf
|
|
|
|
|
2021-02-17 - Politie bestrijdt cybercrime via Nederlandse infrastructuur.pdf
|
|
|
|
|
2021-02-17 - SBU blocks activity of transnational hacking group.pdf
|
|
|
|
|
2021-02-17 - Targeting Process for the SolarWinds Backdoor.pdf
|
|
|
|
|
2021-02-17 - Threat Alert- TeamTNT Pwn Campaign Against Docker and K8s Environments.pdf
|
|
|
|
|
2021-02-17 - Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe.pdf
|
|
|
|
|
2021-02-17 - Understand Shellcode with CyberChef.pdf
|
|
|
|
|
2021-02-17 - Update on Investigaton on Solarwinds supply chain attack from the Deputy National Security Advisor.pdf
|
|
|
|
|
2021-02-17 - WatchDog- Exposing a Cryptojacking Campaign That’s Operated for Two Years.pdf
|
|
|
|
|
2021-02-18 - Clipping Silver Sparrow’s wings- Outing macOS malware before it takes flight.pdf
|
|
|
|
|
2021-02-18 - Further Updates in LODEINFO Malware.pdf
|
|
|
|
|
2021-02-18 - https---www.ptsecurity.com-ww-en-analytics-antisandbox-techniques-.pdf
|
|
|
|
|
2021-02-18 - Lazarus- Three North Koreans Charged for Financially Motivated Attacks.pdf
|
|
|
|
|
2021-02-18 - Microsoft Internal Solorigate Investigation – Final Update.pdf
|
|
|
|
|
2021-02-18 - nccTrojan used in targeted attack by TA428 group against defense and aviation organizations.pdf
|
|
|
|
|
2021-02-18 - One thousand and one ways to copy your shellcode to memory (VBA Macros).pdf
|
|
|
|
|
2021-02-19 - Alleged Hydra Market Operators Identified.pdf
|
|
|
|
|
2021-02-19 - Behind the Scenes of the SunBurst Attack.pdf
|
|
|
|
|
2021-02-19 - Cyber Attribution Is More Art Than Science. This Researcher Has a Plan to Change That.pdf
|
|
|
|
|
2021-02-19 - GitHub – Home to AsyncRAT Backdoor.pdf
|
|
|
|
|
2021-02-19 - How to Understand Iranian Information Operations.pdf
|
|
|
|
|
2021-02-19 - IronNetInjector- Turla’s New Malware Loading Tool.pdf
|
|
|
|
|
2021-02-20 - Finding Forensic Goodness In Obscure Windows Event Logs.pdf
|
|
|
|
|
2021-02-20 - Malpedia Website for Malware Family Team TNT.pdf
|
|
|
|
|
2021-02-22 - Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion.pdf
|
|
|
|
|
2021-02-22 - Economic Growth, Digital Inclusion, & Specialized Crime- Financial Cyber Fraud in LATAM.pdf
|
|
|
|
|
2021-02-22 - Gh0stRat Anti-Debugging- Nested SEH (try - catch) to Decrypt and Load its Payload.pdf
|
|
|
|
|
2021-02-22 - MassLogger v3- a .NET stealer with serious obfuscation.pdf
|
|
|
|
|
2021-02-22 - The NCCC at the NSDC of Ukraine warns of a new mechanism of attacks on Ukrainian infrastructure.pdf
|
|
|
|
|
2021-02-22 - The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day.pdf
|
|
|
|
|
2021-02-23 - A Cyber Threat Intelligence Self-Study Plan- Part 1.pdf
|
|
|
|
|
2021-02-23 - An Analysis of the Nefilim Ransomware.pdf
|
|
|
|
|
2021-02-23 - DNS Hijacking Attacks on Home Routers in Brazil.pdf
|
|
|
|
|
2021-02-23 - Gamaredon - When nation states don’t pay all the bills.pdf
|
|
|
|
|
2021-02-23 - New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”.pdf
|
|
|
|
|
2021-02-23 - Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures.pdf
|
|
|
|
|
2021-02-23 - Surge in ZLoader Attacks Observed.pdf
|
|
|
|
|
2021-02-24 - Alert (AA21-055A)- Exploitation of Accellion File Transfer Appliance.pdf
|
|
|
|
|
2021-02-24 - Malware Analysis Report (AR21-055A)- Accellion FTA.pdf
|
|
|
|
|
2021-02-24 - NASA and the FAA were also breached by the SolarWinds hackers.pdf
|
|
|
|
|
2021-02-24 - Overview of Ocean Lotus Samples used to target Vietnamese Human Rights Defenders.pdf
|
|
|
|
|
2021-02-25 - DarkWorld Ransomware.pdf
|
|
|
|
|
2021-02-25 - Emotet Disruption and Outreach to Affected Users.pdf
|
|
|
|
|
2021-02-25 - Lazarus targets defense industry with ThreatNeedle.pdf
|
|
|
|
|
2021-02-25 - Light in the Dark- Hunting for SUNBURST.pdf
|
|
|
|
|
2021-02-25 - Microsoft open sources CodeQL queries used to hunt for Solorigate activity.pdf
|
|
|
|
|
2021-02-25 - Preventing AgentTelsa Infiltration.pdf
|
|
|
|
|
2021-02-25 - So Unchill Melting UNC2198 ICEDID to Ransomware Operations.pdf
|
|
|
|
|
2021-02-25 - TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations.pdf
|
|
|
|
|
2021-02-25 - The Continuous Conundrum of Cloud Atlas.pdf
|
|
|
|
|
2021-02-26 - Hypervisor Jackpotting - CARBON SPIDER and SPRITE SPIDER Target ESXi Servers with Ransomware.pdf
|
|
|
|
|
2021-02-26 - Hypervisor Jackpotting- CARBON SPIDER and SPRITE SPIDER Target ESXi Servers With Ransomware to Maximize Impact.pdf
|
|
|
|
|
2021-02-26 - New Advanced Android Malware Posing as “System Update”.pdf
|
|
|
|
|
2021-02-27 - Nice to meet you too My name is Ryuk.pdf
|
|
|
|
|
2021-02-28 - China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions.pdf
|
|
|
|
|
2021-02-28 - Deobfuscating Emotet Macro Document and Powershell Command.pdf
|
|
|
|
|
2021-02-28 - Finding Evil Go Packages.pdf
|
|
|
|
|
2021-02-28 - Laravel Apps Leaking Secrets.pdf
|
|
|
|
|
2021-03 - Ransomware negotiations- An inside look at the process.pdf
|
|
|
|
|
2021-03-01 - First Fully Weaponized Spectre Exploit Discovered Online.pdf
|
|
|
|
|
2021-03-01 - Newly Identified Dependency Confusion Packages Target Amazon, Zillow, and Slack; Go Beyond Just Bug Bounties.pdf
|
|
|
|
|
2021-03-01 - Povlsomware Ransomware Features Cobalt Strike Compatibility.pdf
|
|
|
|
|
2021-03-01 - “Gootloader” expands its payload delivery options.pdf
|
|
|
|
|
2021-03-02 - An Exhaustively-Analyzed IDB for FlawedGrace.pdf
|
|
|
|
|
2021-03-02 - HAFNIUM targeting Exchange Servers with 0-day exploits.pdf
|
|
|
|
|
2021-03-02 - Malware in images.pdf
|
|
|
|
|
2021-03-02 - Microsoft-365-Defender-Hunting-Queries for hunting Gootkit malware delivery and C2.pdf
|
|
|
|
|
2021-03-02 - Multiple Security Updates Released for Exchange Server – updated March 8, 2021.pdf
|
|
|
|
|
2021-03-02 - New nation-state cyberattacks (HAFNIUM).pdf
|
|
|
|
|
2021-03-02 - ObliqueRAT returns with new campaign using hijacked websites.pdf
|
|
|
|
|
2021-03-02 - Operation Exchange Marauder- Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities.pdf
|
|
|
|
|
2021-03-02 - Ploutus is back, targeting Itautec ATMs in Latin America.pdf
|
|
|
|
|
2021-03-02 - Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day.pdf
|
|
|
|
|
2021-03-02 - The Egregor Ransomware.pdf
|
|
|
|
|
2021-03-02 - When Viruses Mutate- Did SunCrypt Ransomware Evolve from QNAPCrypt-.pdf
|
|
|
|
|
2021-03-03 - 'Mild' update on Microsoft Exchange 0day security vulnerability being used to attack organizations in Vietnam.pdf
|
|
|
|
|
2021-03-03 - Alert (AA21-062A)- Mitigate Microsoft Exchange Server Vulnerabilities.pdf
|
|
|
|
|
2021-03-03 - Centreon to Exim and Back- On the Trail of Sandworm.pdf
|
|
|
|
|
2021-03-03 - Detecting HAFNIUM Exchange Server Zero-Day Activity in Splunk.pdf
|
|
|
|
|
2021-03-03 - Fbot is now riding the traffic and transportation smart devices.pdf
|
|
|
|
|
2021-03-03 - HAFNIUM.pdf
|
|
|
|
|
2021-03-03 - Lazarus Group’s MATA Framework Leveraged to Deploy TFlower Ransomware.pdf
|
|
|
|
|
2021-03-03 - Mass exploitation of on-prem Exchange servers -(.pdf
|
|
|
|
|
2021-03-03 - Mitigate Microsoft Exchange On-Premises Product Vulnerabilities.pdf
|
|
|
|
|
2021-03-03 - New targeted RTM attacks.pdf
|
|
|
|
|
2021-03-03 - Please leave an exploit after the beep.pdf
|
|
|
|
|
2021-03-03 - Rapid Response- Mass Exploitation of On-Prem Exchange Servers.pdf
|
|
|
|
|
2021-03-04 - Breaking- Elite Cybercrime Forum “Maza” Breached by Unknown Attacker.pdf
|
|
|
|
|
2021-03-04 - Deception Engineering- exploring the use of Windows Service Canaries against ransomware.pdf
|
|
|
|
|
2021-03-04 - Detection and Response for HAFNIUM Activity.pdf
|
|
|
|
|
2021-03-04 - Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities.pdf
|
|
|
|
|
2021-03-04 - Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits.pdf
|
|
|
|
|
2021-03-04 - Gafgtyt_tor and Necro are on the move again.pdf
|
|
|
|
|
2021-03-04 - GoldMax, GoldFinder, and Sibot- Analyzing NOBELIUM’s layered persistence.pdf
|
|
|
|
|
2021-03-04 - IcedID Banking Trojan Uses COVID-19 Pandemic to Lure New Victims.pdf
|
|
|
|
|
2021-03-04 - Malpedia Page for family Sidewinder.pdf
|
|
|
|
|
2021-03-04 - New in Ransomware- AlumniLocker, Humble Feature Different Extortion Techniques.pdf
|
|
|
|
|
2021-03-04 - New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452.pdf
|
|
|
|
|
2021-03-04 - The Compact Campaign.pdf
|
|
|
|
|
2021-03-05 - A look at an Android bot from unpacking to DGA.pdf
|
|
|
|
|
2021-03-05 - Advancements in Invoicing - A highly sophisticated way to distribute ZLoader.pdf
|
|
|
|
|
2021-03-05 - Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims.pdf
|
|
|
|
|
2021-03-05 - Detect webshells dropped on Microsoft Exchange servers after 0day compromises.pdf
|
|
|
|
|
2021-03-05 - Earth Vetala – MuddyWater Continues to Target Organizations in the Middle East.pdf
|
|
|
|
|
2021-03-05 - Exchange Server IIS dropping web shells and other artifacts.pdf
|
|
|
|
|
2021-03-05 - Hafnium Exchange Vuln Detection - KQL.pdf
|
|
|
|
|
2021-03-05 - HAFNIUM- Advice about the new nation-state attack.pdf
|
|
|
|
|
2021-03-05 - New steganography attack targets Azerbaijan.pdf
|
|
|
|
|
2021-03-05 - QNAP NAS users, make sure you check your system.pdf
|
|
|
|
|
2021-03-05 - Sarbloh- The Ransomware With NO Demand.pdf
|
|
|
|
|
2021-03-05 - ZeroLogon to Ransomware.pdf
|
|
|
|
|
2021-03-06 - Microsoft Exchange Zero Days - Mitigations and Detections.pdf
|
|
|
|
|
2021-03-06 - oleObject1.bin – OLe10nATive – shellcode.pdf
|
|
|
|
|
2021-03-06 - Russian and Chinese hackers gained access to EMA.pdf
|
|
|
|
|
2021-03-06 - Scan for HAFNIUM Exploitation Evidence with THOR Lite.pdf
|
|
|
|
|
2021-03-06 - Security scripts.pdf
|
|
|
|
|
2021-03-07 - Australian Mining Companies and Cybercriminals Digging for the Gold.pdf
|
|
|
|
|
2021-03-07 - PCAPs and Beacons.pdf
|
|
|
|
|
2021-03-07 - Russian Disinformation Campaign Aims to Undermine Confidence in Pfizer, Other Covid-19 Vaccines, U.S. Officials Say.pdf
|
|
|
|
|
2021-03-08 - Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells.pdf
|
|
|
|
|
2021-03-08 - Attack Chain Overview- Emotet in December 2020 and January 2021.pdf
|
|
|
|
|
2021-03-08 - Bazar Drops the Anchor.pdf
|
|
|
|
|
2021-03-08 - FluBot Malware Gang Arrested in Barcelona.pdf
|
|
|
|
|
2021-03-08 - HelloKitty Ransomware Lacks Stealth, But Still Strikes Home.pdf
|
|
|
|
|
2021-03-08 - How Symantec Stops Microsoft Exchange Server Attacks.pdf
|
|
|
|
|
2021-03-08 - Investigating the Print Spooler EoP exploitation.pdf
|
|
|
|
|
2021-03-08 - Renewed SideWinder Activity in South Asia.pdf
|
|
|
|
|
2021-03-08 - Sunshuttle Malware.pdf
|
|
|
|
|
2021-03-08 - SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group.pdf
|
|
|
|
|
2021-03-09 - Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT.pdf
|
|
|
|
|
2021-03-09 - Cloud Federated Credential Abuse & Cobalt Strike- Threat Research February 2021.pdf
|
|
|
|
|
2021-03-09 - Hafnium Update- Continued Microsoft Exchange Server Exploitation.pdf
|
|
|
|
|
2021-03-09 - Hafnium – Active Exploitation of Microsoft Exchange and Lateral Movement.pdf
|
|
|
|
|
2021-03-09 - Kinsing- The Malware with Two Faces.pdf
|
|
|
|
|
2021-03-09 - Microsoft Exchange attacks cause panic as criminals go shell collecting.pdf
|
|
|
|
|
2021-03-09 - Microsoft Exchange server exploitation- how to detect, mitigate, and stay calm.pdf
|
|
|
|
|
2021-03-09 - Microsoft Exchange Server Vulnerabilities Mitigations – updated March 9, 2021.pdf
|
|
|
|
|
2021-03-09 - MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism.pdf
|
|
|
|
|
2021-03-09 - Remediation Steps for the Microsoft Exchange Server Vulnerabilities.pdf
|
|
|
|
|
2021-03-09 - Reproducing the Microsoft Exchange Proxylogon Exploit Chain.pdf
|
|
|
|
|
2021-03-09 - Threat Alert- z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities.pdf
|
|
|
|
|
2021-03-10 - Azure Sentinel and Sysmon 4 B!ue T3amer$.pdf
|
|
|
|
|
2021-03-10 - Examining Exchange Exploitation and its Lessons for Defenders.pdf
|
|
|
|
|
2021-03-10 - Exchange servers under siege from at least 10 APT groups.pdf
|
|
|
|
|
2021-03-10 - IoT Malware Journals- Prometei (Linux).pdf
|
|
|
|
|
2021-03-10 - Monitoring the Software Supply Chain with Azure Sentinel.pdf
|
|
|
|
|
2021-03-10 - New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor.pdf
|
|
|
|
|
2021-03-10 - NimzaLoader- TA800’s New Initial Access Malware.pdf
|
|
|
|
|
2021-03-10 - Norway parliament data stolen in Microsoft Exchange attack.pdf
|
|
|
|
|
2021-03-10 - Remediating Networks Affected by the SolarWinds and Active Directory-M365 Compromise.pdf
|
|
|
|
|
2021-03-10 - Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers.pdf
|
|
|
|
|
2021-03-10 - 日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について.pdf
|
|
|
|
|
2021-03-11 - 2020 Vulnerability Intelligence Report.pdf
|
|
|
|
|
2021-03-11 - AutoHotKey Leveraged by Metamorfo-Mekotio Banking Trojan.pdf
|
|
|
|
|
2021-03-11 - CL0P and REvil Escalate Their Ransomware Tactics.pdf
|
|
|
|
|
2021-03-11 - Detection and Investigation Using Devo- HAFNIUM 0-day Exploits on Microsoft Exchange Service.pdf
|
|
|
|
|
2021-03-11 - Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts.pdf
|
|
|
|
|
2021-03-11 - Exploits on Organizations Worldwide Tripled after Microsoft’s Revelation of Four Zero-days.pdf
|
|
|
|
|
2021-03-11 - Formbook Reversing - Part1 [Formbook .NET loader-injector analyzing, decrypting, unpacking, patching].pdf
|
|
|
|
|
2021-03-11 - Image File Trickery Part II- Fake Icon Delivers NanoCore.pdf
|
|
|
|
|
2021-03-11 - Microsoft Exchange Server Attack Timeline.pdf
|
|
|
|
|
2021-03-11 - Myanmar – Multi-stage malware attack targets elected lawmakers.pdf
|
|
|
|
|
2021-03-11 - Playing in the (Windows) Sandbox.pdf
|
|
|
|
|
2021-03-11 - Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits.pdf
|
|
|
|
|
2021-03-11 - Update - Detection and Response for HAFNIUM Activity.pdf
|
|
|
|
|
2021-03-11 - Whitelist Me, Maybe- “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection.pdf
|
|
|
|
|
2021-03-11 - You Don't Know the HAFNIUM of it....pdf
|
|
|
|
|
2021-03-12 - Detecting Microsoft Exchange Vulnerabilities - 0 8 Days Later….pdf
|
|
|
|
|
2021-03-12 - Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later….pdf
|
|
|
|
|
2021-03-12 - DotNET Loaders.pdf
|
|
|
|
|
2021-03-12 - Good old malware for the new Apple Silicon platform.pdf
|
|
|
|
|
2021-03-12 - IcedID GZIPLOADER Analysis.pdf
|
|
|
|
|
2021-03-12 - Spear-Phishing Campaign Distributes Nim-Based Malware.pdf
|
|
|
|
|
2021-03-14 - How China’s Devastating Microsoft Hack Puts Us All at Risk.pdf
|
|
|
|
|
2021-03-15 - Conficker - One of the Most Prevalent & Complex Windows Worms.pdf
|
|
|
|
|
2021-03-15 - DearCry ransomware attacks exploit Exchange server vulnerabilities.pdf
|
|
|
|
|
2021-03-15 - FIN8- BADHATCH Threat Indicator Enrichmen.pdf
|
|
|
|
|
2021-03-15 - HAFNIUM, China Chopper and ASP.NET Runtime.pdf
|
|
|
|
|
2021-03-15 - Incorporating the Cyberspace Domain- How Russia and China Exploit Asymmetric Advantages in Great Power Competition.pdf
|
|
|
|
|
2021-03-15 - JavaScript sniffers' new tricks- Analysis of the E1RB JS sniffer family.pdf
|
|
|
|
|
2021-03-15 - New Mirai Variant Targeting New IoT Vulnerabilities, Including in Network Security Devices.pdf
|
|
|
|
|
2021-03-15 - One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021.pdf
|
|
|
|
|
2021-03-15 - Taurus Stealer's Evolution.pdf
|
|
|
|
|
2021-03-15 - The Iran-Russia Cyber Agreement and U.S. Strategy in the Middle East.pdf
|
|
|
|
|
2021-03-16 - Detecting Cobalt Strike with memory signatures.pdf
|
|
|
|
|
2021-03-16 - France’s lead cybercrime investigator on the Egregor arrests, cybercrime.pdf
|
|
|
|
|
2021-03-16 - Incident Report.pdf
|
|
|
|
|
2021-03-16 - The Brief Glory of Cabassous-FluBot — a private Android banking botnet.pdf
|
|
|
|
|
2021-03-16 - Threatening within Budget- How WSH-RAT is abused by Cyber-Crooks.pdf
|
|
|
|
|
2021-03-16 - Tracking HCrypt- An Active Crypter as a Service.pdf
|
|
|
|
|
2021-03-16 - ‘I scrounged through the trash heaps… now I’m a millionaire-’ An interview with REvil’s Unknown.pdf
|
|
|
|
|
2021-03-17 - Alert (AA21-076A)- TrickBot Malware.pdf
|
|
|
|
|
2021-03-17 - Automatic Gobfuscator Deobfuscation with EKANS Ransomware.pdf
|
|
|
|
|
2021-03-17 - China-linked TA428 Continues to Target Russia and Mongolia IT Companies.pdf
|
|
|
|
|
2021-03-17 - China’s Five-Year Plan- A Pursuit for GDP Growth & Technological Self-Sufficiency.pdf
|
|
|
|
|
2021-03-17 - Hidden menace- Peeling back the secrets of OnionCrypter.pdf
|
|
|
|
|
2021-03-17 - INDRIK SPIDER Supersedes WastedLocker with Hades Ransomware to Circumvent OFAC Sanctions.pdf
|
|
|
|
|
2021-03-17 - Missed opportunity- Bug in LockBit ransomware allowed free decryptions.pdf
|
|
|
|
|
2021-03-17 - Satori- Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE Vulnerability.pdf
|
|
|
|
|
2021-03-18 - [RE021] Qakbot analysis – Dangerous malware has been around for more than a decade.pdf
|
|
|
|
|
2021-03-18 - Alert (AA21-077A)- Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool.pdf
|
|
|
|
|
2021-03-18 - Beware Android trojan posing as Clubhouse app.pdf
|
|
|
|
|
2021-03-18 - Buer Loader Found in an Unusual Email Attachment.pdf
|
|
|
|
|
2021-03-18 - CISA Hunt and Incident Response Program (CHIRP).pdf
|
|
|
|
|
2021-03-18 - Cobalt Strike – Post-Exploitation Attackers Toolkit.pdf
|
|
|
|
|
2021-03-18 - Communiqué de presse- 400 systèmes informatique belges infiltrés dans le cadre d'une vulnérabilité des serveurs Microsoft Exchange.pdf
|
|
|
|
|
2021-03-18 - Convuster- macOS adware now in Rust.pdf
|
|
|
|
|
2021-03-18 - Cybereason Exposes Campaign Targeting US Taxpayers with NetWire and Remcos Malware.pdf
|
|
|
|
|
2021-03-18 - DGA and decoder scripts for n3cr0morph IRC malware.pdf
|
|
|
|
|
2021-03-18 - Eduskunnan tietojärjestelmiin kohdistuneen tietomurron tutkinnassa selvitetään yhteyttä APT31-toimijaan.pdf
|
|
|
|
|
2021-03-18 - Github repository for STOWAWAY.pdf
|
|
|
|
|
2021-03-18 - HelloKitty- When Cyberpunk met cy-purr-crime.pdf
|
|
|
|
|
2021-03-18 - Hunting for Lateral Movement using Event Query Language.pdf
|
|
|
|
|
2021-03-18 - Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux.pdf
|
|
|
|
|
2021-03-18 - Necro upgrades again, using Tor and dynamic domain DGA and aiming at both Windows & Linux.pdf
|
|
|
|
|
2021-03-18 - New macOS malware XcodeSpy Targets Xcode Developers with EggShell Backdoor.pdf
|
|
|
|
|
2021-03-18 - Now You See It, Now You Don’t- CopperStealer Performs Widespread Theft.pdf
|
|
|
|
|
2021-03-18 - Return of the Darkside- Analysis of a Large-Scale Data Theft Campaign.pdf
|
|
|
|
|
2021-03-18 - Server Side Data Exfiltration via Telegram API.pdf
|
|
|
|
|
2021-03-18 - Supo identified the cyber espionage operation against the parliament as APT31.pdf
|
|
|
|
|
2021-03-18 - The “Kek Security” Network.pdf
|
|
|
|
|
2021-03-19 - REvil ransomware has a new ‘Windows Safe Mode’ encryption mode.pdf
|
|
|
|
|
2021-03-19 - TA551.pdf
|
|
|
|
|
2021-03-21 - In the eye of our CyberSOC- Campo Loader, analysis and detection perspectives.pdf
|
|
|
|
|
2021-03-22 - Lazarus Attack Activities Targeting Japan (VSingle-ValeforBeta).pdf
|
|
|
|
|
2021-03-22 - MalSpam Campaigns Download njRAT from Paste Sites.pdf
|
|
|
|
|
2021-03-22 - New Spear Phishing Campaign using Army Welfare Education Society’s Scholarship form.pdf
|
|
|
|
|
2021-03-22 - 대북관련 본문 내용의 External 링크를 이용한 악성 워드 문서.pdf
|
|
|
|
|
2021-03-23 - Black Kingdom ransomware begins appearing on Exchange servers.pdf
|
|
|
|
|
2021-03-23 - Low-volume multi-stage attack leveraging AzureEdge and Shopify CDNs.pdf
|
|
|
|
|
2021-03-23 - ModPipe Malware has a new module that siphons Credit Card Data.pdf
|
|
|
|
|
2021-03-23 - RemRAT- Android spyware that has been lurking in the Middle East for many years.pdf
|
|
|
|
|
2021-03-23 - Zloader- Entailing Different Office Files.pdf
|
|
|
|
|
2021-03-24 - A .NET rat targets Mongolia.pdf
|
|
|
|
|
2021-03-24 - Anti-Analysis Techniques Used in Excel 4.0 Macros.pdf
|
|
|
|
|
2021-03-24 - APT Encounters of the Third Kind.pdf
|
|
|
|
|
2021-03-24 - Black Kingdom ransomware begins appearing on Exchange servers.pdf
|
|
|
|
|
2021-03-24 - Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech.pdf
|
|
|
|
|
2021-03-24 - Golang Bot Starts Targeting WordPress Websites.pdf
|
|
|
|
|
2021-03-24 - OAuth Abuse- Think SolarWinds-Solorigate Campaign with Focus on Cloud Applications.pdf
|
|
|
|
|
2021-03-24 - Purple Fox Rootkit Now Propagates as a Worm.pdf
|
|
|
|
|
2021-03-24 - Quarterly Report- Incident Response trends from Winter 2020-21.pdf
|
|
|
|
|
2021-03-24 - Software renewal scammers unmasked.pdf
|
|
|
|
|
2021-03-24 - Taking Action Against Hackers in China.pdf
|
|
|
|
|
2021-03-25 - Analyzing attacks taking advantage of the Exchange Server vulnerabilities.pdf
|
|
|
|
|
2021-03-25 - CVE-2021-26855- Microsoft Exchange Server-Side Request Forgery.pdf
|
|
|
|
|
2021-03-25 - Evil Corp switches to Hades ransomware to evade sanctions.pdf
|
|
|
|
|
2021-03-25 - Insurance giant CNA hit by new Phoenix CryptoLocker ransomware.pdf
|
|
|
|
|
2021-03-25 - Perkiler malware turns to SMB brute force to spread.pdf
|
|
|
|
|
2021-03-25 - Web Shell Threat Hunting with Azure Sentinel.pdf
|
|
|
|
|
2021-03-26 - 20 Million Miners- Finding Malicious Cryptojacking Images in Docker Hub.pdf
|
|
|
|
|
2021-03-26 - Alleged Members of Egregor Ransomware Cartel Arrested.pdf
|
|
|
|
|
2021-03-26 - China’s “Winnti” Spyder Module.pdf
|
|
|
|
|
2021-03-26 - Google Shuts Down Western Active Counter-Terrorism Operation.pdf
|
|
|
|
|
2021-03-26 - Google’s top security teams unilaterally shut down a counterterrorism operation.pdf
|
|
|
|
|
2021-03-26 - Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures.pdf
|
|
|
|
|
2021-03-26 - It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims.pdf
|
|
|
|
|
2021-03-26 - Ransomware gang urges victims’ customers to demand a ransom payment.pdf
|
|
|
|
|
2021-03-26 - Russian group -Ghostwriters- apparently attacked parliamentarians.pdf
|
|
|
|
|
2021-03-26 - Securing our approach to domain fronting within Azure.pdf
|
|
|
|
|
2021-03-26 - Threat Assessment Matrix Ransomware.pdf
|
|
|
|
|
2021-03-27 - Malware Analysis with elastic-agent and Microsoft Sandbox.pdf
|
|
|
|
|
2021-03-27 - Terraloader- Congrats, you have a new fake job!.pdf
|
|
|
|
|
2021-03-28 - No, I Did Not Hack Your MS Exchange Server.pdf
|
|
|
|
|
2021-03-28 - SunCrypt, PowerShell obfuscation, shellcode and more yara.pdf
|
|
|
|
|
2021-03-29 - Android-Flubot- preparing for a new campaign-.pdf
|
|
|
|
|
2021-03-29 - AP sources- SolarWinds hack got emails of top DHS officials.pdf
|
|
|
|
|
2021-03-29 - Jumping into Shellcode.pdf
|
|
|
|
|
2021-03-29 - Malspam Campaign Delivers Burkina Trojan.pdf
|
|
|
|
|
2021-03-29 - New ICS Threat Activity Group- STIBNITE.pdf
|
|
|
|
|
2021-03-29 - RedEcho group parks domains after public exposure.pdf
|
|
|
|
|
2021-03-29 - Sodinokibi (aka REvil) Ransomware.pdf
|
|
|
|
|
2021-03-29 - The Unseen One- Hades Ransomware Gang or Hafnium.pdf
|
|
|
|
|
2021-03-29 - Zloader email campaign using MHTML to download and decrypt XLS.pdf
|
|
|
|
|
2021-03-30 - Ares Malware- The Grandson of the Kronos Banking Trojan.pdf
|
|
|
|
|
2021-03-30 - BadBlood- TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns.pdf
|
|
|
|
|
2021-03-30 - Campo Loader - Simple but effective.pdf
|
|
|
|
|
2021-03-31 - Attack of the -chaos troops- (Ghostwriter).pdf
|
|
|
|
|
2021-03-31 - Back in a Bit- Attacker Use of the Windows Background Intelligent Transfer Service.pdf
|
|
|
|
|
2021-03-31 - Bahamut Possibly Responsible for Multi-Stage Infection Chain Campaign.pdf
|
|
|
|
|
2021-03-31 - Dissecting a RAT. Analysis of the AndroRAT.pdf
|
|
|
|
|
2021-03-31 - Financial Cyberthreats in 2020.pdf
|
|
|
|
|
2021-03-31 - IcedID Command and Control Infrastructure.pdf
|
|
|
|
|
2021-03-31 - Quick Analysis of a Modular InfoStealer.pdf
|
|
|
|
|
2021-03-31 - Sophos MTR in Real Time- What is Astro Locker Team-.pdf
|
|
|
|
|
2021-03-31 - Update on campaign targeting security researchers.pdf
|
|
|
|
|
2021-04-01 - Automating threat actor tracking- Understanding attacker behavior for intelligence and contextual alerting.pdf
|
|
|
|
|
2021-04-01 - Avaddon RaaS - Breaks Public Decryptor, Continues On Rampage.pdf
|
|
|
|
|
2021-04-01 - Code Reuse Across Packers and DLL Loaders.pdf
|
|
|
|
|
2021-04-01 - COVID-19 Phishing With a Side of Cobalt Strike.pdf
|
|
|
|
|
2021-04-01 - Cybereason vs. DarkSide Ransomware.pdf
|
|
|
|
|
2021-04-01 - Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool.pdf
|
|
|
|
|
2021-04-01 - Wireshark Tutorial- Decrypting RDP Traffic.pdf
|
|
|
|
|
2021-04-02 - A “txt file” can steal all your secrets.pdf
|
|
|
|
|
2021-04-02 - Browser lockers- extortion disguised as a fine.pdf
|
|
|
|
|
2021-04-02 - The cesspool of the internet is to be found in a village in North Holland.pdf
|
|
|
|
|
2021-04-02 - The “Fair” Upgrade Variant of Phobos Ransomware.pdf
|
|
|
|
|
2021-04-03 - Hubnr Botnet.pdf
|
|
|
|
|
2021-04-04 - Technical report of AgentTesla.pdf
|
|
|
|
|
2021-04-05 - 2020 Phishing Trends With PDF Files.pdf
|
|
|
|
|
2021-04-05 - CruLoader Analysis.pdf
|
|
|
|
|
2021-04-05 - From PowerShell to Payload- An Analysis of Weaponized Malware.pdf
|
|
|
|
|
2021-04-05 - Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with Malware, Warns eSentire.pdf
|
|
|
|
|
2021-04-05 - Kremlin RATs from Nigeria.pdf
|
|
|
|
|
2021-04-05 - The leap of a Cycldek-related threat actor.pdf
|
|
|
|
|
2021-04-05 - Thwarting Loaders- From SocGholish to BLISTER’s LockBit Payload.pdf
|
|
|
|
|
2021-04-05 - TrickBot Crews New CobaltStrike Loader.pdf
|
|
|
|
|
2021-04-06 - A deep dive into Saint Bot, a new downloader.pdf
|
|
|
|
|
2021-04-06 - Aurora campaign- Attacking Azerbaijan using multiple RATs.pdf
|
|
|
|
|
2021-04-06 - Dridex Loader Analysis.pdf
|
|
|
|
|
2021-04-06 - EtterSilent the undergrounds new favorite maldoc builder.pdf
|
|
|
|
|
2021-04-06 - Github Repository- RATel.pdf
|
|
|
|
|
2021-04-06 - Janeleiro, the time traveler- A new old banking trojan in Brazil.pdf
|
|
|
|
|
2021-04-06 - Malicious Cyber Activity Targeting Critical SAP Applications.pdf
|
|
|
|
|
2021-04-06 - Malspam with Lokibot vs. Outlook and RFCs.pdf
|
|
|
|
|
2021-04-06 - Rocke Group Actively Targeting the Cloud- Wants Your SSH Keys.pdf
|
|
|
|
|
2021-04-06 - Threat Group Uses Voice Changing Software in Espionage Attempt.pdf
|
|
|
|
|
2021-04-07 - IcedID - A New Threat In Office Attachments.pdf
|
|
|
|
|
2021-04-07 - IcedID campaign spotted being spiced with Excel 4 Macros.pdf
|
|
|
|
|
2021-04-07 - New Wormable Android Malware Spreads by Creating Auto-Replies to Messages in WhatsApp.pdf
|
|
|
|
|
2021-04-07 - Ransom Mafia - Analysis of the World's First Ransomware Cartel.pdf
|
|
|
|
|
2021-04-07 - Sowing Discord- Reaping the benefits of collaboration app abuse.pdf
|
|
|
|
|
2021-04-07 - Threat Intelligence- Analysis of the SBIDIOT IoT Malware.pdf
|
|
|
|
|
2021-04-07 - Wireshark Tutorial- Examining Traffic from Hancitor Infections.pdf
|
|
|
|
|
2021-04-07 - Yanbian Gang Malware Continues with Wide-Scale Distribution and C2.pdf
|
|
|
|
|
2021-04-08 - (Are you) afreight of the dark- Watch out for Vyveva, new Lazarus backdoor.pdf
|
|
|
|
|
2021-04-08 - Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations.pdf
|
|
|
|
|
2021-04-08 - Breaking the Ice- Detecting IcedID and Cobalt Strike Beacon with Network Detection and Response (NDR).pdf
|
|
|
|
|
2021-04-08 - Iran’s APT34 Returns with an Updated Arsenal.pdf
|
|
|
|
|
2021-04-08 - Sysrv Botnet Expands and Gains Persistence.pdf
|
|
|
|
|
2021-04-09 - Detecting Exposed Cobalt Strike DNS Redirectors.pdf
|
|
|
|
|
2021-04-09 - Dissemination of Korean document (HWP) titled inquiries related to North Korea.pdf
|
|
|
|
|
2021-04-09 - Emotet Command and Control Case Study.pdf
|
|
|
|
|
2021-04-09 - IcedID Analysis.pdf
|
|
|
|
|
2021-04-09 - Investigating a unique “form” of email delivery for IcedID malware.pdf
|
|
|
|
|
2021-04-09 - Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware.pdf
|
|
|
|
|
2021-04-09 - Malicious code in APKPure app.pdf
|
|
|
|
|
2021-04-11 - IcedID on my neck Im the coolest.pdf
|
|
|
|
|
2021-04-12 - A chat with DarkSide.pdf
|
|
|
|
|
2021-04-12 - A Different Kind of Zoombomb.pdf
|
|
|
|
|
2021-04-12 - A Spike in BazarCall and IcedID Activity Detected in March.pdf
|
|
|
|
|
2021-04-12 - Analysis Report (AR21-102B)- DearCry Ransomware.pdf
|
|
|
|
|
2021-04-12 - APT SideWinder's latest attack on a certain region in South Asia.pdf
|
|
|
|
|
2021-04-12 - Deep Analysis- New FormBook Variant Delivered in Phishing Campaign – Part I.pdf
|
|
|
|
|
2021-04-12 - Deep water- exploring phishing kits.pdf
|
|
|
|
|
2021-04-12 - Nitro Ransomware - Proof of Concept.pdf
|
|
|
|
|
2021-04-12 - PaaS, or how hackers evade antivirus software.pdf
|
|
|
|
|
2021-04-12 - Unpacking RAGNARLOCKER via emulation.pdf
|
|
|
|
|
2021-04-13 - Alert Number I-041321-PSA- Rise In Use of Cryptocurrency In Business Email Compromise Schemes.pdf
|
|
|
|
|
2021-04-13 - Compromised Exchange server hosting cryptojacker targeting other Exchange servers.pdf
|
|
|
|
|
2021-04-13 - Detecting Clop Ransomware.pdf
|
|
|
|
|
2021-04-13 - From Cracks to Empty Wallets – How Popular Cracks Lead to Digital Currency and Data Theft.pdf
|
|
|
|
|
2021-04-13 - Hackers Flood the Web with 100,000 Malicious Pages, Promising Professionals Free Business Forms, But Delivering Malware, Reports eSentire.pdf
|
|
|
|
|
2021-04-13 - Justice Department announces court-authorized effort to disrupt exploitation of Microsoft Exchange Server vulnerabilities.pdf
|
|
|
|
|
2021-04-13 - Keeping an eye on CloudEyE (GuLoader) - Reverse engineering the loader.pdf
|
|
|
|
|
2021-04-13 - Malicious infrastructure as a service.pdf
|
|
|
|
|
2021-04-13 - Moobot updates its infrastructure and targets vulnerable Tenda routers.pdf
|
|
|
|
|
2021-04-13 - Sweden drops Russian hacking investigation due to legal complications.pdf
|
|
|
|
|
2021-04-13 - Threat Assessment- Clop Ransomware.pdf
|
|
|
|
|
2021-04-13 - Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild.pdf
|
|
|
|
|
2021-04-14 - A look at HydroJiin campaign.pdf
|
|
|
|
|
2021-04-14 - An Update- The COVID-19 Vaccine’s Global Cold Chain Continues to Be a Target.pdf
|
|
|
|
|
2021-04-14 - April 2021 Forensic Quiz- Answers and Analysis.pdf
|
|
|
|
|
2021-04-14 - From PoC to Exploit Kit- Purple Fox now exploits CVE-2021-26411.pdf
|
|
|
|
|
2021-04-14 - Lazarus BTC Changer Back in action with JS sniffers redesigned to steal crypto.pdf
|
|
|
|
|
2021-04-14 - Meet The Ransomware Gang Behind One of the Biggest Supply Chain Hacks Ever.pdf
|
|
|
|
|
2021-04-15 - A Letter on Blocking Property with Respect to Specified Harmful Foreign Activities of the Government of the Russian Federation.pdf
|
|
|
|
|
2021-04-15 - Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials.pdf
|
|
|
|
|
2021-04-15 - BazarLoader deploys a pair of novel spam vectors.pdf
|
|
|
|
|
2021-04-15 - Declaration by the High Representative on behalf of the European Union expressing solidarity with the United States on the impact of the SolarWinds cyber operation.pdf
|
|
|
|
|
2021-04-15 - Executive Order on Blocking Property with Respect to Specified Harmful Foreign Activities of the Government of the Russian Federation.pdf
|
|
|
|
|
2021-04-15 - Exploit Kit still sharpens a sword.pdf
|
|
|
|
|
2021-04-15 - FACT SHEET- Imposing Costs for Harmful Foreign Activities by the Russian Government.pdf
|
|
|
|
|
2021-04-15 - HackBoss- A cryptocurrency-stealing malware distributed through Telegram.pdf
|
|
|
|
|
2021-04-15 - Holding Russia To Account.pdf
|
|
|
|
|
2021-04-15 - Issuance of Executive Order Blocking Property With Respect To Specified Harmful Foreign Activities Of The Government Of The Russian Federation and related Frequently Asked Questions; Russia-related Designations.pdf
|
|
|
|
|
2021-04-15 - Malware Analysis Report (AR21-105A)- SUNSHUTTLE.pdf
|
|
|
|
|
2021-04-15 - Mirai code re-use in Gafgyt.pdf
|
|
|
|
|
2021-04-15 - North Atlantic Council Statement following the announcement by the United States of actions with regard to Russia.pdf
|
|
|
|
|
2021-04-15 - Russia- UK and US expose global campaign of malign activity by Russian intelligence services.pdf
|
|
|
|
|
2021-04-15 - Russia- UK exposes Russian involvement in SolarWinds cyber compromise.pdf
|
|
|
|
|
2021-04-15 - Statement on Solar Winds Orion cyberattacks.pdf
|
|
|
|
|
2021-04-15 - Statement on SolarWinds Cyber Compromise.pdf
|
|
|
|
|
2021-04-15 - The $1 billion Russian cyber company that the US says hacks for Moscow.pdf
|
|
|
|
|
2021-04-15 - The rise of QakBot.pdf
|
|
|
|
|
2021-04-15 - Threat Actors Pair Tax-Themed Lures With COVID-19, Healthcare Themes.pdf
|
|
|
|
|
2021-04-15 - Treasury Escalates Sanctions Against the Russian Government’s Attempts to Influence U.S. Elections.pdf
|
|
|
|
|
2021-04-15 - Treasury Sanctions Russia with Sweeping New Sanctions Authority.pdf
|
|
|
|
|
2021-04-15 - Treasury Sanctions Russian Persons in the Crimea Region of Ukraine.pdf
|
|
|
|
|
2021-04-15 - U.S. Puts Fresh Sanctions on Russia Over Hacking, Election Interference.pdf
|
|
|
|
|
2021-04-16 - A 'Worst Nightmare' Cyberattack- The Untold Story Of The SolarWinds Hack.pdf
|
|
|
|
|
2021-04-16 - A Worst Nightmare Cyberattack - The Untold Story Of The SolarWinds Hack.pdf
|
|
|
|
|
2021-04-16 - Combating Sleeper Threats With MTTD.pdf
|
|
|
|
|
2021-04-16 - Could the Microsoft Exchange breach be stopped-.pdf
|
|
|
|
|
2021-04-16 - FIN7 'technical guru' sentenced to 10 years in prison.pdf
|
|
|
|
|
2021-04-16 - High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards.pdf
|
|
|
|
|
2021-04-16 - How the Kremlin provides a safe harbor for ransomware.pdf
|
|
|
|
|
2021-04-16 - Ransomware micro-criminals are still out here (and growing).pdf
|
|
|
|
|
2021-04-16 - Russia’s Cyber Operations Groups.pdf
|
|
|
|
|
2021-04-16 - Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program — MAPP.pdf
|
|
|
|
|
2021-04-16 - Sanctioned Russian IT firm was partner with Microsoft, IBM.pdf
|
|
|
|
|
2021-04-16 - Transparent Tribe APT Infrastructure Mapping Part 1- A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021.pdf
|
|
|
|
|
2021-04-16 - Unearthing Hancitor Infrastructure.pdf
|
|
|
|
|
2021-04-16 - XCSSET Quickly Adapts to macOS 11 and M1-based Macs.pdf
|
|
|
|
|
2021-04-17 - Adversary Dossier- Ryuk Ransomware Anatomy of an Attack in 2021.pdf
|
|
|
|
|
2021-04-17 - SVR snaps back at Biden.pdf
|
|
|
|
|
2021-04-18 - 1. Hacking Hollywood.pdf
|
|
|
|
|
2021-04-18 - Discord Nitro gift codes now demanded as ransomware payments.pdf
|
|
|
|
|
2021-04-18 - Recover your files with StrongPity.pdf
|
|
|
|
|
2021-04-18 - US Cyber Operations Groups.pdf
|
|
|
|
|
2021-04-19 - A Deep Dive into Zebrocy’s Dropper Docs.pdf
|
|
|
|
|
2021-04-19 - Analysing a malware PCAP with IcedID and Cobalt Strike traffic.pdf
|
|
|
|
|
2021-04-19 - Great Power Cyber Party.pdf
|
|
|
|
|
2021-04-19 - How Chinas cybercrime underground is making money off big data.pdf
|
|
|
|
|
2021-04-19 - How to analyze mobile malware- a Cabassous-FluBot Case study.pdf
|
|
|
|
|
2021-04-19 - Hunting phishing websites with favicon hashes.pdf
|
|
|
|
|
2021-04-19 - Inside the CIA and NSA disagreement over Russian bounties story.pdf
|
|
|
|
|
2021-04-19 - Lazarus APT conceals malicious code within BMP image to drop its RAT.pdf
|
|
|
|
|
2021-04-19 - PRIMITIVE BEAR (Gamaredon) Targets Ukraine with Timely Themes.pdf
|
|
|
|
|
2021-04-19 - The Incredible Rise of North Korea’s Hacking Army.pdf
|
|
|
|
|
2021-04-19 - ZLoader Returns Through Spelevo Exploit Kit & Phishing Campaign.pdf
|
|
|
|
|
2021-04-20 - Alert (AA21-110A)- Exploitation of Pulse Connect Secure Vulnerabilities.pdf
|
|
|
|
|
2021-04-20 - Carbanak and FIN7 Attack Techniques.pdf
|
|
|
|
|
2021-04-20 - Check Your Pulse- Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day.pdf
|
|
|
|
|
2021-04-20 - Chinese Cyber Operations Groups.pdf
|
|
|
|
|
2021-04-20 - CobaltStrike Stager Utilizing Floating Point Math.pdf
|
|
|
|
|
2021-04-20 - Fake Microsoft Store, Spotify sites spread info-stealing malware.pdf
|
|
|
|
|
2021-04-20 - FireEye Mandiant PulseSecure Exploitation Countermeasures.pdf
|
|
|
|
|
2021-04-20 - HabitsRAT Used to Target Linux and Windows Servers.pdf
|
|
|
|
|
2021-04-20 - How attackers abuse Access Token Manipulation (ATT&CK T1134).pdf
|
|
|
|
|
2021-04-20 - REvil gang tries to extort Apple, threatens to sell stolen blueprints.pdf
|
|
|
|
|
2021-04-20 - Transparent Tribe uses the new crown vaccine hotspot to analyze the targeted attacks on the Indian medical industry.pdf
|
|
|
|
|
2021-04-20 - Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise.pdf
|
|
|
|
|
2021-04-21 - A year of Fajan evolution and Bloomberg themed campaigns.pdf
|
|
|
|
|
2021-04-21 - Codecov hackers breached hundreds of restricted customer sites - sources.pdf
|
|
|
|
|
2021-04-21 - Donot Team APT Group Is Back To Using Old Malicious Patterns.pdf
|
|
|
|
|
2021-04-21 - Logins for 1.3 million Windows RDP servers collected from hacker market.pdf
|
|
|
|
|
2021-04-21 - Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices.pdf
|
|
|
|
|
2021-04-21 - Monitoring Pulse Connect Secure With Splunk (CISA Emergency Directive 21-03).pdf
|
|
|
|
|
2021-04-21 - Nearly half of malware now use TLS to conceal communications.pdf
|
|
|
|
|
2021-04-21 - Taking Action Against Hackers in Palestine.pdf
|
|
|
|
|
2021-04-21 - ZLoader Dominates Email Payloads in Q1.pdf
|
|
|
|
|
2021-04-22 - A gentle introduction to building a threat intelligence team.pdf
|
|
|
|
|
2021-04-22 - An Undersea Royal Road- Exploring Malicious Documents and Associated Malware.pdf
|
|
|
|
|
2021-04-22 - AR21-112A- CISA Identifies SUPERNOVA Malware During Incident Response.pdf
|
|
|
|
|
2021-04-22 - Binary Data Hiding in VB6 Executables.pdf
|
|
|
|
|
2021-04-22 - Deep Analysis- FormBook New Variant Delivered in Phishing Campaign – Part II.pdf
|
|
|
|
|
2021-04-22 - Der Mann in Merkels Rechner - Jagd auf Putins Hacker.pdf
|
|
|
|
|
2021-04-22 - EMOTET- a State-Machine reversing exercise.pdf
|
|
|
|
|
2021-04-22 - Nightmare week for security vendors- Now a Trend Micro bug is being exploited in the wild.pdf
|
|
|
|
|
2021-04-22 - Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities.pdf
|
|
|
|
|
2021-04-22 - Ransomware gang wants to short the stock price of their victims.pdf
|
|
|
|
|
2021-04-22 - SUPERNOVA Redux, with a Generous Portion of Masquerading.pdf
|
|
|
|
|
2021-04-22 - Sysrv-Hello Expands Infrastructure.pdf
|
|
|
|
|
2021-04-22 - Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools.pdf
|
|
|
|
|
2021-04-22 - Turning Telegram toxic- ‘ToxicEye’ RAT is the latest to use Telegram for command & control.pdf
|
|
|
|
|
2021-04-23 - Analysis of the CardingMafia March 2021 data breach.pdf
|
|
|
|
|
2021-04-23 - APT35 ‘Charming Kitten' discovered in a pre-infected environment.pdf
|
|
|
|
|
2021-04-23 - Axis of REvil- What we know about the hacker collective taunting Apple.pdf
|
|
|
|
|
2021-04-23 - Russia's Disinformation Ecosystem - A Snapshot.pdf
|
|
|
|
|
2021-04-23 - Supply chain attack on the password manager Clickstudios - PASSWORDSTATE.pdf
|
|
|
|
|
2021-04-24 - A ransomware gang made $260,000 in 5 days using the 7zip utility.pdf
|
|
|
|
|
2021-04-24 - Anatomy of a simple and popular packer.pdf
|
|
|
|
|
2021-04-24 - HashiCorp is the latest victim of Codecov supply-chain attack.pdf
|
|
|
|
|
2021-04-24 - Initial analysis of PasswordState supply chain attack backdoor code.pdf
|
|
|
|
|
2021-04-24 - North Korea (DPRK) Cyber Operations Groups.pdf
|
|
|
|
|
2021-04-25 - 2. Disaster movie.pdf
|
|
|
|
|
2021-04-25 - Hacking campaign targets FileZen file-sharing network appliances.pdf
|
|
|
|
|
2021-04-25 - Ransomware and Data Leak Site Publication Time Analysis.pdf
|
|
|
|
|
2021-04-25 - Supply Chain Attacks via GitHub.com Releases.pdf
|
|
|
|
|
2021-04-25 - VPN Hacks Are a Slow-Motion Disaster.pdf
|
|
|
|
|
2021-04-26 - All Your Macs Are Belong To Us- bypassing macOS's file quarantine, gatekeeper, and notarization requirements.pdf
|
|
|
|
|
2021-04-26 - Anatomy of Cobalt Strike’s DLL Stager.pdf
|
|
|
|
|
2021-04-26 - Despite arrests in Spain, FluBot operations explode across Europe and Japan.pdf
|
|
|
|
|
2021-04-26 - Linux Servers Hijacked to Implant SSH Backdoor.pdf
|
|
|
|
|
2021-04-26 - New ICS Threat Activity Group- TALONITE.pdf
|
|
|
|
|
2021-04-26 - Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound.pdf
|
|
|
|
|
2021-04-26 - Shlayer malware abusing Gatekeeper bypass on macOS.pdf
|
|
|
|
|
2021-04-26 - The cybercriminal underground hasnt forgotten about financial services.pdf
|
|
|
|
|
2021-04-27 - 'Cock.li' Admin Says He’s Not Surprised Russian Intelligence Uses His Site.pdf
|
|
|
|
|
2021-04-27 - Abusing Replication- Stealing AD FS Secrets Over the Network.pdf
|
|
|
|
|
2021-04-27 - APT trends report Q1 2021.pdf
|
|
|
|
|
2021-04-27 - FluBot Android Malware Spreading Rapidly Through Europe, May Hit U.S. Soon.pdf
|
|
|
|
|
2021-04-27 - How law enforcement can stay a step ahead of hackers.pdf
|
|
|
|
|
2021-04-27 - Ransomware Preparedness- A Call to Action.pdf
|
|
|
|
|
2021-04-27 - RedLine Stealer Masquerades as Telegram Installer.pdf
|
|
|
|
|
2021-04-27 - Winter Vivern- A Look At Re-Crafted Government MalDocs Targeting Multiple Languages.pdf
|
|
|
|
|
2021-04-28 - Cyberspies target military organizations with new Nebulae backdoor.pdf
|
|
|
|
|
2021-04-28 - EU Cyber Operations Groups.pdf
|
|
|
|
|
2021-04-28 - QBot Malware Spotted Using Windows Defender Antivirus Lure.pdf
|
|
|
|
|
2021-04-28 - RotaJakiro- A long live secret backdoor with 0 VT detection.pdf
|
|
|
|
|
2021-04-28 - Spotting malicious Excel4 macros.pdf
|
|
|
|
|
2021-04-28 - The Rage of Android Banking Trojans.pdf
|
|
|
|
|
2021-04-28 - The Sodinokibi Chronicles- A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash.pdf
|
|
|
|
|
2021-04-28 - UK rail network Merseyrail likely hit by Lockbit ransomware.pdf
|
|
|
|
|
2021-04-28 - Un sospetto attacco telematico blocca le filiali della Bcc di Roma.pdf
|
|
|
|
|
2021-04-28 - VB6 P-Code Obfuscation.pdf
|
|
|
|
|
2021-04-28 - Water Pamola Attacked Online Shops Via Malicious Orders.pdf
|
|
|
|
|
2021-04-29 - Chimera APT updates on its OwlProxy malware.pdf
|
|
|
|
|
2021-04-29 - Chinese Cyberspies Target Military Organizations in Asia With New Malware.pdf
|
|
|
|
|
2021-04-29 - CISA Identifies SUPERNOVA Malware During Incident Response.pdf
|
|
|
|
|
2021-04-29 - DomainTools And Digital Archeology- A Look At RotaJakiro.pdf
|
|
|
|
|
2021-04-29 - Information Gathering as a Researcher- a use case.pdf
|
|
|
|
|
2021-04-29 - Investigating TA413 Threat Actor Group Using OpenCTI in Maltego.pdf
|
|
|
|
|
2021-04-29 - Leaping Down a Rabbit Hole of Fraud and Misdirection.pdf
|
|
|
|
|
2021-04-29 - New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl).pdf
|
|
|
|
|
2021-04-29 - QNAP warns of AgeLocker ransomware attacks against NAS devices.pdf
|
|
|
|
|
2021-04-29 - Saving World Health Day- UNICC and Group-IB Take Down Scam Campaign Impersonating the World Health Organization.pdf
|
|
|
|
|
2021-04-29 - The Story of FakeChat.pdf
|
|
|
|
|
2021-04-29 - Threat Alert- New update from Sysrv-hello, now infecting victims‘ webpages to push malicious exe to end users.pdf
|
|
|
|
|
2021-04-29 - Udało nam się zrealizować wywiad z grupą ransomware (Babuk), która zaszyfrowała policję metropolitarną w Waszyngtonie.pdf
|
|
|
|
|
2021-04-29 - UNC2447 SOMBRAT and FIVEHANDS Ransomware- A Sophisticated Financial Threat.pdf
|
|
|
|
|
2021-04-29 - Whistler resort municipality hit by new ransomware operation.pdf
|
|
|
|
|
2021-04-30 - A Second Iranian State-Sponsored Ransomware Operation “Project Signal” Emerges.pdf
|
|
|
|
|
2021-04-30 - Cybercrime Featured DarkPath scam group loses 134 domains impersonating the WHO.pdf
|
|
|
|
|
2021-04-30 - Detecting network beacons via KQL using simple spread stats functions.pdf
|
|
|
|
|
2021-04-30 - How Cybercriminals Abuse OpenBullet for Credential Stuffing.pdf
|
|
|
|
|
2021-04-30 - Qbot- Analyzing PHP Proxy Scripts from Compromised Web Server.pdf
|
|
|
|
|
2021-04-30 - Transparent Tribe Operating with a New Variant of Crimson RAT.pdf
|
|
|
|
|
2021-05-01 - Guy's 30 Reverse Engineering Tips & Tricks.pdf
|
|
|
|
|
2021-05-01 - Muddywater- Binder Project.pdf
|
|
|
|
|
2021-05-02 - 3. Superdollars.pdf
|
|
|
|
|
2021-05-02 - DOJ hiring new liaison prosecutor to hunt cybercriminals in Eastern Europe.pdf
|
|
|
|
|
2021-05-02 - Mobile Malware App Anubis Strikes Again, Continues to Lure Users Disguised as a Fake Antivirus.pdf
|
|
|
|
|
2021-05-02 - Sodinokibi Ransomware Analysis.pdf
|
|
|
|
|
2021-05-02 - Trickbot Brief- Creds and Beacons.pdf
|
|
|
|
|
2021-05-03 - Apple fixes 2 iOS zero-day vulnerabilities actively used in attacks.pdf
|
|
|
|
|
2021-05-03 - BuerLoader Updates.pdf
|
|
|
|
|
2021-05-03 - Clop Ransomware Detection- Threat Research Release, April 2021.pdf
|
|
|
|
|
2021-05-03 - Exploitation of data breaches for executive protection.pdf
|
|
|
|
|
2021-05-03 - N3TW0RM ransomware emerges in wave of cyberattacks in Israel.pdf
|
|
|
|
|
2021-05-03 - New Variant of Buer Loader Written in Rust.pdf
|
|
|
|
|
2021-05-03 - Rewterz Threat Alert – Financially Motivated Aggressive Group Carrying Out Ransomware Campaigns – Active IOCs.pdf
|
|
|
|
|
2021-05-03 - Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government.pdf
|
|
|
|
|
2021-05-03 - Tween on new RaaS Galaxy Ransomware.pdf
|
|
|
|
|
2021-05-04 - A taste of the latest release of QakBot.pdf
|
|
|
|
|
2021-05-04 - Alien Mobile Malware Evades Detection, Increases Targets.pdf
|
|
|
|
|
2021-05-04 - Cr4sh - MicroBackdoor - Small and convenient C2 tool for Windows targets.pdf
|
|
|
|
|
2021-05-04 - Detecting Lateral Movement via WinRM Using KQL.pdf
|
|
|
|
|
2021-05-04 - Grab your own copy of Phenakite iOS malware today.pdf
|
|
|
|
|
2021-05-04 - New Panda Stealer Targets Cryptocurrency Wallets.pdf
|
|
|
|
|
2021-05-04 - Pingback- Backdoor At The End Of The ICMP Tunnel.pdf
|
|
|
|
|
2021-05-04 - RM3 – Curiosities of the wildest banking malware.pdf
|
|
|
|
|
2021-05-04 - The UNC2529 Triple Double- A Trifecta Phishing Campaign.pdf
|
|
|
|
|
2021-05-04 - Transferring leverage in a ransomware attack.pdf
|
|
|
|
|
2021-05-05 - Are The Notorious Cyber Criminals Evil Corp actually Russian Spies-.pdf
|
|
|
|
|
2021-05-05 - Catching RATs Over Custom Protocols Analysis of top non-HTTP-S threats.pdf
|
|
|
|
|
2021-05-05 - China’s PLA Unit 61419 Purchasing Foreign Antivirus Products, Likely for Exploitation.pdf
|
|
|
|
|
2021-05-05 - Flubot vs. Zimperium.pdf
|
|
|
|
|
2021-05-05 - Intervention halts a ProxyLogon-enabled attack.pdf
|
|
|
|
|
2021-05-05 - Joker.pdf
|
|
|
|
|
2021-05-05 - Malware group leaks millions of stolen authentication cookies.pdf
|
|
|
|
|
2021-05-05 - Multi-Factor Authentication- Headache for Cyber Actors Inspires New Attack Techniques.pdf
|
|
|
|
|
2021-05-05 - Ousaban- Private photo collection hidden in a CABinet.pdf
|
|
|
|
|
2021-05-05 - Roaming Mantis Amplifies Smishing Campaign with OS-Specific Android Malware.pdf
|
|
|
|
|
2021-05-05 - Smishing campaign in NL spreading Cabassous and Anatsa.pdf
|
|
|
|
|
2021-05-05 - VB6 P-Code Disassembly.pdf
|
|
|
|
|
2021-05-06 - An APT with no name.pdf
|
|
|
|
|
2021-05-06 - Analysis Report- FiveHands Ransomware.pdf
|
|
|
|
|
2021-05-06 - Darkside Ransomware.pdf
|
|
|
|
|
2021-05-06 - GrelosGTM group abuses Google Tag Manager to attack e-commerce websites.pdf
|
|
|
|
|
2021-05-06 - How China turned a prize-winning iPhone hack against the Uyghurs.pdf
|
|
|
|
|
2021-05-06 - Iran Cyber Operations Groups.pdf
|
|
|
|
|
2021-05-06 - MAR-10324784-1.v1- FiveHands Ransomware.pdf
|
|
|
|
|
2021-05-06 - MTR in Real Time- Pirates pave way for Ryuk ransomware.pdf
|
|
|
|
|
2021-05-06 - Operation TunnelSnake.pdf
|
|
|
|
|
2021-05-06 - Proxylogon- A Coinminer, a Ransomware, and a Botnet Join the Party.pdf
|
|
|
|
|
2021-05-06 - Ransomware- Hunting for Inhibiting System Backup or Recovery.pdf
|
|
|
|
|
2021-05-06 - RotaJakiro, the Linux version of the OceanLotus.pdf
|
|
|
|
|
2021-05-06 - Threat Thursday- Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics.pdf
|
|
|
|
|
2021-05-07 - An In-Depth analysis of the new Taurus Stealer.pdf
|
|
|
|
|
2021-05-07 - An Investigative Update of the Cyberattack.pdf
|
|
|
|
|
2021-05-07 - Connecting the Bots Hancitor fuels Cuba Ransomware Operations.pdf
|
|
|
|
|
2021-05-07 - Data leak marketplaces aim to take over the extortion economy.pdf
|
|
|
|
|
2021-05-07 - Four Individuals Plead Guilty to RICO Conspiracy Involving “Bulletproof Hosting” for Cybercriminals.pdf
|
|
|
|
|
2021-05-07 - Human operated ransomware.pdf
|
|
|
|
|
2021-05-07 - Lemon Duck spreads its wings- Actors target Microsoft Exchange servers, incorporate new TTPs.pdf
|
|
|
|
|
2021-05-07 - MuddyWater- Binder Project (Part 2).pdf
|
|
|
|
|
2021-05-07 - New Lemon Duck variants exploiting Microsoft Exchange Server.pdf
|
|
|
|
|
2021-05-07 - Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader.pdf
|
|
|
|
|
2021-05-07 - Stats from Hunting Cobalt Strike Beacons.pdf
|
|
|
|
|
2021-05-08 - Cyber attack shuts down top U.S. fuel pipeline network.pdf
|
|
|
|
|
2021-05-08 - SolarWinds says fewer than 100 customers were impacted by supply chain attack.pdf
|
|
|
|
|
2021-05-08 - When Karma Comes Back- The rise and fall of illicit cardshop breached twice in two years.pdf
|
|
|
|
|
2021-05-10 - Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks.pdf
|
|
|
|
|
2021-05-10 - APT Threat Landscape of Taiwan in 2020.pdf
|
|
|
|
|
2021-05-10 - City of Tulsa's online services disrupted in ransomware incident.pdf
|
|
|
|
|
2021-05-10 - Cobaltstrike-Beacons analyzed.pdf
|
|
|
|
|
2021-05-10 - Dissecting a RAT. Analysis of the HawkShaw..pdf
|
|
|
|
|
2021-05-10 - Heres what we know about DarkSide ransomware.pdf
|
|
|
|
|
2021-05-10 - How one of the largest hacker networks in the world was paralyzed.pdf
|
|
|
|
|
2021-05-10 - IcedID Malware Technical Analysis Report.pdf
|
|
|
|
|
2021-05-10 - Intelligence Report on Ransomware Gangs on the DarkWeb- List of victim organizations attacked by ransomware gangs released on the DarkWeb.pdf
|
|
|
|
|
2021-05-10 - Meet DarkSide and Their Ransomware – SentinelOne Customers Protected.pdf
|
|
|
|
|
2021-05-10 - Overview of Campo, a new attack campaign targeting Japan.pdf
|
|
|
|
|
2021-05-10 - Prelude to Ransomware- SystemBC.pdf
|
|
|
|
|
2021-05-10 - Prometheus Ransomware Haron Ransomware.pdf
|
|
|
|
|
2021-05-10 - Rise of the Chief Intelligence Officer (CINO).pdf
|
|
|
|
|
2021-05-10 - Russian spy unit suspected of directed-energy attacks on U.S. personnel.pdf
|
|
|
|
|
2021-05-10 - Shedding Light on the DarkSide Ransomware Attack.pdf
|
|
|
|
|
2021-05-11 - 15 percent of 2020 ransomware payments carried a sanctions violations risk.pdf
|
|
|
|
|
2021-05-11 - 15% of 2020 ransomware payments carried a sanctions violations risk.pdf
|
|
|
|
|
2021-05-11 - A Closer Look at the DarkSide Ransomware Gang.pdf
|
|
|
|
|
2021-05-11 - A defender’s view inside a DarkSide ransomware attack.pdf
|
|
|
|
|
2021-05-11 - Alert (AA21-131A) DarkSide Ransomware- Best Practices for Preventing Business Disruption from Ransomware Attacks.pdf
|
|
|
|
|
2021-05-11 - Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait.pdf
|
|
|
|
|
2021-05-11 - Android overlay attacks on Belgian financial applications.pdf
|
|
|
|
|
2021-05-11 - Campo, a New Attack Campaign Targeting Japan.pdf
|
|
|
|
|
2021-05-11 - DarkSide Ransomware Links to REvil Group Difficult to Dismiss.pdf
|
|
|
|
|
2021-05-11 - Osiris banking trojan shuts down as new Ares variant emerges.pdf
|
|
|
|
|
2021-05-11 - Quick analysis note about DealPly (Adware).pdf
|
|
|
|
|
2021-05-11 - Reasonable IR Team Expectations.pdf
|
|
|
|
|
2021-05-11 - Recommendations Following the Colonial Pipeline Cyber Attack.pdf
|
|
|
|
|
2021-05-11 - Response When Minutes Matter- Rising Up Against Ransomware.pdf
|
|
|
|
|
2021-05-11 - Shining a Light on DARKSIDE Ransomware Operations.pdf
|
|
|
|
|
2021-05-11 - The DarkSide of the Ransomware Pipeline.pdf
|
|
|
|
|
2021-05-11 - Threat Bulletin- Exploring the Differences and Similarities of Agent Tesla v2 & v3.pdf
|
|
|
|
|
2021-05-12 - Agents raid home of Kansas man seeking info on botnet that infected DOD network.pdf
|
|
|
|
|
2021-05-12 - Anatomy of a $2 Million Darkside Ransomware Breach.pdf
|
|
|
|
|
2021-05-12 - Conti Ransomware.pdf
|
|
|
|
|
2021-05-12 - DarkSide Ransomware Gang- An Overview.pdf
|
|
|
|
|
2021-05-12 - Encrypted Chat Apps Doubling as Illegal Marketplaces.pdf
|
|
|
|
|
2021-05-12 - Executive Order on Improving the Nation’s Cybersecurity.pdf
|
|
|
|
|
2021-05-12 - Incident response playbooks.pdf
|
|
|
|
|
2021-05-12 - Nefilim Ransomware.pdf
|
|
|
|
|
2021-05-12 - New Evidence Supports Assessment that DarkSide Likely Responsible for Colonial Pipeline Ransomware Attack; Others Targeted.pdf
|
|
|
|
|
2021-05-12 - Ransomware world in 2021- who, how and why.pdf
|
|
|
|
|
2021-05-12 - What We Know About Darkside Ransomware and the US Pipeline Attack.pdf
|
|
|
|
|
2021-05-12 - Writing a VB6 P-Code Debugger.pdf
|
|
|
|
|
2021-05-13 - 'Don't panic,' Biden tells Americans facing gasoline shortages from pipeline attack.pdf
|
|
|
|
|
2021-05-13 - APT attack for domestic companies using library files.pdf
|
|
|
|
|
2021-05-13 - Catching the White Stork in Flight.pdf
|
|
|
|
|
2021-05-13 - Chemical distributor pays $4.4 million to DarkSide ransomware.pdf
|
|
|
|
|
2021-05-13 - Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom.pdf
|
|
|
|
|
2021-05-13 - Domain Blooms- Identifying Domain Name Themes Targeted By Threat Actors.pdf
|
|
|
|
|
2021-05-13 - Meet Lorenz — A new ransomware gang targeting the enterprise.pdf
|
|
|
|
|
2021-05-13 - Mind the (Air) Gap.pdf
|
|
|
|
|
2021-05-13 - Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity.pdf
|
|
|
|
|
2021-05-13 - Popular hacking forum bans ransomware ads.pdf
|
|
|
|
|
2021-05-13 - Popular Russian hacking forum XSS bans all ransomware topics.pdf
|
|
|
|
|
2021-05-13 - Ransomware Groups Use Tor-Based Backdoor for Persistent Access.pdf
|
|
|
|
|
2021-05-13 - Threat Actors Use MSBuild to Deliver RATs Filelessly.pdf
|
|
|
|
|
2021-05-13 - Threat Thursday- SombRAT — Always Leave Yourself a Backdoor.pdf
|
|
|
|
|
2021-05-13 - Transparent Tribe APT expands its Windows malware arsenal.pdf
|
|
|
|
|
2021-05-13 - Who is Mr. Zhao-.pdf
|
|
|
|
|
2021-05-14 - AHK RAT Loader Used in Unique Delivery Campaigns.pdf
|
|
|
|
|
2021-05-14 - Analysis Report (AR21-134A)- Eviction Guidance for Networks Affected by the SolarWinds and Active Directory-M365 Compromise.pdf
|
|
|
|
|
2021-05-14 - DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized.pdf
|
|
|
|
|
2021-05-14 - Darkside ransomware gang says it lost control of its servers & money a day after Biden threat.pdf
|
|
|
|
|
2021-05-14 - DarkSide Ransomware Operations - Preventions and Detections.pdf
|
|
|
|
|
2021-05-14 - DarkSide ransomware servers reportedly seized, REvil restricts targets.pdf
|
|
|
|
|
2021-05-14 - Darkside Ransomware Victims Sold Short.pdf
|
|
|
|
|
2021-05-14 - Elliptic Follows the Bitcoin Ransoms Paid by Colonial Pipeline and Other DarkSide Ransomware Victims.pdf
|
|
|
|
|
2021-05-14 - From Dawn to -Silent Night-- -DarkSide Ransomware- Initial Attack Vector Evolution.pdf
|
|
|
|
|
2021-05-14 - How Flubot targets Android phone users and their money.pdf
|
|
|
|
|
2021-05-14 - QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day.pdf
|
|
|
|
|
2021-05-14 - Slides & Recordings for Mobile security trainings.pdf
|
|
|
|
|
2021-05-14 - The moral underground Ransomware operators retreat after Colonial Pipeline hack.pdf
|
|
|
|
|
2021-05-16 - HSE Conti 40521 UPDATE.pdf
|
|
|
|
|
2021-05-16 - Japan lashes out against alleged Chinese military cyberattacks.pdf
|
|
|
|
|
2021-05-17 - Analysis of NoCry- A variant of the Judge ransomware.pdf
|
|
|
|
|
2021-05-17 - Bizarro banking Trojan expands its attacks to Europe.pdf
|
|
|
|
|
2021-05-17 - Case Study- Incident Response is a relationship-driven business.pdf
|
|
|
|
|
2021-05-17 - DarkSide Ransomware- Splunk Threat Update and Detections.pdf
|
|
|
|
|
2021-05-17 - Discovery of Simps Botnet Leads To Ties to Keksec Group.pdf
|
|
|
|
|
2021-05-17 - Icedid Analysis.pdf
|
|
|
|
|
2021-05-17 - Investigating the Watering Hole Linked to the Oldsmar Water Treatment Facility Breach.pdf
|
|
|
|
|
2021-05-17 - Let’s set ice on fire- Hunting and detecting IcedID infections.pdf
|
|
|
|
|
2021-05-17 - Literature lover targeting Colombia with LimeRAT.pdf
|
|
|
|
|
2021-05-17 - Mustang Panda PlugX - 45.251.240.55 Pivot.pdf
|
|
|
|
|
2021-05-17 - Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions.pdf
|
|
|
|
|
2021-05-17 - Three major hacking forums ban ransomware ads as some ransomware gangs shut down.pdf
|
|
|
|
|
2021-05-17 - Tracking DarkSide and Ransomware- The Network View.pdf
|
|
|
|
|
2021-05-17 - VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture.pdf
|
|
|
|
|
2021-05-17 - W3 May - EN - Story of the week- Code Signing Certificate on the Darkweb.pdf
|
|
|
|
|
2021-05-18 - A native packer for Android-MoqHao.pdf
|
|
|
|
|
2021-05-18 - An Encounter With TA551-Shathak.pdf
|
|
|
|
|
2021-05-18 - Analysis of MountLocker.pdf
|
|
|
|
|
2021-05-18 - Darkside gang estimated to have made over $90 million from ransomware attacks.pdf
|
|
|
|
|
2021-05-18 - DarkSide Goes Dark- How CrowdStrike Falcon Customers Were Protected.pdf
|
|
|
|
|
2021-05-18 - DarkSide Ransomware Behavior and Techniques.pdf
|
|
|
|
|
2021-05-18 - DarkSide Ransomware has Netted Over $90 million in Bitcoin.pdf
|
|
|
|
|
2021-05-18 - DarkSide ransomware made $90 million in just nine months.pdf
|
|
|
|
|
2021-05-18 - Examining Russian-language Cybercriminal Marketplaces.pdf
|
|
|
|
|
2021-05-18 - ProblemChild- Detecting living-off-the-land attacks using the Elastic Stack.pdf
|
|
|
|
|
2021-05-18 - Strong ARMing with MacOS- Adventures in Cross-Platform Emulation.pdf
|
|
|
|
|
2021-05-18 - TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software.pdf
|
|
|
|
|
2021-05-18 - The Active Adversary Playbook 2021.pdf
|
|
|
|
|
2021-05-19 - Aanhouding in onderzoek naar cybercrime.pdf
|
|
|
|
|
2021-05-19 - BazarCall- Call Centers Help Spread BazarLoader Malware.pdf
|
|
|
|
|
2021-05-19 - Binary Reuse of VB6 P-Code Functions.pdf
|
|
|
|
|
2021-05-19 - Colonial Pipeline CEO Tells Why He Paid Hackers a $4.4 Million Ransom.pdf
|
|
|
|
|
2021-05-19 - Colonial Pipeline Ransomware Attack- Revealing How DarkSide Works.pdf
|
|
|
|
|
2021-05-19 - Look how many cybercriminals love Cobalt Strike.pdf
|
|
|
|
|
2021-05-19 - May Android security updates patch 4 zero-days exploited in the wild.pdf
|
|
|
|
|
2021-05-19 - Python stealer distribution via excel maldoc.pdf
|
|
|
|
|
2021-05-19 - Qlocker ransomware shuts down after extorting hundreds of QNAP users.pdf
|
|
|
|
|
2021-05-19 - SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019.pdf
|
|
|
|
|
2021-05-19 - Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network.pdf
|
|
|
|
|
2021-05-20 - Caught in the Cloud - How a Monero Cryptominer Exploits Docker Containers.pdf
|
|
|
|
|
2021-05-20 - Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares.pdf
|
|
|
|
|
2021-05-20 - Phorpiex morphs- How a longstanding botnet persists and thrives in the current threat environment.pdf
|
|
|
|
|
2021-05-20 - Ransomware-as-a-Service, Rogue Affiliates, and What’s Next.pdf
|
|
|
|
|
2021-05-20 - Response When Minutes Matter- When Good Tools Are Used for (R)Evil.pdf
|
|
|
|
|
2021-05-20 - The Full Story of the Stunning RSA Hack Can Finally Be Told.pdf
|
|
|
|
|
2021-05-21 - DarkSide affiliates claim gang's bitcoins in deposit on hacker forum.pdf
|
|
|
|
|
2021-05-21 - DarkSide’s Targeted Ransomware Analysis Report for Critical U.S. Infrastructure.pdf
|
|
|
|
|
2021-05-21 - FSB NKTsKI- Foreign ‘cyber mercenaries’ breached Russian federal agencies.pdf
|
|
|
|
|
2021-05-21 - Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic.pdf
|
|
|
|
|
2021-05-21 - Targeted attack by 'Cobalt Strike loader' that exploits Microsoft's digital signature-Attacker group APT41.pdf
|
|
|
|
|
2021-05-23 - MountLocker Ransomware.pdf
|
|
|
|
|
2021-05-24 - [RE022] Part 1- Quick analysis of malicious sample forging the official dispatch of the Central Inspection Committee.pdf
|
|
|
|
|
2021-05-24 - SCOTCH- A framework for rapidly assessing influence operations.pdf
|
|
|
|
|
2021-05-24 - The Colonial pipeline ransomware hackers had a secret weapon- self-promoting cybersecurity firms.pdf
|
|
|
|
|
2021-05-24 - Tracking StrongPity with Yara.pdf
|
|
|
|
|
2021-05-24 - Vidar Info-Stealer Abusing Game Platform.pdf
|
|
|
|
|
2021-05-24 - Zero-Day TCC bypass discovered in XCSSET malware.pdf
|
|
|
|
|
2021-05-25 - Cobalt Strikes Again- An Analysis of Obfuscated Malware.pdf
|
|
|
|
|
2021-05-25 - Crimes of Opportunity- Increasing Frequency of Low Sophistication Operational Technology Compromises.pdf
|
|
|
|
|
2021-05-25 - Evolution of JSWorm ransomware.pdf
|
|
|
|
|
2021-05-25 - Indicators Over Cocktails- Exporting Indicators from Iris (UNC1151).pdf
|
|
|
|
|
2021-05-25 - TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack.pdf
|
|
|
|
|
2021-05-25 - W4 May - EN - Story of the week- Ransomware on the Darkweb.pdf
|
|
|
|
|
2021-05-26 - A Deep Dive into Packing Software CryptOne.pdf
|
|
|
|
|
2021-05-26 - Belgium uproots cyber-espionage campaign with suspected ties to China.pdf
|
|
|
|
|
2021-05-26 - Elizabethan England has nothing on modern-day Russia.pdf
|
|
|
|
|
2021-05-26 - Melting Ice – Tracking IcedID Servers with a few simple steps.pdf
|
|
|
|
|
2021-05-26 - New Version of Kido (Conficker) (Kaspersky Lab).pdf
|
|
|
|
|
2021-05-26 - PSChain.pdf
|
|
|
|
|
2021-05-27 - Another Nobelium Cyberattack.pdf
|
|
|
|
|
2021-05-27 - Apostle Ransomware Analysis.pdf
|
|
|
|
|
2021-05-27 - Attacks Embedding XMRig on Compromised Servers.pdf
|
|
|
|
|
2021-05-27 - Financial spear-phishing campaigns pushing RATs.pdf
|
|
|
|
|
2021-05-27 - Mustang Panda PlugX - Reused Mutex and Folder Found in the Extracted Config.pdf
|
|
|
|
|
2021-05-27 - Re-Checking Your Pulse- Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices.pdf
|
|
|
|
|
2021-05-27 - Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns.pdf
|
|
|
|
|
2021-05-27 - Trapping A Fat Quasar RAT.pdf
|
|
|
|
|
2021-05-27 - Uyghurs, a Turkic ethnic minority in China, targeted via fake foundations - Check Point Research.pdf
|
|
|
|
|
2021-05-28 - A new ransomware enters the fray- Epsilon Red.pdf
|
|
|
|
|
2021-05-28 - Alert (AA21-148A)- Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs.pdf
|
|
|
|
|
2021-05-28 - Breaking down NOBELIUM’s latest early-stage toolset.pdf
|
|
|
|
|
2021-05-28 - DarkSide on Linux- Virtual Machines Targeted.pdf
|
|
|
|
|
2021-05-28 - Deep Analysis of Vidar Stealer.pdf
|
|
|
|
|
2021-05-28 - Malware Analysis Report (AR21-148A)- Cobalt Strike Beacon.pdf
|
|
|
|
|
2021-05-28 - WooCommerce Credit Card Skimmer Hides in Plain Sight.pdf
|
|
|
|
|
2021-05-30 - Defend and deter.pdf
|
|
|
|
|
2021-05-31 - Babuk re-organizes as Payload Bin, offers its first leak.pdf
|
|
|
|
|
2021-05-31 - Hacker Lexicon- What Is a Supply Chain Attack-.pdf
|
|
|
|
|
2021-06-01 - A Contrarian View on SolarWinds.pdf
|
|
|
|
|
2021-06-01 - Backdoors, RATs, Loaders evasion techniques.pdf
|
|
|
|
|
2021-06-01 - Critical 0-day in Fancy Product Designer Under Active Attack.pdf
|
|
|
|
|
2021-06-01 - Critical WordPress plugin zero-day under active exploitation.pdf
|
|
|
|
|
2021-06-01 - Detecting Initial Access- HTML Smuggling and ISO Images — Part 1.pdf
|
|
|
|
|
2021-06-01 - Detecting Initial Access- HTML Smuggling and ISO Images — Part 2.pdf
|
|
|
|
|
2021-06-01 - Dissecting a RAT. Analysis of the Command-line AndroRAT..pdf
|
|
|
|
|
2021-06-01 - Evadere Classifications.pdf
|
|
|
|
|
2021-06-01 - Ex-US ambassador, anti-corruption activists in Ukraine were targets of suspected Russian phishing.pdf
|
|
|
|
|
2021-06-01 - Hex-Rays, GetProcAddress, and Malware Analysis.pdf
|
|
|
|
|
2021-06-01 - Inside commercial malware sandboxes.pdf
|
|
|
|
|
2021-06-01 - Justice Department Announces Court-Authorized Seizure of Domain Names Used in Furtherance of Spear-Phishing Campaign Posing as U.S. Agency for International Development.pdf
|
|
|
|
|
2021-06-01 - Kimsuky APT continues to target South Korean government using AppleSeed backdoor.pdf
|
|
|
|
|
2021-06-01 - New sophisticated email-based attack from NOBELIUM.pdf
|
|
|
|
|
2021-06-01 - NobleBaron - New Poisoned Installers Could Be Used In Supply Chain Attacks.pdf
|
|
|
|
|
2021-06-01 - PE Reflection- The King is Dead, Long Live the King.pdf
|
|
|
|
|
2021-06-01 - Rising warning- APT organizes Lazarus Group to launch an attack on China.pdf
|
|
|
|
|
2021-06-01 - Threat Actors Use Mockups of Popular Apps to Spread Teabot and Flubot Malware on Android.pdf
|
|
|
|
|
2021-06-02 - AMSI bypasses remain tricks of the malware trade.pdf
|
|
|
|
|
2021-06-02 - Analysis of Lazarus's recent targeted attacks against military industry and other industries.pdf
|
|
|
|
|
2021-06-02 - Call for crimes- Russian-language forum runs contest for cryptocurrency hacks.pdf
|
|
|
|
|
2021-06-02 - China-Linked Threat Group Targets Taiwan Critical Infrastructure, Smokescreen Ransomware.pdf
|
|
|
|
|
2021-06-02 - FUJIFILM shuts down network after suspected ransomware attack.pdf
|
|
|
|
|
2021-06-02 - Google PPC Ads Deliver Redline, Taurus, and mini-Redline Infostealers.pdf
|
|
|
|
|
2021-06-02 - Introducing The Most Profitable Ransomware REvil.pdf
|
|
|
|
|
2021-06-02 - Lemon-Duck Cryptominer Technical Analysis.pdf
|
|
|
|
|
2021-06-02 - RedDelta PlugX Undergoing Changes and Overlapping Again with Mustang Panda PlugX Infrastructure.pdf
|
|
|
|
|
2021-06-02 - SharpPanda- Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor.pdf
|
|
|
|
|
2021-06-02 - Two Carbanak hackers sentenced to eight years in prison in Kazakhstan.pdf
|
|
|
|
|
2021-06-02 - Under Attack- Protecting Against Conti, DarkSide, REvil and Other Ransomware.pdf
|
|
|
|
|
2021-06-03 - Chinese threat actors hacked NYC MTA using Pulse Secure zero-day.pdf
|
|
|
|
|
2021-06-03 - FontPack- A dangerous update Attribution secrets- Who is behind stealing credentials and bank card data by asking to install fake Flash Player, browser or font updates-.pdf
|
|
|
|
|
2021-06-03 - Necro Python bot adds new exploits and Tezos mining to its bag of tricks.pdf
|
|
|
|
|
2021-06-03 - OAuth’s Device Code Flow Abused in Phishing Attacks.pdf
|
|
|
|
|
2021-06-03 - W1 Jun - EN - Story of the week- Ransomware on the Darkweb.pdf
|
|
|
|
|
2021-06-03 - WebLogic RCE Leads to XMRig.pdf
|
|
|
|
|
2021-06-04 - Analysis of Ragnar Locker Ransomware (Acronis).pdf
|
|
|
|
|
2021-06-04 - APT Attacks on Domestic Companies Using Library Files.pdf
|
|
|
|
|
2021-06-04 - Colonial Pipeline Ransomware Hack Unleashes Flood of Related Phishing Attempts.pdf
|
|
|
|
|
2021-06-04 - EpsilonRed ransomware group hits one of India’s financial software powerhouses.pdf
|
|
|
|
|
2021-06-04 - FreakOut malware worms its way into vulnerable VMware servers.pdf
|
|
|
|
|
2021-06-04 - Glupteba back on track spreading via EternalBlue exploits.pdf
|
|
|
|
|
2021-06-04 - Latvian National Charged for Alleged Role in Transnational Cybercrime Organization.pdf
|
|
|
|
|
2021-06-04 - MercurialGrabber Github Repository.pdf
|
|
|
|
|
2021-06-04 - Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant.pdf
|
|
|
|
|
2021-06-04 - PHP Malware Used in Lucky Visitor Scam.pdf
|
|
|
|
|
2021-06-04 - TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations.pdf
|
|
|
|
|
2021-06-04 - The Ransomware Conundrum – A Look into DarkSide.pdf
|
|
|
|
|
2021-06-04 - The SBU blocked a mass cyberattack by Russian special services on the computer networks of the Ukrainian authorities.pdf
|
|
|
|
|
2021-06-04 - The Sysrv-hello Cryptojacking Botnet- Here’s What’s New.pdf
|
|
|
|
|
2021-06-04 - US arrests Latvian woman who worked on Trickbot malware source code.pdf
|
|
|
|
|
2021-06-05 - Geopolitical nation-state threat actor overview May 2021.pdf
|
|
|
|
|
2021-06-05 - Prometheus- An Emerging Ransomware Group Using Thanos Ransomware To Target Organizations.pdf
|
|
|
|
|
2021-06-06 - New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions.pdf
|
|
|
|
|
2021-06-07 - Adventures in Contacting the Russian FSB.pdf
|
|
|
|
|
2021-06-07 - Avaddon Ransomware Analysis.pdf
|
|
|
|
|
2021-06-07 - Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside.pdf
|
|
|
|
|
2021-06-07 - Gootkit- the cautious Trojan.pdf
|
|
|
|
|
2021-06-07 - Inside the SystemBC Malware-As-A-Service.pdf
|
|
|
|
|
2021-06-07 - Malware family naming hell is our own fault.pdf
|
|
|
|
|
2021-06-07 - Ransomware Struck Another Pipeline Firm—and 70GB of Data Leaked.pdf
|
|
|
|
|
2021-06-07 - Siloscape- First Known Malware Targeting Windows Containers to Compromise Cloud Environments.pdf
|
|
|
|
|
2021-06-08 - Another Brick in the Wall- eCrime Groups Leverage SonicWall VPN Vulnerability.pdf
|
|
|
|
|
2021-06-08 - From QBot...with REvil Ransomware- Initial Attack Exposure of JBS.pdf
|
|
|
|
|
2021-06-08 - LOKIBOT - A commodity malware.pdf
|
|
|
|
|
2021-06-08 - Microsoft patches six Windows zero-days, including a commercial exploit.pdf
|
|
|
|
|
2021-06-08 - New large-scale campaign targets Kubeflow.pdf
|
|
|
|
|
2021-06-08 - Picture this- Malware Hides in Steam Profile Images.pdf
|
|
|
|
|
2021-06-08 - PuzzleMaker attacks with Chrome zero-day exploit chain.pdf
|
|
|
|
|
2021-06-08 - TeamTNT Using WatchDog TTPs to Expand Its Cryptojacking Footprint.pdf
|
|
|
|
|
2021-06-08 - The blurry boundaries between nation-state actors and the cybercrime underground.pdf
|
|
|
|
|
2021-06-08 - ThunderCats Hack the FSB - Your Taxes Didn’t Pay For This Op.pdf
|
|
|
|
|
2021-06-08 - UAL Thank Us Later- Leveraging User Access Logging for Forensic Investigations.pdf
|
|
|
|
|
2021-06-09 - Gelsemium- When threat actors go gardening.pdf
|
|
|
|
|
2021-06-09 - Prometheus Ransomware Gang- A Group of REvil-.pdf
|
|
|
|
|
2021-06-09 - Russian hackers breached Dutch police systems in 2017.pdf
|
|
|
|
|
2021-06-10 - Are Virtual Machines the New Gold for Cyber Criminals-.pdf
|
|
|
|
|
2021-06-10 - BackdoorDiplomacy- Upgrading from Quarian to Turian.pdf
|
|
|
|
|
2021-06-10 - Big airline heist APT41 likely behind massive supply chain attack.pdf
|
|
|
|
|
2021-06-10 - Cloud Atlas Navigates Us Into New Waters.pdf
|
|
|
|
|
2021-06-10 - CrowdStrike Falcon Protects Customers from Recent COZY BEAR Sophisticated Phishing Campaign.pdf
|
|
|
|
|
2021-06-10 - Detecting Password Spraying Attacks- Threat Research Release May 2021.pdf
|
|
|
|
|
2021-06-10 - Hiding your syscalls.pdf
|
|
|
|
|
2021-06-10 - June 2021 Patch Tuesday- Six Actively Exploited Zero-Day Vulnerabilities and More Critical CVEs.pdf
|
|
|
|
|
2021-06-10 - LokiBot Technical Analysis Report.pdf
|
|
|
|
|
2021-06-10 - NetWire Technical Analysis Report.pdf
|
|
|
|
|
2021-06-10 - QakBot Technical Analysis Report.pdf
|
|
|
|
|
2021-06-10 - Ransom DDoS Extortion Actor “Fancy Lazarus” Returns.pdf
|
|
|
|
|
2021-06-10 - REvil- the usage of legitimate remote admin tooling.pdf
|
|
|
|
|
2021-06-10 - Schadsoftware Emotet- BKA befragt Schlüsselfigur.pdf
|
|
|
|
|
2021-06-10 - SmokeLoader Technical Analysis Report.pdf
|
|
|
|
|
2021-06-11 - Avaddon ransomware shuts down and releases decryption keys.pdf
|
|
|
|
|
2021-06-11 - Cybercrime Featured Avaddon ransomware operation shuts down and releases decryption keys.pdf
|
|
|
|
|
2021-06-11 - Relentless REvil, revealed- RaaS as variable as the criminals who use it.pdf
|
|
|
|
|
2021-06-13 - Blue Team Detection- DarkSide Ransomware.pdf
|
|
|
|
|
2021-06-14 - A Step-by-Step Analysis of a New Version of DarkSide Ransomware.pdf
|
|
|
|
|
2021-06-14 - Apple patches two iOS zero-days in old-gen devices.pdf
|
|
|
|
|
2021-06-14 - Behind the scenes of business email compromise- Using cross-domain threat data to disrupt a large BEC campaign.pdf
|
|
|
|
|
2021-06-14 - Digital artists targeted in RedLine infostealer campaign.pdf
|
|
|
|
|
2021-06-14 - G7 calls on Russia to crack down on ransomware gangs.pdf
|
|
|
|
|
2021-06-14 - Incremental Machine Learning by Example- Detecting Suspicious Activity with Zeek Data Streams, River, and JA3 Hashes.pdf
|
|
|
|
|
2021-06-14 - Introducing Script Watch- Detect Magecart style attacks, fast!.pdf
|
|
|
|
|
2021-06-14 - Malware hosting domain Cyberium fanning out Mirai variants.pdf
|
|
|
|
|
2021-06-14 - The Allegedly Ryuk Ransomware builder- #RyukJoke.pdf
|
|
|
|
|
2021-06-14 - The Allegedly Ryuk Ransomware builder- RyukJoke.pdf
|
|
|
|
|
2021-06-15 - A Defender's Perspective of SSL VPN Exploitation.pdf
|
|
|
|
|
2021-06-15 - Andariel evolves to target South Korea with ransomware.pdf
|
|
|
|
|
2021-06-15 - Hades Ransomware Operators Use Distinctive Tactics and Infrastructure.pdf
|
|
|
|
|
2021-06-15 - Handy guide to a new Fivehands ransomware variant.pdf
|
|
|
|
|
2021-06-15 - How to Protect Active Directory Against Ransomware Attacks.pdf
|
|
|
|
|
2021-06-15 - Infra-Tagging -a new tool in Cyber Threat Intelligence.pdf
|
|
|
|
|
2021-06-15 - Insights Into an Excel 4.0 Macro Attack using Qakbot Malware.pdf
|
|
|
|
|
2021-06-15 - Ransomware Gang Turns to Revenge Porn.pdf
|
|
|
|
|
2021-06-15 - Source code for Paradise ransomware leaked on hacking forums.pdf
|
|
|
|
|
2021-06-15 - TargetCompany Ransomware.pdf
|
|
|
|
|
2021-06-15 - Use YARA math Module Extension in THOR TechPreview and THOR Lite.pdf
|
|
|
|
|
2021-06-15 - What you need to know about Process Ghosting, a new executable image tampering attack.pdf
|
|
|
|
|
2021-06-16 - Cerberus Analysis - Android Banking Trojan.pdf
|
|
|
|
|
2021-06-16 - DirtyMoe- Introduction and General Overview of Modularized Malware.pdf
|
|
|
|
|
2021-06-16 - Emotet campaign analysis.pdf
|
|
|
|
|
2021-06-16 - Evilnum organizes recent attacks against European financial companies.pdf
|
|
|
|
|
2021-06-16 - Ferocious Kitten- 6 years of covert surveillance in Iran.pdf
|
|
|
|
|
2021-06-16 - Gootloader- ‘Initial Access as a Service’ Platform Expands Its Search for High Value Targets.pdf
|
|
|
|
|
2021-06-16 - Matanbuchus- Malware-as-a-Service with Demonic Intentions.pdf
|
|
|
|
|
2021-06-16 - Removing Coordinated Inauthentic Behavior From Ethiopia.pdf
|
|
|
|
|
2021-06-16 - Russian National Convicted of Charges Relating to Kelihos Botnet.pdf
|
|
|
|
|
2021-06-16 - Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise.pdf
|
|
|
|
|
2021-06-16 - The First Step- Initial Access Leads to Ransomware.pdf
|
|
|
|
|
2021-06-16 - The Rise & Demise of Multi-Million Ransomware Business Empire.pdf
|
|
|
|
|
2021-06-16 - Ukrainian police arrest Clop ransomware members, seize server infrastructure.pdf
|
|
|
|
|
2021-06-16 - Ukrainian Police Nab Six Tied to CLOP Ransomware.pdf
|
|
|
|
|
2021-06-16 - US convicts Russian national behind Kelihos botnet crypting service.pdf
|
|
|
|
|
2021-06-17 - Analysis of Hancitor – When Boring Begets Beacon.pdf
|
|
|
|
|
2021-06-17 - Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions.pdf
|
|
|
|
|
2021-06-17 - Black Kingdom ransomware.pdf
|
|
|
|
|
2021-06-17 - Etterforskningen av datanettverksoperasjonen mot statsforvalterembeter henlegges.pdf
|
|
|
|
|
2021-06-17 - For the first time, PST says that China (APT31) is behind a computer attack.pdf
|
|
|
|
|
2021-06-17 - Hold the Door- Examining Exfiltration Activity and Applying Countermeasures.pdf
|
|
|
|
|
2021-06-17 - Klingon RAT Holding on for Dear Life.pdf
|
|
|
|
|
2021-06-17 - New TA402 Molerats Malware Targets Governments in the Middle East.pdf
|
|
|
|
|
2021-06-17 - Teabot - Android Banking Trojan Targets Banks in Europe.pdf
|
|
|
|
|
2021-06-17 - The investigation of the computer network operation (by APT31) against public administration offices is closed.pdf
|
|
|
|
|
2021-06-17 - Vigilante malware rats out software pirates while blocking ThePirateBay.pdf
|
|
|
|
|
2021-06-18 - 0xxx Ransomware.pdf
|
|
|
|
|
2021-06-18 - Conti Ransomware Gang- An Overview.pdf
|
|
|
|
|
2021-06-18 - Poland blames Russia for breach, theft of Polish officials' emails.pdf
|
|
|
|
|
2021-06-18 - Ransomware Actors Evolved Their Operations in 2020.pdf
|
|
|
|
|
2021-06-18 - Ryuk Botnet, Simps Botnet, Gods of Destny Botnet.pdf
|
|
|
|
|
2021-06-18 - SecurityScorecard Finds USAID Hack Much Larger Than Initially Thought.pdf
|
|
|
|
|
2021-06-18 - Statement by the Vice-President of the Council of Ministers, Chairman of the Committee for National Security and Defense Affairs, Jarosław Kaczyński (about UNC1151).pdf
|
|
|
|
|
2021-06-19 - Alert (AA21-200A)- Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department.pdf
|
|
|
|
|
2021-06-19 - Android FluBot enters Switzerland.pdf
|
|
|
|
|
2021-06-20 - Dangerous Phishing Campaign for Harvesting Credentials using an HTML Attachment.pdf
|
|
|
|
|
2021-06-20 - From Word to Lateral Movement in 1 Hour.pdf
|
|
|
|
|
2021-06-20 - Mars-Deimos- From Jupiter to Mars and Back again (Part Two).pdf
|
|
|
|
|
2021-06-20 - The Sorcery of Malware Reverse Engineering.pdf
|
|
|
|
|
2021-06-20 - Unpacking UPX Manually.pdf
|
|
|
|
|
2021-06-21 - An Encounter With Ransomware-as-a-Service- MEGAsync Analysis.pdf
|
|
|
|
|
2021-06-21 - DarkRadiation - Abusing Bash For Linux and Docker Container Ransomware.pdf
|
|
|
|
|
2021-06-21 - Darkside RaaS in Linux version.pdf
|
|
|
|
|
2021-06-21 - Dissecting a RAT. Analysis of the Saefko RAT..pdf
|
|
|
|
|
2021-06-21 - DJVU Malware of STOP Ransomware Family Back with New Variant.pdf
|
|
|
|
|
2021-06-21 - Lolifox – kto za nim stał i co się z nim stało-.pdf
|
|
|
|
|
2021-06-21 - Ready for (nearly) anything- Five things to prepare for a cyber security incident.pdf
|
|
|
|
|
2021-06-21 - Sload Targeting Europe Again.pdf
|
|
|
|
|
2021-06-21 - Sonatype Catches New PyPI Cryptomining Malware.pdf
|
|
|
|
|
2021-06-21 - Threat Hunting SSH Keys – Bash Script Feature Pivoting.pdf
|
|
|
|
|
2021-06-21 - VMProtect 2 - Part Two, Complete Static Analysis.pdf
|
|
|
|
|
2021-06-22 - Android Application Disguised as Dating App Targets Indian Military Personnel.pdf
|
|
|
|
|
2021-06-22 - Attackers in Executive Clothing - BEC continues to separate orgs from their money.pdf
|
|
|
|
|
2021-06-22 - Attacks against media in the Philippines continue.pdf
|
|
|
|
|
2021-06-22 - Chasing DarkSide Affiliates- Identifying Threat Actors Connected to Darkside Ransomware Using Maltego & Intel 471.pdf
|
|
|
|
|
2021-06-22 - Crypto-mining on a DNS server.pdf
|
|
|
|
|
2021-06-22 - Darkside RaaS in Linux version.pdf
|
|
|
|
|
2021-06-22 - How to Dissect Unusual Protocols for Troubleshooting OT Security.pdf
|
|
|
|
|
2021-06-22 - LV Ransomware.pdf
|
|
|
|
|
2021-06-22 - NukeSped Copies Fileless Code From Bundlore, Leaves It Unused.pdf
|
|
|
|
|
2021-06-22 - Polish intelligence agencies link cyberattack to Russia (UNC1151).pdf
|
|
|
|
|
2021-06-22 - Preventing Exploitation of the ZIP File Format.pdf
|
|
|
|
|
2021-06-22 - Response When Minutes Matter- Falcon Complete Disrupts WIZARD SPIDER eCrime Operators.pdf
|
|
|
|
|
2021-06-22 - Suspected Pakistani Actor Compromises Indian Power Company with New ReverseRat.pdf
|
|
|
|
|
2021-06-23 - Cybercriminals shop around for schemes targeting retail.pdf
|
|
|
|
|
2021-06-23 - Deep analysis of REvil Ransomware.pdf
|
|
|
|
|
2021-06-23 - Java Plug-Ins Delivering Zloader.pdf
|
|
|
|
|
2021-06-23 - Kimsuky APT organization's targeted attacks on South Korean defense and security related departments.pdf
|
|
|
|
|
2021-06-23 - PYSA Loves ChaChi- a New GoLang RAT.pdf
|
|
|
|
|
2021-06-23 - Ransomware- Growing Number of Attackers Using Virtual Machines.pdf
|
|
|
|
|
2021-06-23 - Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy.pdf
|
|
|
|
|
2021-06-24 - Binance Helps Take Down Cybercriminal Ring Laundering $500M in Ransomware Attacks.pdf
|
|
|
|
|
2021-06-24 - Crackonosh- A New Malware Distributed in Cracked Software.pdf
|
|
|
|
|
2021-06-24 - Demystifying the full attack chain of MineBridge RAT.pdf
|
|
|
|
|
2021-06-24 - Evasive Maneuvers - Massive IcedID Campaign Aims For Stealth with Benign Macros.pdf
|
|
|
|
|
2021-06-24 - High-Level Member of Hacking Group Sentenced to Prison for Scheme that Compromised Tens of Millions of Debit and Credit Cards.pdf
|
|
|
|
|
2021-06-24 - JSSLoader- Recoded and Reloaded.pdf
|
|
|
|
|
2021-06-24 - Lu0bot – An unknown NodeJS malware using UDP.pdf
|
|
|
|
|
2021-06-24 - Malicious spam campaigns delivering banking Trojans.pdf
|
|
|
|
|
2021-06-24 - The Ghosts of Mirai.pdf
|
|
|
|
|
2021-06-24 - Threat Thursday- Agent Tesla Infostealer.pdf
|
|
|
|
|
2021-06-24 - Yet Another Archive Format Smuggling Malware.pdf
|
|
|
|
|
2021-06-25 - Investigating and Mitigating Malicious Drivers.pdf
|
|
|
|
|
2021-06-25 - Lorenz ransomware- analysis and a free decryptor.pdf
|
|
|
|
|
2021-06-25 - Microsoft signed a malicious Netfilter rootkit.pdf
|
|
|
|
|
2021-06-25 - New Nobelium activity.pdf
|
|
|
|
|
2021-06-26 - MODeflattener - Miasm's OLLVM Deflattener.pdf
|
|
|
|
|
2021-06-27 - Spear Phishing Campaign with New Techniques Aimed at Aviation Companies.pdf
|
|
|
|
|
2021-06-28 - Analysis of the new P2P botnet PBot.pdf
|
|
|
|
|
2021-06-28 - Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users.pdf
|
|
|
|
|
2021-06-28 - Hancitor Continues to Push Cobalt Strike.pdf
|
|
|
|
|
2021-06-28 - Lil' skimmer, the Magecart impersonator - Malwarebytes Labs.pdf
|
|
|
|
|
2021-06-28 - Nefilim Ransomware Attack Through a MITRE Att&ck Lens.pdf
|
|
|
|
|
2021-06-28 - New Ransomware Variant Uses Golang Packer.pdf
|
|
|
|
|
2021-06-28 - Snake Keylogger’s Many Skins- Analysing Code Reuse Among Infostealers.pdf
|
|
|
|
|
2021-06-29 - Cobalt Strike- Favorite Tool from APT to Crimeware.pdf
|
|
|
|
|
2021-06-29 - Combating E-Commerce Scams and Account Takeover Attacks.pdf
|
|
|
|
|
2021-06-29 - Danmarks National Bank hacked as part of 'the world's most sophisticated hacker attack' (NOBELIUM).pdf
|
|
|
|
|
2021-06-29 - HADES ransomware operators continue attacks.pdf
|
|
|
|
|
2021-06-29 - Not Laughing- Malicious Office Documents using LoLBins.pdf
|
|
|
|
|
2021-06-29 - The -WayBack” Campaign- a Large Scale Operation Hiding in Plain Sight.pdf
|
|
|
|
|
2021-06-30 - Automation in Reverse Engineering- String Decryption.pdf
|
|
|
|
|
2021-06-30 - Leaked Babuk Locker ransomware builder used in new attacks.pdf
|
|
|
|
|
2021-06-30 - MTR in Real Time- Hand-to-hand combat with REvil ransomware chasing a $2.5 million pay day.pdf
|
|
|
|
|
2021-06-30 - Ransomware-&-CVE- Industry Insights Into Exclusive High-Value Target Adversarial Datasets.pdf
|
|
|
|
|
2021-06-30 - REvil Twins Deep Dive into Prolific RaaS Affiliates' TTPs.pdf
|
|
|
|
|
2021-06-30 - Shelob Moonlight – Spinning a Larger Web From IcedID to CONTI, a Trojan and Ransomware collaboration.pdf
|
|
|
|
|
2021-06-30 - SMB Worm “Indexsinas” Uses Lateral Movement to Infect Whole Networks.pdf
|
|
|
|
|
2021-06-30 - What to expect when you’ve been hit with REvil ransomware.pdf
|
|
|
|
|
2021-07-01 - Android trojans steal Facebook users’ logins and passwords.pdf
|
|
|
|
|
2021-07-01 - Babuk ransomware is back, uses new version on corporate networks.pdf
|
|
|
|
|
2021-07-01 - Backdoored Client from Mongolian CA MonPass.pdf
|
|
|
|
|
2021-07-01 - Diavol - A New Ransomware Used By Wizard Spider-.pdf
|
|
|
|
|
2021-07-01 - IndigoZebra APT continues to attack Central Asia with evolving tools.pdf
|
|
|
|
|
2021-07-01 - Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices.pdf
|
|
|
|
|
2021-07-01 - Malware Masquerades as Privacy Tool.pdf
|
|
|
|
|
2021-07-01 - Mirai_ptea Botnet is Exploiting Undisclosed KGUARD DVR Vulnerability.pdf
|
|
|
|
|
2021-07-01 - Mongolian certificate authority hacked eight times, compromised with malware.pdf
|
|
|
|
|
2021-07-01 - PurpleFox Using WPAD to Target Indonesian Users.pdf
|
|
|
|
|
2021-07-01 - REvil’s new Linux version.pdf
|
|
|
|
|
2021-07-01 - Suspected HADES organization launched an attack on Ukraine with military themes.pdf
|
|
|
|
|
2021-07-01 - The Most Prolific Ransomware Families- A Defenders Guide.pdf
|
|
|
|
|
2021-07-01 - TrickBot and Zeus.pdf
|
|
|
|
|
2021-07-01 - WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents.pdf
|
|
|
|
|
2021-07-02 - Crticial Ransomware Incident in Progress.pdf
|
|
|
|
|
2021-07-02 - Dissemination of malicious word documents for 'Korean Political Science and Diplomacy' and 'Biography of Policy Advisor' (kimsuky).pdf
|
|
|
|
|
2021-07-02 - Geopolitical nation-state threat actor overview June 2021.pdf
|
|
|
|
|
2021-07-02 - New Ransomware “Diavol” Being Dropped by Trickbot.pdf
|
|
|
|
|
2021-07-02 - Ransomware attack.pdf
|
|
|
|
|
2021-07-02 - REvil configuration dump used in Kaseya attack.pdf
|
|
|
|
|
2021-07-02 - REvil ransomware hits 1,000+ companies in MSP supply-chain attack.pdf
|
|
|
|
|
2021-07-02 - REvil ransomware hits over 1,000 companies in MSP supply-chain attack.pdf
|
|
|
|
|
2021-07-02 - Rewterz Threat Intel – IndigoZebra APT Group Targeting Central Asia – Active IOCs.pdf
|
|
|
|
|
2021-07-02 - Skip the Middleman- Dridex Document to Cobalt Strike.pdf
|
|
|
|
|
2021-07-02 - The Brothers Grim - The reversing tale of GrimAgent malware used by Ryuk.pdf
|
|
|
|
|
2021-07-02 - Transparent Tribe APT Infrastructure Mapping Part 2- A Deeper Dive into the Identification of CrimsonRAT Infrastructure.pdf
|
|
|
|
|
2021-07-02 - TrickBot- New attacks see the botnet deploy new banking module, new ransomware.pdf
|
|
|
|
|
2021-07-03 - [RE023] Quick analysis and removal tool of a series of new malware variant of Panda group that has recently targeted to Vietnam VGCA.pdf
|
|
|
|
|
2021-07-03 - Kaseya Ransomware Supply Chain Attack- What You Need To Know.pdf
|
|
|
|
|
2021-07-03 - Kaseya VSA Detection Tool.pdf
|
|
|
|
|
2021-07-03 - Threat Brief Kaseya VSA Ransomware Attack.pdf
|
|
|
|
|
2021-07-03 - Uncensored Interview with REvil - Sodinokibi Ransomware Operators.pdf
|
|
|
|
|
2021-07-03 - Updates Regarding VSA Security Incident.pdf
|
|
|
|
|
2021-07-03 - US chemical distributor shares info on DarkSide ransomware data theft.pdf
|
|
|
|
|
2021-07-04 - Babuk Ransomware- The Builder.pdf
|
|
|
|
|
2021-07-04 - CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack.pdf
|
|
|
|
|
2021-07-04 - Independence Day- REvil uses supply chain exploit to attack hundreds of businesses.pdf
|
|
|
|
|
2021-07-04 - Kaseya supply chain attack targeting MSPs to deliver REvil ransomware.pdf
|
|
|
|
|
2021-07-05 - Analysis of -Bitter Elephant- organization's attack activities against my country in the first half of the year.pdf
|
|
|
|
|
2021-07-05 - Kaseya supply chain attack delivers mass ransomware.pdf
|
|
|
|
|
2021-07-05 - Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt.pdf
|
|
|
|
|
2021-07-05 - Quick review of Babuk ransomware builder.pdf
|
|
|
|
|
2021-07-05 - Real-Time Prevention of the Kaseya VSA Supply Chain REvil Ransomware Attack.pdf
|
|
|
|
|
2021-07-05 - REvil Linux Configuration Extractor.pdf
|
|
|
|
|
2021-07-05 - REvil ransomware attack against MSPs and its clients around the world.pdf
|
|
|
|
|
2021-07-05 - Tracking Cobalt Strike- A Trend Micro Vision One Investigation.pdf
|
|
|
|
|
2021-07-06 - AvosLocker Ransomware.pdf
|
|
|
|
|
2021-07-06 - Cybereason vs. REvil Ransomware- The Kaseya Chronicles.pdf
|
|
|
|
|
2021-07-06 - How the Kaseya VSA Zero Day Exploit Worked.pdf
|
|
|
|
|
2021-07-06 - Is Diavol Ransomware Connected to Wizard Spider-.pdf
|
|
|
|
|
2021-07-06 - Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload.pdf
|
|
|
|
|
2021-07-06 - Lazarus campaign TTPs and evolution.pdf
|
|
|
|
|
2021-07-06 - Mars-Deimos- SolarMarker-Jupyter Infostealer (Part 1).pdf
|
|
|
|
|
2021-07-06 - Moroccan hacker Dr HeX arrested for phishing attacks, malware distribution.pdf
|
|
|
|
|
2021-07-06 - New TA402-MOLERATS Malware – Decrypting .NET Reactor Strings.pdf
|
|
|
|
|
2021-07-06 - Operation Lyrebird- Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide.pdf
|
|
|
|
|
2021-07-06 - REvil Ransomware Threat Research Update and Detections.pdf
|
|
|
|
|
2021-07-06 - TA505 adds GoLang crypter for delivering miners and ServHelper.pdf
|
|
|
|
|
2021-07-06 - The Evolution of PINCHY SPIDER from GandCrab to REvil.pdf
|
|
|
|
|
2021-07-06 - Understanding REvil- The Ransomware Gang Behind the Kaseya Attack.pdf
|
|
|
|
|
2021-07-06 - Understanding Russia’s Cyber Strategy.pdf
|
|
|
|
|
2021-07-07 - Bandidos at large- A spying campaign in Latin America.pdf
|
|
|
|
|
2021-07-07 - BIOPASS RAT- New Malware Sniffs Victims via Live Streaming.pdf
|
|
|
|
|
2021-07-07 - Crackonosh - The Hidden Crypto Mining Malware.pdf
|
|
|
|
|
2021-07-07 - Deep analysis of KPOT Stealer.pdf
|
|
|
|
|
2021-07-07 - Diving Deeper Into the Kaseya VSA Attack- REvil Returns and Other Hackers Are Riding Their Coattails.pdf
|
|
|
|
|
2021-07-07 - Elastic Security prevents 100 percent of REvil ransomware samples.pdf
|
|
|
|
|
2021-07-07 - Elastic Security prevents 100% of REvil ransomware samples.pdf
|
|
|
|
|
2021-07-07 - Global Phishing Campaign Targets Energy Sector and its Suppliers.pdf
|
|
|
|
|
2021-07-07 - How CrowdStrike Falcon Stops REvil Ransomware Used in the Kaseya Attack.pdf
|
|
|
|
|
2021-07-07 - InSideCopy- How this APT continues to evolve its arsenal (IOCs).pdf
|
|
|
|
|
2021-07-07 - InSideCopy- How this APT continues to evolve its arsenal (Network IOCs).pdf
|
|
|
|
|
2021-07-07 - InSideCopy- How this APT continues to evolve its arsenal.pdf
|
|
|
|
|
2021-07-07 - Israeli Government Seizes Cryptocurrency Addresses Associated with Hamas Donation Campaigns.pdf
|
|
|
|
|
2021-07-07 - Magecart Swiper Uses Unorthodox Concatenation.pdf
|
|
|
|
|
2021-07-07 - Netskope Threat Coverage- REvil.pdf
|
|
|
|
|
2021-07-07 - WildPressure targets the macOS platform.pdf
|
|
|
|
|
2021-07-08 - Amadey stealer plugin adds Mikrotik and Outlook harvesting.pdf
|
|
|
|
|
2021-07-08 - Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea.pdf
|
|
|
|
|
2021-07-08 - Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan Using Winnti and Other Tooling.pdf
|
|
|
|
|
2021-07-08 - Conti Unpacked- Understanding Ransomware Development as a Response to Detection - A Detailed Technical Analysis.pdf
|
|
|
|
|
2021-07-08 - Decoding Cobalt Strike- Understanding Payloads.pdf
|
|
|
|
|
2021-07-08 - Enriching Threat Intelligence for the Carbine Loader Crypto-jacking Campaign.pdf
|
|
|
|
|
2021-07-08 - Hancitor Making Use of Cookies to Prevent URL Scraping.pdf
|
|
|
|
|
2021-07-08 - Inside the FBI, Russia, and Ukraine’s failed cybercrime investigation.pdf
|
|
|
|
|
2021-07-08 - Malware Analysis Report (AR21-189A)- DarkSide Ransomware.pdf
|
|
|
|
|
2021-07-08 - Morgan Stanley reports data breach after vendor Accellion hack.pdf
|
|
|
|
|
2021-07-08 - Observations and Recommendations from the Ongoing REvil-Kaseya Incident.pdf
|
|
|
|
|
2021-07-08 - Ransomware Gangs are Starting to Look Like Ocean’s 11.pdf
|
|
|
|
|
2021-07-08 - Threat Thursday- Redline Infostealer.pdf
|
|
|
|
|
2021-07-08 - Zloader With a New Infection Technique.pdf
|
|
|
|
|
2021-07-09 - Dark Web User Known As “The Bull” Charged In Insider Trading Scheme.pdf
|
|
|
|
|
2021-07-09 - Hancitor tries XLL as initial malware file.pdf
|
|
|
|
|
2021-07-09 - REvil-ution – A Persistent Ransomware Operation.pdf
|
|
|
|
|
2021-07-09 - Serv-U Remote Memory Escape Vulnerability CVE-2021-35211 (exploited in the wild).pdf
|
|
|
|
|
2021-07-09 - Watering hole threat analysis in the public sector of Kazakhstan.pdf
|
|
|
|
|
2021-07-12 - Attack Exploiting XSS Vulnerability in E-commerce Websites.pdf
|
|
|
|
|
2021-07-12 - Operation SpoofedScholars- A Conversation with TA453.pdf
|
|
|
|
|
2021-07-12 - Over 780,000 email accounts compromised by Emotet have been secured.pdf
|
|
|
|
|
2021-07-12 - PJobRAT.pdf
|
|
|
|
|
2021-07-12 - RoboSki and Global Recovery- Automation to Combat Evolving Obfuscation.pdf
|
|
|
|
|
2021-07-12 - SolarWinds patches critical Serv-U vulnerability (CVE-2021-35211) exploited in the wild.pdf
|
|
|
|
|
2021-07-13 - Guess Fashion Brand Deals With Data Loss After Ransomware Attack.pdf
|
|
|
|
|
2021-07-13 - Joker Is Still No Laughing Matter.pdf
|
|
|
|
|
2021-07-13 - Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit.pdf
|
|
|
|
|
2021-07-13 - Prometheus Ransomware Decryptor.pdf
|
|
|
|
|
2021-07-13 - Ransomware Giant REvil’s Sites Disappear.pdf
|
|
|
|
|
2021-07-13 - Resources for Investigating Cloud and Container Penetration Testing Tools.pdf
|
|
|
|
|
2021-07-13 - REvil ransomware gang's web sites mysteriously shut down.pdf
|
|
|
|
|
2021-07-14 - BazarBackdoor sneaks in through nested RAR and ZIP archives.pdf
|
|
|
|
|
2021-07-14 - How cybercriminals create turbulence for the transportation industry.pdf
|
|
|
|
|
2021-07-14 - How We Protect Users From 0-Day Attacks (CVE-2021-21166, CVE-2021-30551, CVE-2021-33742, CVE-2021-1879).pdf
|
|
|
|
|
2021-07-14 - How We Tracked a Threat Group Running an Active Cryptojacking Campaign.pdf
|
|
|
|
|
2021-07-14 - Investigating a Suspicious Service.pdf
|
|
|
|
|
2021-07-14 - LOCKDATA Auction – Another leak marketplace showing the recent shift of ransomware operators.pdf
|
|
|
|
|
2021-07-14 - LuminousMoth APT- Sweeping attacks for the chosen few.pdf
|
|
|
|
|
2021-07-14 - Microsoft delivers comprehensive solution to battle rise in consent phishing emails.pdf
|
|
|
|
|
2021-07-14 - Old trees and new flowers- Analysis of the new version of KGH spy components used by Kimsuky.pdf
|
|
|
|
|
2021-07-14 - REvil Vanishes From Underground - Infrastructure Down.pdf
|
|
|
|
|
2021-07-14 - Spain arrests 16 for working with the Mekotio and Grandoreiro malware gangs.pdf
|
|
|
|
|
2021-07-14 - Targeted Phishing Attack against Ukrainian Government Expands to Georgia.pdf
|
|
|
|
|
2021-07-14 - The Civil Guard dismantles an important network dedicated to committing scams through the Internet.pdf
|
|
|
|
|
2021-07-14 - Threat of the Month- IcedID Malware.pdf
|
|
|
|
|
2021-07-14 - Triage analysis of Serv-U FTP user backdoor deployed by CVE-2021-35211 (DEV-0322).pdf
|
|
|
|
|
2021-07-14 - XLS Entanglement.pdf
|
|
|
|
|
2021-07-15 - Adjusting the Anchor.pdf
|
|
|
|
|
2021-07-15 - American Rescue Plan Act Lures in the Wild.pdf
|
|
|
|
|
2021-07-15 - APT attack (by Kimsuky) attempt on a specific person using a word document.pdf
|
|
|
|
|
2021-07-15 - cybereason vs. prometheus ransomware.pdf
|
|
|
|
|
2021-07-15 - Data Exfiltrator - A New Tactic for Ransomware Adversaries.pdf
|
|
|
|
|
2021-07-15 - Fighting cyberweapons built by private businesses.pdf
|
|
|
|
|
2021-07-15 - Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus.pdf
|
|
|
|
|
2021-07-15 - Linux version of HelloKitty ransomware targets VMware ESXi servers.pdf
|
|
|
|
|
2021-07-15 - Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, -MagicSocks- Tools.pdf
|
|
|
|
|
2021-07-15 - Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware.pdf
|
|
|
|
|
2021-07-15 - Taking Action Against Hackers in Iran.pdf
|
|
|
|
|
2021-07-15 - Vidar Stealer C&C Server List.pdf
|
|
|
|
|
2021-07-15 - Visual investigations - Speed up your IR, Forensic Analysis and Hunting.pdf
|
|
|
|
|
2021-07-15 - What is Cyber Threat Intelligence-.pdf
|
|
|
|
|
2021-07-16 - APT-C-61 attacks against South Asia.pdf
|
|
|
|
|
2021-07-16 - Attacks Are Tailored to You—Your Intelligence Should Be, Too..pdf
|
|
|
|
|
2021-07-16 - Mars-Deimos- From Jupiter to Mars and Back again (Part Two).pdf
|
|
|
|
|
2021-07-16 - Vidar and GandCrab- stealer and ransomware combo observed in the wild.pdf
|
|
|
|
|
2021-07-17 - Candiru's Spyware- How It Works And Attacking Journalists, Activists And Many More.pdf
|
|
|
|
|
2021-07-17 - Ecuador's state-run CNT telco hit by RansomEXX ransomware.pdf
|
|
|
|
|
2021-07-17 - HelloKitty Linux version malware analysis.pdf
|
|
|
|
|
2021-07-17 - HelloKitty ransomware is targeting vulnerable SonicWall devices.pdf
|
|
|
|
|
2021-07-17 - Meet WiFiDemon – iOS WiFi RCE 0-Day Vulnerability, and a Zero-Click Vulnerability That Was Silently Patched.pdf
|
|
|
|
|
2021-07-18 - About The Pegasus Project.pdf
|
|
|
|
|
2021-07-18 - Digital Forensics Show S.A.R. Geelani’s Phone Was Hacked, Likely With Zero-Click Exploit.pdf
|
|
|
|
|
2021-07-18 - Forensic Methodology Report- How to catch NSO Group’s Pegasus.pdf
|
|
|
|
|
2021-07-18 - Forensic Methodology Report- Pegasus Forensic Traces per Target.pdf
|
|
|
|
|
2021-07-18 - From Rabat to Paris, Morocco does not let go of journalists.pdf
|
|
|
|
|
2021-07-18 - Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware.pdf
|
|
|
|
|
2021-07-18 - Massive data leak reveals Israeli NSO Group's spyware used to target activists, journalists, and political leaders globally.pdf
|
|
|
|
|
2021-07-18 - Mobile Verification Toolkit.pdf
|
|
|
|
|
2021-07-18 - NSO Group Pegasus Indicator of Compromise.pdf
|
|
|
|
|
2021-07-18 - Pegasus Project- How Phones of Journalists, Ministers, Activists May Have Been Used to Spy On Them.pdf
|
|
|
|
|
2021-07-18 - Pegasus- The new global weapon for silencing journalists.pdf
|
|
|
|
|
2021-07-18 - Revealed- leak uncovers global abuse of cyber-surveillance weapon.pdf
|
|
|
|
|
2021-07-18 - Revealed- murdered journalist’s number selected by Mexican NSO client.pdf
|
|
|
|
|
2021-07-18 - Saudis behind NSO spyware attack on Jamal Khashoggi’s family, leak suggests.pdf
|
|
|
|
|
2021-07-18 - Snoop List Has 40 Indian Journalists, Forensic Tests Confirm Presence of Pegasus Spyware on Some.pdf
|
|
|
|
|
2021-07-18 - The Guardian's covereage on Pegasus Project.pdf
|
|
|
|
|
2021-07-18 - The Pegasus Project- A Worldwide Collaboration to Counter a Global Crime.pdf
|
|
|
|
|
2021-07-18 - The WIre's covereage on Pegasus Project.pdf
|
|
|
|
|
2021-07-18 - Viktor Orbán using NSO spyware in assault on media, data suggests.pdf
|
|
|
|
|
2021-07-19 - Alert (AA21-200B)- Chinese State-Sponsored Cyber Operations- Observed TTPs.pdf
|
|
|
|
|
2021-07-19 - Amazon Shuts Down NSO Group Infrastructure.pdf
|
|
|
|
|
2021-07-19 - Australia joins international partners in attribution of malicious cyber activity to China.pdf
|
|
|
|
|
2021-07-19 - Cases of cyberattacks including those by a group known as APT40 which the Chinese government is behind (Statement by Press Secretary YOSHIDA Tomoyuki).pdf
|
|
|
|
|
2021-07-19 - China- Declaration by the High Representative on behalf of the European Union urging Chinese authorities to take action against malicious cyber activities undertaken from its territory.pdf
|
|
|
|
|
2021-07-19 - Evade Sandboxes With a Single Bit – the Trap Flag.pdf
|
|
|
|
|
2021-07-19 - FickerStealer- A New Rust Player in the Market.pdf
|
|
|
|
|
2021-07-19 - Fighting an emerging cybercrime trend.pdf
|
|
|
|
|
2021-07-19 - Fresh Malware Hunts for Crypto Wallet and Credentials.pdf
|
|
|
|
|
2021-07-19 - IcedID and Cobalt Strike vs Antivirus.pdf
|
|
|
|
|
2021-07-19 - iPhones running latest iOS hacked to deploy NSO Group spyware.pdf
|
|
|
|
|
2021-07-19 - New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware.pdf
|
|
|
|
|
2021-07-19 - Remcos RAT delivered via Visual Basic.pdf
|
|
|
|
|
2021-07-19 - REvil Revealed - Tracking a Ransomware Negotiation and Payment.pdf
|
|
|
|
|
2021-07-19 - Shlayer Malvertising Campaigns Still Using Flash Update Disguise.pdf
|
|
|
|
|
2021-07-19 - Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader.pdf
|
|
|
|
|
2021-07-19 - Statement on China’s cyber campaigns.pdf
|
|
|
|
|
2021-07-19 - The United States, Joined by Allies and Partners, Attributes Malicious Cyber Activity and Irresponsible State Behavior to the People’s Republic of China.pdf
|
|
|
|
|
2021-07-19 - UK and allies hold Chinese state responsible for a pervasive pattern of hacking.pdf
|
|
|
|
|
2021-07-19 - UK and allies hold Chinese state responsible for pervasive pattern of hacking.pdf
|
|
|
|
|
2021-07-20 - Alert (AA21-201A)- Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013.pdf
|
|
|
|
|
2021-07-20 - Data exfiltration in Latin America.pdf
|
|
|
|
|
2021-07-20 - Government points finger at China over cyber attacks.pdf
|
|
|
|
|
2021-07-20 - Hancitor’s Multi-Step Delivery Process.pdf
|
|
|
|
|
2021-07-20 - Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran.pdf
|
|
|
|
|
2021-07-20 - Researchers- NSO Group’s Pegasus Spyware Should Spark Bans, Apple Accountability.pdf
|
|
|
|
|
2021-07-20 - Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident.pdf
|
|
|
|
|
2021-07-20 - Some URL shortener services distribute Android malware, including banking or SMS trojans.pdf
|
|
|
|
|
2021-07-20 - The growing threat of ransomware.pdf
|
|
|
|
|
2021-07-21 - -Le- is not tired of this, IE is really naughty.pdf
|
|
|
|
|
2021-07-21 - Analysis of malware (wiper) with Japanese file names related to the Tokyo Olympics.pdf
|
|
|
|
|
2021-07-21 - Detecting Trickbot with Splunk.pdf
|
|
|
|
|
2021-07-21 - Estonian Citizen Pleads Guilty to Computer Fraud and Abuse (Pavel Tsurkan).pdf
|
|
|
|
|
2021-07-21 - FormBook Malware Returns- New Variant Uses Steganography and In-Memory Loading of multiple stages to steal data.pdf
|
|
|
|
|
2021-07-21 - Groundhog day- NPM package caught stealing browser passwords.pdf
|
|
|
|
|
2021-07-21 - INDICATEURS DE COMPROMISSION DU CERT-FR.pdf
|
|
|
|
|
2021-07-21 - LuminousMoth – PlugX, File Exfiltration and Persistence Revisited.pdf
|
|
|
|
|
2021-07-21 - Malware Targeting Pulse Secure Devices.pdf
|
|
|
|
|
2021-07-21 - Notorious Cybercrime Gang, FIN7, Lands Malware in Law Firm Using Fake Legal Complaint Against Jack Daniels’ Owner, Brown-Forman Inc..pdf
|
|
|
|
|
2021-07-21 - StrongPity APT Group Deploys Android Malware for the First Time.pdf
|
|
|
|
|
2021-07-21 - The Coper―a new Android banking trojan targeting Colombian users.pdf
|
|
|
|
|
2021-07-21 - The life and death of the ZeuS Trojan.pdf
|
|
|
|
|
2021-07-21 - This Chat is Being Recorded- Egregor Ransomware Negotiations Uncovered.pdf
|
|
|
|
|
2021-07-21 - Top prevalent malware with a thousand campaigns migrates to macOS.pdf
|
|
|
|
|
2021-07-22 - Analysis of -[Urgent] Damage report regarding the occurrence of cyber attacks, etc. associated with the Tokyo Olympics.exe-.pdf
|
|
|
|
|
2021-07-22 - Behavorial xbits with Suricata.pdf
|
|
|
|
|
2021-07-22 - Cyber attack with PHOBOS ransomware application.pdf
|
|
|
|
|
2021-07-22 - DoNot APT Group Delivers A Spyware Variant Of Chat App.pdf
|
|
|
|
|
2021-07-22 - Incident report- Spotting SocGholish WordPress injection.pdf
|
|
|
|
|
2021-07-22 - Kaseya obtains universal decryptor for REvil ransomware victims.pdf
|
|
|
|
|
2021-07-22 - Malware increasingly targets Discord for abuse.pdf
|
|
|
|
|
2021-07-22 - Quick analysis of Haron Ransomware (feat. Avaddon and Thanos).pdf
|
|
|
|
|
2021-07-22 - Ransomware gang breached CNA’s network via fake browser update.pdf
|
|
|
|
|
2021-07-22 - Taurus Loader- User-Guided Infection.pdf
|
|
|
|
|
2021-07-22 - The Fraud Family Fraud-as-a-Service operation targeting Dutch residents.pdf
|
|
|
|
|
2021-07-22 - Updated XCSSET Malware Targets Telegram, Other Apps.pdf
|
|
|
|
|
2021-07-22 - W4 July - EN - Story of the week- Ransomware on the Darkweb.pdf
|
|
|
|
|
2021-07-22 - When coin miners evolve, Part 1- Exposing LemonDuck and LemonCat, modern mining malware infrastructure.pdf
|
|
|
|
|
2021-07-23 - AvosLocker enters the ransomware scene, asks for partners.pdf
|
|
|
|
|
2021-07-24 - Agent.Tesla Dropped via a .daa Image and Talking to Telegram.pdf
|
|
|
|
|
2021-07-24 - Quack Quack- Analysing Qakbot’s Browser Hooking Module – Part 1.pdf
|
|
|
|
|
2021-07-25 - Ghidra script to decrypt a string array in XOR DDoS.pdf
|
|
|
|
|
2021-07-25 - Scanning your iPhone for Pegasus, NSO Group's malware.pdf
|
|
|
|
|
2021-07-26 - Detecting XLoader - A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger.pdf
|
|
|
|
|
2021-07-26 - OSX.XLoader hides little except its main purpose- What we learned in the installation process.pdf
|
|
|
|
|
2021-07-26 - Portable Executable Injection Study.pdf
|
|
|
|
|
2021-07-26 - WhiteBlackGroup Ransomware (.encrpt3d).pdf
|
|
|
|
|
2021-07-26 - Wiper Malware Riding the 2021 Tokyo Olympic Games.pdf
|
|
|
|
|
2021-07-27 - BlackMatter Ransomware Emerges As Successor to DarkSide, REvil.pdf
|
|
|
|
|
2021-07-27 - Chatter Indicates BlackMatter as REvil Successor.pdf
|
|
|
|
|
2021-07-27 - Collecting and operationalizing threat data from the Mozi botnet.pdf
|
|
|
|
|
2021-07-27 - Deep dive into a FIN8 attack – A forensic investigation.pdf
|
|
|
|
|
2021-07-27 - Diamondfox Technical Analysis Report.PDF
|
|
|
|
|
2021-07-27 - Ghosts on the Wire- Expanding Conceptions of Network Anomalies.pdf
|
|
|
|
|
2021-07-27 - Iran's Secret Cyber Files.pdf
|
|
|
|
|
2021-07-27 - LockBit ransomware now encrypts Windows domains using group policies.pdf
|
|
|
|
|
2021-07-27 - Oscorp evolves into UBEL- an advanced Android malware spreading across the globe.pdf
|
|
|
|
|
2021-07-27 - Oski Stealer Technical Analysis Report.pdf
|
|
|
|
|
2021-07-27 - Summary of Kimsuky's secret stealing activities in the first half of 2021.pdf
|
|
|
|
|
2021-07-27 - THOR- Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group.pdf
|
|
|
|
|
2021-07-27 - Threat Actors Exploit Misconfigured Apache Hadoop YARN.pdf
|
|
|
|
|
2021-07-27 - Time-proven tricks in a new environment- the macOS evolution of Formbook.pdf
|
|
|
|
|
2021-07-27 - UC San Diego Health discloses data breach after phishing attack.pdf
|
|
|
|
|
2021-07-28 - BlackMatter & Haron- Evil Ransomware Newborns or Rebirths.pdf
|
|
|
|
|
2021-07-28 - Cert Safari- Leveraging TLS Certificates to Hunt Evil.pdf
|
|
|
|
|
2021-07-28 - Crimea “manifesto” deploys VBA Rat using double attack vectors.pdf
|
|
|
|
|
2021-07-28 - DoppelPaymer Continues to Cause Grief Through Rebranding.pdf
|
|
|
|
|
2021-07-28 - Finding AnchorDNS C2s With Iris Investigate.pdf
|
|
|
|
|
2021-07-28 - I Knew You Were Trouble- TA456 Targets Defense Contractor with Alluring Social Media Persona.pdf
|
|
|
|
|
2021-07-28 - New Russian-Speaking Forum – A New Place for RaaS-.pdf
|
|
|
|
|
2021-07-28 - REvil- Analysis of Competing Hypotheses.pdf
|
|
|
|
|
2021-07-28 - Stylish Magento Card Stealer loads Without Script Tags.pdf
|
|
|
|
|
2021-07-28 - Telegram Zeek, you’re my main notice.pdf
|
|
|
|
|
2021-07-28 - Top Routinely Exploited Vulnerabilities.pdf
|
|
|
|
|
2021-07-28 - Vultur, with a V for VNC.pdf
|
|
|
|
|
2021-07-29 - An (in)Competent Cyber Program – A brief cyber history of the 'CCP'.pdf
|
|
|
|
|
2021-07-29 - BazaCall- Phony call centers lead to exfiltration and ransomware.pdf
|
|
|
|
|
2021-07-29 - GhostEmperor- Chinese-speaking APT targets high-profile victims using unknown rootkit.pdf
|
|
|
|
|
2021-07-29 - Magnitude Exploit Kit- Still Alive and Kicking.pdf
|
|
|
|
|
2021-07-29 - MeteorExpress - Mysterious Wiper Paralyzes Iranian Trains with Epic Troll.pdf
|
|
|
|
|
2021-07-29 - NTLM Relaying via Cobalt Strike.pdf
|
|
|
|
|
2021-07-29 - Talos Spotlight- Solarmarker.pdf
|
|
|
|
|
2021-07-29 - Using the Silent Push app and API to find punycode domains.pdf
|
|
|
|
|
2021-07-29 - When coin miners evolve, Part 2- Hunting down LemonDuck and LemonCat attacks.pdf
|
|
|
|
|
2021-07-29 - “Netfilter Rootkit II ” Continues to Hold WHQL Signatures.pdf
|
|
|
|
|
2021-07-30 - Aberebot on the Rise- New Banking Trojan Targeting Users Through Phishing.pdf
|
|
|
|
|
2021-07-30 - Decrypting BazarLoader strings with a Unicorn.pdf
|
|
|
|
|
2021-07-30 - Detecting TA551 domains.pdf
|
|
|
|
|
2021-07-30 - DOJ- SolarWinds hackers breached emails from 27 US Attorneys’ offices.pdf
|
|
|
|
|
2021-07-30 - ISOMorph Infection- In-Depth Analysis of a New HTML Smuggling Campaign.pdf
|
|
|
|
|
2021-07-30 - Novel Meteor Wiper Used in Attack that Crippled Iranian Train System.pdf
|
|
|
|
|
2021-07-31 - BlackMatter ransomware gang rises from the ashes of DarkSide, REvil.pdf
|
|
|
|
|
2021-07-31 - DarkSide ransomware gang returns as new BlackMatter operation.pdf
|
|
|
|
|
2021-08-01 - BazarCall to Conti Ransomware via Trickbot and Cobalt Strike.pdf
|
|
|
|
|
2021-08-01 - BlackMatter Ransomware.pdf
|
|
|
|
|
2021-08-02 - A Deep-Dive Analysis Of A New Wiper Malware Disguised As Tokyo Olympics Document.pdf
|
|
|
|
|
2021-08-02 - All Access Pass- Five Trends with Initial Access Brokers.pdf
|
|
|
|
|
2021-08-02 - New sophisticated RAT in town- FatalRat analysis.pdf
|
|
|
|
|
2021-08-02 - Operation Hunting - The latest attack by the CNC (APT-C-48) has been revealed.pdf
|
|
|
|
|
2021-08-03 - A step-by-step analysis of the new malware used by APT28-Sofacy called SkinnyBoy.pdf
|
|
|
|
|
2021-08-03 - DeadRinger- Exposing Chinese Threat Actors Targeting Major Telcos.pdf
|
|
|
|
|
2021-08-03 - Python script for recovering the hashes hardcoded in different samples of the BlackMatter ransomware.pdf
|
|
|
|
|
2021-08-03 - Ransomware attack hits Italy's Lazio region, affects COVID-19 site.pdf
|
|
|
|
|
2021-08-03 - Squashing SPIDERS- Threat Intelligence, Threat Hunting and Rapid Response Stops SQL Injection Campaign.pdf
|
|
|
|
|
2021-08-03 - The Art of Cyberwarfare Chinese APTs attack Russia.pdf
|
|
|
|
|
2021-08-03 - The Pegasus Project.pdf
|
|
|
|
|
2021-08-03 - Trash Panda as a Service- Raccoon Stealer steals cookies, cryptocoins, and more.pdf
|
|
|
|
|
2021-08-04 - [QuickNote] MountLocker – Some pseudo-code snippets.pdf
|
|
|
|
|
2021-08-04 - A Deep-dive Analysis of VENOMOUS Ransomware.pdf
|
|
|
|
|
2021-08-04 - Cloudy with a Chance of APTNovel Microsoft 365 Attacks in the Wild.pdf
|
|
|
|
|
2021-08-04 - Detecting Cobalt Strike- Cybercrime Attacks (GOLD LAGOON).pdf
|
|
|
|
|
2021-08-04 - Energy group ERG reports minor disruptions after ransomware attack.pdf
|
|
|
|
|
2021-08-04 - Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations.pdf
|
|
|
|
|
2021-08-04 - ITG18- Operational Security Errors Continue to Plague Sizable Iranian Threat Group.pdf
|
|
|
|
|
2021-08-04 - LockBit ransomware recruiting insiders to breach corporate networks.pdf
|
|
|
|
|
2021-08-04 - Pegasus Spyware- How It Works and What It Collects.pdf
|
|
|
|
|
2021-08-04 - PROPHET SPIDER Exploits Oracle WebLogic to Facilitate Ransomware Activity.pdf
|
|
|
|
|
2021-08-04 - S-W Download Camouflage, Spreading Various Kinds of Malware.pdf
|
|
|
|
|
2021-08-04 - See Ya Sharp- A Loader’s Tale.pdf
|
|
|
|
|
2021-08-04 - Spotting brand impersonation with Swin transformers and Siamese neural networks.pdf
|
|
|
|
|
2021-08-04 - Supply Chain Attacks from a Managed Detection and Response Perspective.pdf
|
|
|
|
|
2021-08-04 - Understanding BlackMatter's API Hashing.pdf
|
|
|
|
|
2021-08-05 - Analysis of the BlackMatter ransomware.pdf
|
|
|
|
|
2021-08-05 - Angry Conti ransomware affiliate leaks gang's attack playbook.pdf
|
|
|
|
|
2021-08-05 - BlackMatter Under the Lens- An Emerging Ransomware Group Looking for Affiliates.pdf
|
|
|
|
|
2021-08-05 - Cryptominer ELFs Using MSR to Boost Mining Process.pdf
|
|
|
|
|
2021-08-05 - Detecting Cobalt Strike- Government-Sponsored Threat Groups (APT32).pdf
|
|
|
|
|
2021-08-05 - Linux version of BlackMatter ransomware targets VMware ESXi servers.pdf
|
|
|
|
|
2021-08-05 - Prometheus TDS The key to success for Campo Loader, Hancitor, IcedID, and QBot.pdf
|
|
|
|
|
2021-08-05 - Ransomware Gangs and the Name Game Distraction.pdf
|
|
|
|
|
2021-08-05 - The clandestine Horus Eyes RAT- From the underground to criminals’ arsenal.pdf
|
|
|
|
|
2021-08-05 - The Trystero Project.pdf
|
|
|
|
|
2021-08-05 - When Dridex and Cobalt Strike give you Grief.pdf
|
|
|
|
|
2021-08-06 - Anatomy of native IIS malware.pdf
|
|
|
|
|
2021-08-06 - Angry Affiliate Leaks Conti Ransomware Gang Playbook.pdf
|
|
|
|
|
2021-08-06 - Bold ad campaign.pdf
|
|
|
|
|
2021-08-06 - Conti ransomware affiliate goes rogue, leaks “gang data”.pdf
|
|
|
|
|
2021-08-06 - IIStealer- A server‑side threat to e‑commerce transactions.pdf
|
|
|
|
|
2021-08-06 - Inside DarkSide, the ransomware that attacked Colonial Pipeline.pdf
|
|
|
|
|
2021-08-06 - Redosdru.v Malware that hides in encrypted DLL Files to avoid Detection by Firewalls.pdf
|
|
|
|
|
2021-08-08 - Legal and cooperation frameworks between CSIRTs and law enforcement agencies.pdf
|
|
|
|
|
2021-08-09 - A BazarLoader DGA that Breaks Down in the Summer.pdf
|
|
|
|
|
2021-08-09 - APT Cobalt Strike Campaign targeting Slovakia (DEF CON talk).pdf
|
|
|
|
|
2021-08-09 - BlackMatter ransomware emerges from the shadow of DarkSide.pdf
|
|
|
|
|
2021-08-09 - Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising.pdf
|
|
|
|
|
2021-08-09 - CryptBot Infostealer Constantly Changing and Being Distributed.pdf
|
|
|
|
|
2021-08-09 - FlyTrap Android Malware Compromises Thousands of Facebook Accounts.pdf
|
|
|
|
|
2021-08-09 - IISpy- A complex server‑side backdoor with anti‑forensic features.pdf
|
|
|
|
|
2021-08-09 - Synology warns of malware infecting NAS devices with ransomware.pdf
|
|
|
|
|
2021-08-09 - Thwarting Jupyter Stealer.pdf
|
|
|
|
|
2021-08-10 - Chaos Ransomware- A Proof of Concept With Potentially Dangerous Applications.pdf
|
|
|
|
|
2021-08-10 - Crytek confirms Egregor ransomware attack, customer data theft.pdf
|
|
|
|
|
2021-08-10 - Fast Insights for a Microsoft-Signed Netfilter Rootkit.pdf
|
|
|
|
|
2021-08-10 - New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices.pdf
|
|
|
|
|
2021-08-10 - REvil Master Key for Kaseya Attack Posted to XSS.pdf
|
|
|
|
|
2021-08-10 - UNC215- Spotlight on a Chinese Espionage Campaign in Israel.pdf
|
|
|
|
|
2021-08-11 - Amid Boom in Phishing, Fraudsters Target Customers of Small and Mid-sized Banks.pdf
|
|
|
|
|
2021-08-11 - DirtyMoe- Rootkit Driver.pdf
|
|
|
|
|
2021-08-11 - IISerpent- Malware‑driven SEO fraud as a service.pdf
|
|
|
|
|
2021-08-11 - Kaseya's universal REvil decryption key leaked on a hacking forum.pdf
|
|
|
|
|
2021-08-11 - MoqHao Part 1.5- High-Level Trends of Recent Campaigns Targeting Japan.pdf
|
|
|
|
|
2021-08-11 - ReverseRat Reemerges With A (Night)Fury New Campaign And New Developments, Same Familiar Side-Actor.pdf
|
|
|
|
|
2021-08-11 - Secret -Backdoor- Behind Conti Ransomware Operation- Introducing Atera Agent.pdf
|
|
|
|
|
2021-08-11 - Teaching an Old Dog New Tricks- 2017 Magniber Ransomware Uses PrintNightmare Vulnerability to Infect Victims in South Korea.pdf
|
|
|
|
|
2021-08-11 - The Rising Threat from LockBit Ransomware.pdf
|
|
|
|
|
2021-08-12 - Gootloader’s “mothership” controls malicious content.pdf
|
|
|
|
|
2021-08-12 - Netskope Threat Coverage- LockBit.pdf
|
|
|
|
|
2021-08-12 - PrintNightmare vulnerability weaponized by Magniber ransomware gang.pdf
|
|
|
|
|
2021-08-12 - Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT.pdf
|
|
|
|
|
2021-08-12 - Threat Thursday- Ficker Infostealer Malware.pdf
|
|
|
|
|
2021-08-12 - Uncovering Tetris – a Full Surveillance Kit Running in your Browser.pdf
|
|
|
|
|
2021-08-12 - Vice Society Leverages PrintNightmare In Ransomware Attacks.pdf
|
|
|
|
|
2021-08-13 - The Ghostwriter Scenario (UNC1151).pdf
|
|
|
|
|
2021-08-13 - When Malware Changes Its Mind - A Study of Variable Program Behaviors.pdf
|
|
|
|
|
2021-08-14 - Indra — Hackers Behind Recent Attacks on Iran.pdf
|
|
|
|
|
2021-08-16 - A Deep-dive Analysis of LOCKBIT 2.0.pdf
|
|
|
|
|
2021-08-16 - LockBit Resurfaces With Version 2.0 Ransomware Detections in Chile, Italy, Taiwan, UK.pdf
|
|
|
|
|
2021-08-16 - Statically unpacking a simple .NET dropper.pdf
|
|
|
|
|
2021-08-17 - An insider insights into Conti operations – Part one.pdf
|
|
|
|
|
2021-08-17 - Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang.pdf
|
|
|
|
|
2021-08-17 - Cobalt Strike Hunting — DLL Hijacking-Attack Analysis.pdf
|
|
|
|
|
2021-08-17 - Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military.pdf
|
|
|
|
|
2021-08-17 - Hunting for Corporate Insurance Policies- Indicators of [Ransom] Exfiltration.pdf
|
|
|
|
|
2021-08-17 - LockBit Ransomware Analysis Notes.pdf
|
|
|
|
|
2021-08-17 - North Korean APT37 - InkySquid Infects Victims Using Browser Exploits.pdf
|
|
|
|
|
2021-08-17 - Resurgent FluBot malware targets German and Polish banks.pdf
|
|
|
|
|
2021-08-17 - Secrets behind the Lazarus’s VHD ransomware.pdf
|
|
|
|
|
2021-08-17 - Snakes on a Domain- An Analysis of a Python Malware Loader.pdf
|
|
|
|
|
2021-08-18 - China Propaganda Network Targets BBC Media, UK in Large-Scale Influence Campaign.pdf
|
|
|
|
|
2021-08-18 - Cobalt Strike- Detect this Persistent Threat.pdf
|
|
|
|
|
2021-08-18 - Diavol ransomware sample shows stronger connection to TrickBot gang.pdf
|
|
|
|
|
2021-08-18 - Infostealer Malware Azorult Being Distributed Through Spam Mails.pdf
|
|
|
|
|
2021-08-19 - An insider insights into Conti operations – Part two.pdf
|
|
|
|
|
2021-08-19 - BlackBerry Prevents- Threat Actor Group TA575 and Dridex Malware.pdf
|
|
|
|
|
2021-08-19 - How to proactively defend against Mozi IoT botnet.pdf
|
|
|
|
|
2021-08-19 - Malicious Campaign Targets Latin America- The seller, The operator and a curious link.pdf
|
|
|
|
|
2021-08-19 - Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit.pdf
|
|
|
|
|
2021-08-19 - Ragnar Locker – Malware analysis.pdf
|
|
|
|
|
2021-08-19 - ShadowPad - A Masterpiece of Privately Sold Malware in Chinese Espionage.pdf
|
|
|
|
|
2021-08-19 - ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems.pdf
|
|
|
|
|
2021-08-20 - An Overview of FinTech Threat Landscape.pdf
|
|
|
|
|
2021-08-20 - LockFile- Ransomware Uses PetitPotam Exploit to Compromise Windows Domain Controllers.pdf
|
|
|
|
|
2021-08-20 - New variant of Konni malware used in campaign targetting Russia.pdf
|
|
|
|
|
2021-08-20 - See REvil again-! See how hackers use the same encryption ransomware program REvil to annihilate the attack evidence.pdf
|
|
|
|
|
2021-08-22 - PEB- Where Magic Is Stored.pdf
|
|
|
|
|
2021-08-22 - The Bangladesh cyber bank robbery- Tracking down major criminals with malware analysis.pdf
|
|
|
|
|
2021-08-23 - Heres how to guard your enterprise against ShinyHunters.pdf
|
|
|
|
|
2021-08-23 - Hive Attacks - Analysis of the Human-Operated Ransomware Targeting Healthcare.pdf
|
|
|
|
|
2021-08-23 - Kimsuky Espionage Campaign.pdf
|
|
|
|
|
2021-08-23 - Netskope Threat Coverage- BlackMatter.pdf
|
|
|
|
|
2021-08-23 - Paradise Ransomware- The Builder.pdf
|
|
|
|
|
2021-08-23 - PRISM attacks fly under the radar.pdf
|
|
|
|
|
2021-08-23 - ProxyShell vulnerabilities in Microsoft Exchange- What to do.pdf
|
|
|
|
|
2021-08-24 - Earth Baku Returns.pdf
|
|
|
|
|
2021-08-24 - From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits.pdf
|
|
|
|
|
2021-08-24 - How Data Brokers Sell Access to the Backbone of the Internet.pdf
|
|
|
|
|
2021-08-24 - LockBit 2.0 Interview with Russian OSINT.pdf
|
|
|
|
|
2021-08-24 - North Korean BLUELIGHT Special- InkySquid Deploys RokRAT.pdf
|
|
|
|
|
2021-08-24 - Ransomware gang's script shows exactly the files they're after.pdf
|
|
|
|
|
2021-08-24 - Ransomware Groups to Watch- Emerging Threats.pdf
|
|
|
|
|
2021-08-24 - The SideWalk may be as dangerous as the CROSSWALK.pdf
|
|
|
|
|
2021-08-24 - Triada Trojan in WhatsApp MOD.pdf
|
|
|
|
|
2021-08-24 - A Deep-dive Analysis of KARMA Ransomware.pdf
|
|
|
|
|
2021-08-25 - FIN7 still active.pdf
|
|
|
|
|
2021-08-25 - GrowtopiaStealer.pdf
|
|
|
|
|
2021-08-25 - New Campaign Sees LokiBot Delivered Via Multiple Methods.pdf
|
|
|
|
|
2021-08-25 - Reverse Engineering Crypto Functions- RC4 and Salsa20.pdf
|
|
|
|
|
2021-08-25 - LockFile Ransomware- Exploiting Microsoft Exchange Vulnerabilities Using ProxyShell.pdf
|
|
|
|
|
2021-08-26 - Become A VIP Victim With New Discord Distributed Malware.pdf
|
|
|
|
|
2021-08-26 - China's Microsoft Hack May Have Had A Bigger Purpose Than Just Spying.pdf
|
|
|
|
|
2021-08-26 - From Russia With… LockBit Ransomware- Inside Look & Preventive Solutions.pdf
|
|
|
|
|
2021-08-26 - Hackers are trying to topple Belarus’s dictator, with help from the inside.pdf
|
|
|
|
|
2021-08-26 - NTLM Keeps Haunting Microsoft.pdf
|
|
|
|
|
2021-08-26 - Ragnarok ransomware releases master decryptor after shutdown.pdf
|
|
|
|
|
2021-08-26 - Spies for Hire- China’s New Breed of Hackers Blends Espionage and Entrepreneurship.pdf
|
|
|
|
|
2021-08-26 - Widespread credential phishing campaign abuses open redirector links.pdf
|
|
|
|
|
2021-08-27 - Anubis Android Malware Analysis.pdf
|
|
|
|
|
2021-08-27 - Cobalt Strike Configuration Extractor and Parser.pdf
|
|
|
|
|
2021-08-27 - Fraude personificando a marca Continente espalha-se através do WhatsApp- Não se deixe enganar!.pdf
|
|
|
|
|
2021-08-27 - LockFile ransomware’s box of tricks- intermittent encryption and evasion.pdf
|
|
|
|
|
2021-08-27 - Phorpiex botnet shuts down, source code goes up for sale.pdf
|
|
|
|
|
2021-08-27 - ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors.pdf
|
|
|
|
|
2021-08-27 - RealTek CVE-2021-35394 Exploited in the Wild.pdf
|
|
|
|
|
2021-08-28 - LockFile Ransomware Bypasses Protection Using Intermittent File Encryption.pdf
|
|
|
|
|
2021-08-29 - Cobalt Strike, a Defender’s Guide.pdf
|
|
|
|
|
2021-08-30 - CARBON SPIDER Embraces Big Game Hunting, Part 1.pdf
|
|
|
|
|
2021-08-30 - Hypervisor Jackpotting, Part 2- eCrime Actors Increase Targeting of ESXi Servers with Ransomware.pdf
|
|
|
|
|
2021-08-30 - LockFile ransomware uses intermittent encryption to evade detection.pdf
|
|
|
|
|
2021-08-30 - New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305).pdf
|
|
|
|
|
2021-08-30 - ProxyToken- An Authentication Bypass in Microsoft Exchange Server.pdf
|
|
|
|
|
2021-08-31 - Analysis of suspected Russian-speaking attackers using COVID-19 vaccine bait to attack the Middle East.pdf
|
|
|
|
|
2021-08-31 - Attracting flies with Honey(gain)- Adversarial abuse of proxyware.pdf
|
|
|
|
|
2021-08-31 - Bassterlord (FishEye) Networking Manual (X).pdf
|
|
|
|
|
2021-08-31 - BlackMatter - The New Star Of Ransomware.pdf
|
|
|
|
|
2021-08-31 - Cobalt Strike and Ransomware – Tracking An Effective Ransomware Campaign.pdf
|
|
|
|
|
2021-08-31 - Financial Institutions in the Sight of New JsOutProx Attack Waves.pdf
|
|
|
|
|
2021-08-31 - Phishing and Telegram- Solicitação de reembolso da Autoridade Tributária-.pdf
|
|
|
|
|
2021-08-31 - Phishing+Telegram- Solicitação de reembolso da Autoridade Tributária-.pdf
|
|
|
|
|
2021-08-31 - Sidoh- WIZARD SPIDER’s Mysterious Exfiltration Tool.pdf
|
|
|
|
|
2021-09-01 - Analysis of a Phishing Kit (that targets Chase Bank).pdf
|
|
|
|
|
2021-09-01 - APT-C-56 (Transparent Tribe) Latest Attack Analysis and Associated Suspected Gorgon Group Attack Analysis Alert.pdf
|
|
|
|
|
2021-09-01 - Confluence enterprise servers targeted with recent vulnerability.pdf
|
|
|
|
|
2021-09-01 - Diving Deep into UNC1151’s Infrastructure- Ghostwriter and beyond.pdf
|
|
|
|
|
2021-09-01 - Fake pirated software sites serve up malware droppers as a service.pdf
|
|
|
|
|
2021-09-01 - LOLBins Are No Laughing Matter- How Attackers Operate Quietly.pdf
|
|
|
|
|
2021-09-01 - STRRAT- a Java-based RAT that doesn't care if you have Java.pdf
|
|
|
|
|
2021-09-01 - The Incredible Rise of DPRK’s Cyber Warfare.pdf
|
|
|
|
|
2021-09-01 - WatchTower - August 2021 TLP- WHITE - Intelligence-Driven Threat Hunting.pdf
|
|
|
|
|
2021-09-02 - A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322).pdf
|
|
|
|
|
2021-09-02 - Advanced Persistent Threats (APTs).pdf
|
|
|
|
|
2021-09-02 - Anatomy and Disruption of Metasploit Shellcode.pdf
|
|
|
|
|
2021-09-02 - Attacks Continue Against Realtek Vulnerabilities.pdf
|
|
|
|
|
2021-09-02 - Attacks using metasploit meterpreter.pdf
|
|
|
|
|
2021-09-02 - Autodesk reveals it was targeted by Russian SolarWinds hackers.pdf
|
|
|
|
|
2021-09-02 - Cross-Platform Java Dropper- Snake and XLoader (Mac Version).pdf
|
|
|
|
|
2021-09-02 - Cybercrime Group FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor.pdf
|
|
|
|
|
2021-09-02 - Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role (APT5).pdf
|
|
|
|
|
2021-09-02 - QakBot Technical Analysis.pdf
|
|
|
|
|
2021-09-02 - Translated- Talos' insights from the recently leaked Conti ransomware playbook.pdf
|
|
|
|
|
2021-09-03 - Conti affiliates use ProxyShell Exchange exploit in ransomware attacks.pdf
|
|
|
|
|
2021-09-03 - Dissecting Sodinokibi Ransomware Attacks- Bringing Incident Response and Intelligence Together in the Fight.pdf
|
|
|
|
|
2021-09-03 - Netwalker ransomware full analysis.pdf
|
|
|
|
|
2021-09-03 - Phishing Android Malware Targets Taxpayers in India.pdf
|
|
|
|
|
2021-09-03 - Spyware Variant Disguised as Korean Video App Targets Multiple Asian Countries.pdf
|
|
|
|
|
2021-09-05 - BlackMatter Ransomware v2.0.pdf
|
|
|
|
|
2021-09-06 - Quick analysis CobaltStrike loader and shellcode.pdf
|
|
|
|
|
2021-09-06 - The Ideal Ransomware Victim- What Attackers Are Looking For.pdf
|
|
|
|
|
2021-09-06 - TrickBot gang developer arrested when trying to leave Korea.pdf
|
|
|
|
|
2021-09-07 - Analysis of recent attacks by the Lazarus APT organization on the blockchain finance and energy industries.pdf
|
|
|
|
|
2021-09-07 - BladeHawk group- Android espionage against Kurdish ethnic group.pdf
|
|
|
|
|
2021-09-07 - Cobalt Strike C2 Hunting with Shodan.pdf
|
|
|
|
|
2021-09-07 - Fake Income Tax Application Targets Indian Taxpayers.pdf
|
|
|
|
|
2021-09-07 - Microsoft shares temp fix for ongoing Office 365 zero-day attacks ( CVE-2021-40444).pdf
|
|
|
|
|
2021-09-07 - REvil ransomware's servers mysteriously come back online.pdf
|
|
|
|
|
2021-09-07 - Shellcode Detection Using Real-Time Kernel Monitoring.pdf
|
|
|
|
|
2021-09-07 - Threat Alert- Mirai-Gafgyt Fork with New DDoS Modules Discovered.pdf
|
|
|
|
|
2021-09-08 - Advance Fee Fraud- The Emergence of Elaborate Crypto Schemes.pdf
|
|
|
|
|
2021-09-08 - Aggah Malware Campaign Expands to Zendesk and GitHub to Host Its Malware.pdf
|
|
|
|
|
2021-09-08 - Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands.pdf
|
|
|
|
|
2021-09-08 - How Groove Gang is Shaking up the Ransomware-as-a-Service Market to Empower Affiliates.pdf
|
|
|
|
|
2021-09-08 - Muhstik Takes Aim at Confluence CVE 2021-26084.pdf
|
|
|
|
|
2021-09-08 - Rapidly Evolving BlackMatter Ransomware Tactics.pdf
|
|
|
|
|
2021-09-08 - TeamTNT with new campaign aka “Chimaera”.pdf
|
|
|
|
|
2021-09-08 - Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website (Glib Oleksandr Ivanov-Tolpintsev).pdf
|
|
|
|
|
2021-09-08 - Zoho patches actively exploited critical ADSelfService Plus bug (CVE-2021-40539).pdf
|
|
|
|
|
2021-09-09 - A Spectrum of State Ransomware Responsibility.pdf
|
|
|
|
|
2021-09-09 - Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction.pdf
|
|
|
|
|
2021-09-09 - CloudFall Targets Researchers and Scientists Invited to International Military Conferences in Central Asia and Eastern Europe.pdf
|
|
|
|
|
2021-09-09 - FluBot Variant Masquerading As The Default Android Voicemail App.pdf
|
|
|
|
|
2021-09-09 - Grayfly- Chinese Threat Actor Uses Newly-discovered Sidewalk Malware.pdf
|
|
|
|
|
2021-09-09 - Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret Inner Workings.pdf
|
|
|
|
|
2021-09-09 - Hancitor Loader - RE & Config Extraction.pdf
|
|
|
|
|
2021-09-09 - LockBit 2.0- Ransomware Attacks Surge After Successful Affiliate Recruitment.pdf
|
|
|
|
|
2021-09-09 - Mēris botnet, climbing to the record.pdf
|
|
|
|
|
2021-09-09 - PYSA Ransomware Gang adds Linux Support.pdf
|
|
|
|
|
2021-09-09 - Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs.pdf
|
|
|
|
|
2021-09-09 - Threat Thursday- Get Your Paws Off My Data, Raccoon Infostealer.pdf
|
|
|
|
|
2021-09-10 - Hive Ransomware- Actively Targeting Hospitals.pdf
|
|
|
|
|
2021-09-10 - Indonesian intelligence agency compromised in suspected Chinese hack.pdf
|
|
|
|
|
2021-09-10 - New Dridex Variant Being Spread By Crafted Excel Document.pdf
|
|
|
|
|
2021-09-10 - PhishingJS- A Deep Learning Model for JavaScript-Based Phishing Detection.pdf
|
|
|
|
|
2021-09-10 - Rendering Threats- A Network Perspective.pdf
|
|
|
|
|
2021-09-10 - S.O.V.A. - A new Android Banking trojan with fowl intentions.pdf
|
|
|
|
|
2021-09-10 - The new maxtrilha trojan is being disseminated and targeting several banks.pdf
|
|
|
|
|
2021-09-13 - Android malware distributed in Mexico uses Covid-19 to steal financial credentials.pdf
|
|
|
|
|
2021-09-13 - APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs (IOCs).pdf
|
|
|
|
|
2021-09-13 - APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs.pdf
|
|
|
|
|
2021-09-13 - Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers.pdf
|
|
|
|
|
2021-09-13 - BazarLoader to Conti Ransomware in 32 Hours.pdf
|
|
|
|
|
2021-09-13 - Beware of this Lock Screen App.pdf
|
|
|
|
|
2021-09-13 - FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860).pdf
|
|
|
|
|
2021-09-13 - Hide and Seek - New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms.pdf
|
|
|
|
|
2021-09-13 - The many tentacles of Magecart Group 8.pdf
|
|
|
|
|
2021-09-13 - Vermilion Strike- Linux and Windows Re-implementation of Cobalt Strike.pdf
|
|
|
|
|
2021-09-14 - APT Group Targets Indian Defense Officials Through Enhanced TTPs.pdf
|
|
|
|
|
2021-09-14 - Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack.pdf
|
|
|
|
|
2021-09-14 - Deep-dive Analysis of S.O.V.A. Android Banking Trojan.pdf
|
|
|
|
|
2021-09-14 - Flubot’s Smishing Campaigns under the Microscope.pdf
|
|
|
|
|
2021-09-14 - More ProxyShell- Web Shells Lead to ZeroLogon and Application Impersonation Attacks.pdf
|
|
|
|
|
2021-09-14 - North Korea-linked account poses as KBS scriptwriter to dupe DPRK watchers.pdf
|
|
|
|
|
2021-09-14 - Operation ‘Harvest’- A Deep Dive into a Long-term Campaign.pdf
|
|
|
|
|
2021-09-14 - OSX.ZuRu- trojanized apps spread malware, via sponsored search results.pdf
|
|
|
|
|
2021-09-14 - Russia is fully capable of shutting down cybercrime.pdf
|
|
|
|
|
2021-09-14 - TeamTNT Script Employed to Grab AWS Credentials.pdf
|
|
|
|
|
2021-09-14 - The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up- One Year Later.pdf
|
|
|
|
|
2021-09-15 - Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability.pdf
|
|
|
|
|
2021-09-15 - Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus (CVE-2021-30860).pdf
|
|
|
|
|
2021-09-15 - APT-C-23 Using New Variant Of Android Spyware To Target Users In The Middle East.pdf
|
|
|
|
|
2021-09-15 - Bad ASes.pdf
|
|
|
|
|
2021-09-15 - Mēris botnet.pdf
|
|
|
|
|
2021-09-15 - Phishing Eager Travelers.pdf
|
|
|
|
|
2021-09-15 - Shining a Light on DarkOxide.pdf
|
|
|
|
|
2021-09-16 - Analysis of CVE-2021-30860 the flaw and fix of a zero-click vulnerability, exploited in the wild.pdf
|
|
|
|
|
2021-09-16 - APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus.pdf
|
|
|
|
|
2021-09-16 - Exploitation of the CVE-2021-40444 vulnerability in MSHTML.pdf
|
|
|
|
|
2021-09-16 - No Longer Just Theory- Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders.pdf
|
|
|
|
|
2021-09-16 - Operation Layover- How we tracked an attack on the aviation industry to five years of compromise.pdf
|
|
|
|
|
2021-09-16 - Pointer- Hunting Cobalt Strike globally.pdf
|
|
|
|
|
2021-09-16 - RUNLIR - phishing campaign targeting Netherlands.pdf
|
|
|
|
|
2021-09-16 - Threat Thursday- NetWire RAT is Coming Down the Line.pdf
|
|
|
|
|
2021-09-17 - 2021-09-17 - SQUIRRELWAFFLE Loader with Cobalt Strike.pdf
|
|
|
|
|
2021-09-17 - DirtyMoe- Code Signing Certificate.pdf
|
|
|
|
|
2021-09-17 - Falcon OverWatch Hunts Down Adversaries Where They Hide.pdf
|
|
|
|
|
2021-09-17 - Joker.pdf
|
|
|
|
|
2021-09-17 - Numando- Count once, code twice.pdf
|
|
|
|
|
2021-09-17 - Scamdemic outbreak Scammers attack users in Middle Eastern countries.pdf
|
|
|
|
|
2021-09-17 - Sophisticated Spyware Posing as a Banking Application To Target Korean Users.pdf
|
|
|
|
|
2021-09-18 - Hunting for OMI Vulnerability Exploitation with Azure Sentinel.pdf
|
|
|
|
|
2021-09-18 - “Squirrelwaffle” Maldoc Analysis.pdf
|
|
|
|
|
2021-09-19 - Alaska discloses ‘sophisticated’ nation-state cyberattack on health service.pdf
|
|
|
|
|
2021-09-19 - Discovering Linux ELF Beacon of Cobalt Strike Tool.pdf
|
|
|
|
|
2021-09-19 - MirrorBlast and TA505- Examining Similarities in Tactics, Techniques and Procedures.pdf
|
|
|
|
|
2021-09-20 - A guide to combatting human-operated ransomware- Part 1.pdf
|
|
|
|
|
2021-09-20 - BluStealer- from SpyEx to ThunderFox.pdf
|
|
|
|
|
2021-09-20 - Building an Open Source IDS IPS service for Gateway Load Balancer.pdf
|
|
|
|
|
2021-09-20 - Chainalysis in Action- OFAC Sanctions Russian Cryptocurrency OTC Suex that Received Over $160 million from Ransomware Attackers, Scammers, Darknet Markets, and Seized Exchange BTC-e.pdf
|
|
|
|
|
2021-09-20 - DanaBot Communications Update.pdf
|
|
|
|
|
2021-09-20 - Defeating macOS Malware Anti-Analysis Tricks with Radare2.pdf
|
|
|
|
|
2021-09-20 - Hello Lionel Richie – Intrusion Truth.pdf
|
|
|
|
|
2021-09-20 - How we searched for a connection between Mēris and Glupteba, and gained control over 45 thousand MikroTik devices.pdf
|
|
|
|
|
2021-09-20 - Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads.pdf
|
|
|
|
|
2021-09-21 - BlackMatter Ransomware Technical Analysis and Tools from Nozomi Networks Labs.pdf
|
|
|
|
|
2021-09-21 - Capturing and Detecting AndroidTester Remote Access Trojan with the Emergency VPN.pdf
|
|
|
|
|
2021-09-21 - Catching the big fish- Analyzing a large-scale phishing-as-a-service operation.pdf
|
|
|
|
|
2021-09-21 - Cring ransomware group exploits ancient ColdFusion server.pdf
|
|
|
|
|
2021-09-21 - Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage.pdf
|
|
|
|
|
2021-09-21 - New Jupyter Evasive Delivery through MSI Installer.pdf
|
|
|
|
|
2021-09-21 - Publication of Updated Ransomware Advisory; Cyber-related Designation (25 cryptocurrency accounts operated by Suex is sanctioned).pdf
|
|
|
|
|
2021-09-21 - Ransomware Hackers Attack a Top Safety Testing Org. Using Tactics and Techniques Borrowed from Chinese Espionage Groups.pdf
|
|
|
|
|
2021-09-21 - Scanning VirusTotal's firehose.pdf
|
|
|
|
|
2021-09-21 - TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines.pdf
|
|
|
|
|
2021-09-21 - Using Zeek to track communication state.pdf
|
|
|
|
|
2021-09-22 - Alert (AA21-265A) Conti Ransomware.pdf
|
|
|
|
|
2021-09-22 - BlackMatter Ransomware Analysis; The Dark Side Returns.pdf
|
|
|
|
|
2021-09-22 - ERMAC - another Cerberus reborn.pdf
|
|
|
|
|
2021-09-22 - GoSecure Titan Labs Technical Report- BluStealer Malware Threat.pdf
|
|
|
|
|
2021-09-22 - Intelligence Insights- September 2021.pdf
|
|
|
|
|
2021-09-22 - REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released.pdf
|
|
|
|
|
2021-09-22 - The Sysrv Botnet and How It Evolved.pdf
|
|
|
|
|
2021-09-22 - Threat Analysis Report- PrintNightmare and Magniber Ransomware.pdf
|
|
|
|
|
2021-09-23 - Detecting and Hunting for the PetitPotam NTLM Relay Attack.pdf
|
|
|
|
|
2021-09-23 - FamousSparrow- A suspicious hotel guest.pdf
|
|
|
|
|
2021-09-23 - Financially motivated actor breaks certificate parsing to avoid detection.pdf
|
|
|
|
|
2021-09-23 - HCRootkit - Sutersu Linux Rootkit Analysis.pdf
|
|
|
|
|
2021-09-23 - New ZE Loader Targets Online Banking Users.pdf
|
|
|
|
|
2021-09-23 - Operation “Armor Piercer-” Targeted attacks in the Indian subcontinent using commercial RATs.pdf
|
|
|
|
|
2021-09-23 - Phishing and malware actors abuse Google Forms for credentials, data exfiltration.pdf
|
|
|
|
|
2021-09-23 - Raccoon Stealer Pivots Towards Self-Protection.pdf
|
|
|
|
|
2021-09-23 - REVil ransomware devs added a backdoor to cheat affiliates.pdf
|
|
|
|
|
2021-09-23 - RTL was victim ransomware attack, cyber criminals make 8500 euro loot.pdf
|
|
|
|
|
2021-09-23 - TangleBot- New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures.pdf
|
|
|
|
|
2021-09-23 - Threat Thursday- BlackMatter RaaS - Darker Than DarkSide-.pdf
|
|
|
|
|
2021-09-23 - Vidar Stealer Evasion Arsenal.pdf
|
|
|
|
|
2021-09-24 - Daily Ruleset Update Summary 2021-09-24.pdf
|
|
|
|
|
2021-09-24 - Declaration by the High Representative on behalf of the European Union on respect for the EU’s democratic processes.pdf
|
|
|
|
|
2021-09-24 - Examining the Cring Ransomware Techniques.pdf
|
|
|
|
|
2021-09-24 - Flash Report- Colossus Ransomware.pdf
|
|
|
|
|
2021-09-24 - Hunting the LockBit Gang's Exfiltration Infrastructures.pdf
|
|
|
|
|
2021-09-26 - Desorden Group claims to have stolen 200 GB of data from ABX Express.pdf
|
|
|
|
|
2021-09-26 - Insights into Ransomware Spread Using Exchange 1-Day Vulnerabilities 1-2.pdf
|
|
|
|
|
2021-09-27 - A guide to combatting human-operated ransomware- Part 2.pdf
|
|
|
|
|
2021-09-27 - A Virtual Baffle to Battle Squirrelwaffle.pdf
|
|
|
|
|
2021-09-27 - BloodyStealer and gaming assets for sale.pdf
|
|
|
|
|
2021-09-27 - Deobfuscating PowerShell Malware Droppers.pdf
|
|
|
|
|
2021-09-27 - DoppelDridex Delivered via Slack and Discord.pdf
|
|
|
|
|
2021-09-27 - Fake Installers Drop Malware and Open Doors for Opportunistic Attackers.pdf
|
|
|
|
|
2021-09-27 - FoggyWeb- Targeted NOBELIUM malware leads to persistent backdoor.pdf
|
|
|
|
|
2021-09-27 - RedLine Infostealer - Detailed Reverse Engineering.pdf
|
|
|
|
|
2021-09-27 - Threat Analysis Report- Inside the Destructive PYSA Ransomware.pdf
|
|
|
|
|
2021-09-28 - 4 Chinese APT Groups Identified Targeting Mail Server of Afghan Telecommunications Firm Roshan.pdf
|
|
|
|
|
2021-09-28 - FinSpy- unseen findings.pdf
|
|
|
|
|
2021-09-28 - Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread.pdf
|
|
|
|
|
2021-09-28 - REvil’s “Cryptobackdoor” Con- Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout.pdf
|
|
|
|
|
2021-09-28 - Squirrelwaffle- New Loader Delivering Cobalt Strike.pdf
|
|
|
|
|
2021-09-28 - Winter Vivern – all Summer.pdf
|
|
|
|
|
2021-09-28 - Zircolite vs Defense Evasion & Nobellium FoggyWeb.pdf
|
|
|
|
|
2021-09-29 - Aria-Body Loader- Is that you-.pdf
|
|
|
|
|
2021-09-29 - Backup “Removal” Solutions - From Conti Ransomware With Love.pdf
|
|
|
|
|
2021-09-29 - DarkHalo after SolarWinds- the Tomiris connection (UNC2849).pdf
|
|
|
|
|
2021-09-29 - Evaluating the Value of Security Intelligence Feeds with Silent Push.pdf
|
|
|
|
|
2021-09-29 - Federal Indictment in Chicago Charges Turkish National With Directing Cyber Attack on Multinational Hospitality Company.pdf
|
|
|
|
|
2021-09-29 - FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal.pdf
|
|
|
|
|
2021-09-29 - Google Drive abused in document exfiltration operation against Afghanistan.pdf
|
|
|
|
|
2021-09-29 - GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally.pdf
|
|
|
|
|
2021-09-29 - How to defeat the Russian Dukes- A step-by-step analysis of MiniDuke used by APT29-Cozy Bear.pdf
|
|
|
|
|
2021-09-29 - PixStealer- a new wave of Android banking Trojans abusing Accessibility Services.pdf
|
|
|
|
|
2021-09-29 - Russian hacker Q&A- An Interview With REvil-Affiliated Ransomware Contractor.pdf
|
|
|
|
|
2021-09-29 - TA544 Targets Italian Organizations with Ursnif Malware.pdf
|
|
|
|
|
2021-09-29 - Zloader Campaigns at a Glance (IOCs).pdf
|
|
|
|
|
2021-09-29 - Zloader Campaigns at a Glance.pdf
|
|
|
|
|
2021-09-30 - A wolf in sheep's clothing- Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus.pdf
|
|
|
|
|
2021-09-30 - All your hashes are belong to us- An overview of malware hashing algorithms.pdf
|
|
|
|
|
2021-09-30 - Credential Harvesting at Scale Without Malware.pdf
|
|
|
|
|
2021-09-30 - GhostEmperor- From ProxyLogon to kernel mode.pdf
|
|
|
|
|
2021-09-30 - Hunting for the Confluence Exploitation- When Falcon OverWatch Becomes the First Line of Defense.pdf
|
|
|
|
|
2021-09-30 - Mac Users Targeted by Trojanized iTerm2 App.pdf
|
|
|
|
|
2021-09-30 - Mirai goes Stealth – TLS & IoT Malware.pdf
|
|
|
|
|
2021-09-30 - New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education.pdf
|
|
|
|
|
2021-09-30 - Ranion Ransomware - Quiet and Persistent RaaS.pdf
|
|
|
|
|
2021-09-30 - Threat Thursday- xLoader Infostealer.pdf
|
|
|
|
|
2021-10-01 - Babuk Ransomware Variant Delta Plus Used in Live Attacks After Source Code Leaked.pdf
|
|
|
|
|
2021-10-01 - Made In America- Green Lambert for OS X.pdf
|
|
|
|
|
2021-10-01 - SQUIRRELWAFFLE – Analysing the Custom Packer.pdf
|
|
|
|
|
2021-10-02 - PUA.Win32.Adload.AI.pdf
|
|
|
|
|
2021-10-03 - Using Windows Sandbox for Malware Analysis.pdf
|
|
|
|
|
2021-10-04 - Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack.pdf
|
|
|
|
|
2021-10-04 - BazarLoader and the Conti Leaks.pdf
|
|
|
|
|
2021-10-04 - How to Write a Hancitor Extractor in Go.pdf
|
|
|
|
|
2021-10-04 - Malware Gh0stTimes Used by BlackTech.pdf
|
|
|
|
|
2021-10-04 - Mobile Malware- TangleBot Untangled.pdf
|
|
|
|
|
2021-10-04 - Phish, Phished, Phisher- A Quick Peek Inside a Telegram Harvester.pdf
|
|
|
|
|
2021-10-04 - Reverse engineered the Hancitor DLL and built a static config extractor.pdf
|
|
|
|
|
2021-10-04 - Threat hunting in large datasets by clustering security events.pdf
|
|
|
|
|
2021-10-05 - Analyzing Ransomware Negotiations with CONTI (X).pdf
|
|
|
|
|
2021-10-05 - Chinese Influence Operations A Machiavellian Moment.pdf
|
|
|
|
|
2021-10-05 - Drawing a Dragon- Connecting the Dots to Find APT41.pdf
|
|
|
|
|
2021-10-05 - Malware analysis- Details on LockBit ransomware.pdf
|
|
|
|
|
2021-10-05 - Prometheus x Spook- Prometheus ransomware rebranded Spook ransomware..pdf
|
|
|
|
|
2021-10-05 - Python ransomware script targets ESXi server for encryption.pdf
|
|
|
|
|
2021-10-05 - Ransomware as a Service- Enabler of Widespread Attacks.pdf
|
|
|
|
|
2021-10-05 - Regarding the Threats Posed by Encrypted Office Files.pdf
|
|
|
|
|
2021-10-05 - The REBOL Yell- A New Novel REBOL Exploit.pdf
|
|
|
|
|
2021-10-05 - UEFI threats moving to the ESP- Introducing ESPecter bootkit.pdf
|
|
|
|
|
2021-10-06 - Inside TeamTNT’s Impressive Arsenal- A Look Into A TeamTNT Server.pdf
|
|
|
|
|
2021-10-06 - To the moon and hack- Fake SafeMoon app drops malware to spy on you.pdf
|
|
|
|
|
2021-10-07 - FIN12- The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets.pdf
|
|
|
|
|
2021-10-07 - FontOnLake- Previously unknown malware family targeting Linux.pdf
|
|
|
|
|
2021-10-07 - Google notifies 14,000 Gmail users of targeted APT28 attacks.pdf
|
|
|
|
|
2021-10-07 - Netherlands can use intelligence or armed forces to respond to ransomware attacks.pdf
|
|
|
|
|
2021-10-07 - Operation Newton- Hi Kimsuky- Did an Apple(seed) really fall on Newton’s head-.pdf
|
|
|
|
|
2021-10-07 - Ransomware in the CIS.pdf
|
|
|
|
|
2021-10-07 - Russian cyberattacks pose greater risk to governments and other insights from our annual report.pdf
|
|
|
|
|
2021-10-07 - SilverTerrier – Nigerian Business Email Compromise.pdf
|
|
|
|
|
2021-10-07 - SquirrelWaffle- New Malware Loader Delivering Cobalt Strike and QakBot.pdf
|
|
|
|
|
2021-10-07 - Team TNT Deploys Malicious Docker Image On Docker Hub.pdf
|
|
|
|
|
2021-10-07 - Threat Thursday- BluStealer Infostealer.pdf
|
|
|
|
|
2021-10-08 - Actors Target Huawei Cloud Using Upgraded Linux Malware.pdf
|
|
|
|
|
2021-10-08 - Malware Flagpro used by targeted attack group BlackTech.pdf
|
|
|
|
|
2021-10-08 - New Trickbot and BazarLoader campaigns use multiple delivery vectorsi.pdf
|
|
|
|
|
2021-10-08 - SQUIRRELWAFFLE – Analysing The Main Loader.pdf
|
|
|
|
|
2021-10-11 - Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors.pdf
|
|
|
|
|
2021-10-11 - Moving Left of the Ransomware Boom.pdf
|
|
|
|
|
2021-10-11 - Necro Python Botnet Goes After Vulnerable VisualTools DVR.pdf
|
|
|
|
|
2021-10-11 - SnapMC skips ransomware, steals data.pdf
|
|
|
|
|
2021-10-12 - Continued Exploitation of CVE-2021-26084.pdf
|
|
|
|
|
2021-10-12 - Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis.pdf
|
|
|
|
|
2021-10-12 - ECX- Big Game Hunting on the Rise Following a Notable Reduction in Activity.pdf
|
|
|
|
|
2021-10-12 - Going Coast to Coast - Climbing the Pyramid with the Deimos Implant.pdf
|
|
|
|
|
2021-10-12 - Malspam Campaign Delivers Dark Crystal RAT (dcRAT).pdf
|
|
|
|
|
2021-10-12 - MysterySnail attacks with Windows zero-day.pdf
|
|
|
|
|
2021-10-12 - The King is Dead, Long Live MyKings! (Part 1 of 2).pdf
|
|
|
|
|
2021-10-13 - AtomSilo Ransomware.pdf
|
|
|
|
|
2021-10-13 - BlackBerry Shines Spotlight on Evolving Cobalt Strike Threat in New Book.pdf
|
|
|
|
|
2021-10-13 - CetaRAT APT Group – Targeting the Government Agencies.pdf
|
|
|
|
|
2021-10-13 - The ad blocker that injects ads.pdf
|
|
|
|
|
2021-10-13 - Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds.pdf
|
|
|
|
|
2021-10-13 - Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor..pdf
|
|
|
|
|
2021-10-13 - We analyzed 80 million ransomware samples – here’s what we learned.pdf
|
|
|
|
|
2021-10-13 - “Spytech Necro” – Keksec’s Latest Python Malware.pdf
|
|
|
|
|
2021-10-14 - A Handshake with MySQL Bots.pdf
|
|
|
|
|
2021-10-14 - Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems.pdf
|
|
|
|
|
2021-10-14 - Analyzing Email Services Abused for Business Email Compromise.pdf
|
|
|
|
|
2021-10-14 - Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes.pdf
|
|
|
|
|
2021-10-14 - Countering threats from Iran (APT35).pdf
|
|
|
|
|
2021-10-14 - Explosive New MirrorBlast Campaign Targets Financial Companies.pdf
|
|
|
|
|
2021-10-14 - New Yanluowang ransomware used in targeted attacks.pdf
|
|
|
|
|
2021-10-14 - Phishers Get Clever, Use Math Symbols for Verizon Logo.pdf
|
|
|
|
|
2021-10-15 - AtomSilo Ransomware Enters the League of Double Extortion.pdf
|
|
|
|
|
2021-10-15 - BlackByte Ransomware – Pt 2. Code Obfuscation Analysis.pdf
|
|
|
|
|
2021-10-15 - BlackByte Ransomware – Pt. 1 In-depth Analysis.pdf
|
|
|
|
|
2021-10-15 - Memory Forensics R&D Illustrated- Detecting Mimikatz's Skeleton Key Attack.pdf
|
|
|
|
|
2021-10-15 - Ransomware Operators Found Using New -Franchise- Business Model.pdf
|
|
|
|
|
2021-10-15 - Recovering registry hives encrypted by LockBit 2.0.pdf
|
|
|
|
|
2021-10-17 - Building highly interactive honeypots- CVE-2021-41773 case study.pdf
|
|
|
|
|
2021-10-17 - REvil ransomware shuts down again after Tor sites were hijacked.pdf
|
|
|
|
|
2021-10-18 - Alert (AA21-291A)- BlackMatter Ransomware.pdf
|
|
|
|
|
2021-10-18 - Case Study- From BazarLoader to Network Reconnaissance.pdf
|
|
|
|
|
2021-10-18 - Harvester- Nation-state-backed group uses new toolset to target victims in South Asia.pdf
|
|
|
|
|
2021-10-18 - IcedID to XingLocker Ransomware in 24 hours.pdf
|
|
|
|
|
2021-10-18 - Is There Really Such a Thing as a Low-Paid Ransomware Operator-.pdf
|
|
|
|
|
2021-10-18 - Karma Ransomware - An Emerging Threat With A Hint of Nemty Pedigree.pdf
|
|
|
|
|
2021-10-18 - Profiling hackers using the Malvertising Attack Matrix by Confiant.pdf
|
|
|
|
|
2021-10-18 - REvil Disappears Again- ‘Something Is Rotten in the State of Ransomware’.pdf
|
|
|
|
|
2021-10-18 - Suspected Chinese hackers behind attacks on ten Israeli hospitals.pdf
|
|
|
|
|
2021-10-18 - ZLoader Reversing.pdf
|
|
|
|
|
2021-10-19 - Cybercriminals cash in on black market vaccine schemes.pdf
|
|
|
|
|
2021-10-19 - Good for Evil- DeepBlueMagic Ransomware Group Abuses Legit Encryption Tools.pdf
|
|
|
|
|
2021-10-19 - LightBasin- A Roaming Threat to Telecommunications Companies.pdf
|
|
|
|
|
2021-10-19 - Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India.pdf
|
|
|
|
|
2021-10-19 - PurpleFox Adds New Backdoor That Uses WebSockets.pdf
|
|
|
|
|
2021-10-19 - q-logger skimmer keeps Magecart attacks going.pdf
|
|
|
|
|
2021-10-19 - Social Network Account Stealers Hidden in Android Gaming Hacking Tool.pdf
|
|
|
|
|
2021-10-19 - STRRAT, ZLoader, and HoneyGain.pdf
|
|
|
|
|
2021-10-19 - The layered infrastructure operated by APT29.pdf
|
|
|
|
|
2021-10-19 - Trickbot module descriptions.pdf
|
|
|
|
|
2021-10-19 - WeTheNorth- A New Canadian Dark Web Marketplace.pdf
|
|
|
|
|
2021-10-19 - Whatta TA- TA505 Ramps Up Activity, Delivers New FlawedGrace Variant.pdf
|
|
|
|
|
2021-10-20 - Hidden in Plain Sight- Identifying Cryptography in BLACKMATTER Ransomware.pdf
|
|
|
|
|
2021-10-20 - New Espionage Campaign Targets South East Asia.pdf
|
|
|
|
|
2021-10-20 - Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices.pdf
|
|
|
|
|
2021-10-20 - Persistence and Privilege Escalation on Windows via Print Processors.pdf
|
|
|
|
|
2021-10-20 - Phishing campaign targets YouTube creators with cookie theft malware.pdf
|
|
|
|
|
2021-10-20 - Russian-speaking cybercrime evolution- What changed from 2016 to 2021.pdf
|
|
|
|
|
2021-10-20 - TA551 Uses ‘SLIVER’ Red Team Tool in New Activity.pdf
|
|
|
|
|
2021-10-20 - TM Follow-Up (TAG_APT35_14-10-21).pdf
|
|
|
|
|
2021-10-20 - Two Individuals (Pavel Stassi & Aleksandr Skorodumov) Sentenced for Providing “Bulletproof Hosting” for Cybercriminals.pdf
|
|
|
|
|
2021-10-20 - VNC Malware (TinyNuke, TightVNC) Used by Kimsuky Group.pdf
|
|
|
|
|
2021-10-21 - Apache HTTP Server CVE-2021-42013 and CVE-2021-41773 Exploited in the Wild.pdf
|
|
|
|
|
2021-10-21 - Chrome targeted by Magnitude exploit kit.pdf
|
|
|
|
|
2021-10-21 - Cobalt Strike- Using Known Private Keys To Decrypt Traffic – Part 1.pdf
|
|
|
|
|
2021-10-21 - DBatLoader- Abusing Discord to Deliver Warzone RAT.pdf
|
|
|
|
|
2021-10-21 - Evil Corp demands $40 million in new Macaw ransomware attacks.pdf
|
|
|
|
|
2021-10-21 - FIN7 Recruits Talent For Push Into Ransomware.pdf
|
|
|
|
|
2021-10-21 - Franken-phish- TodayZoo built from other phishing kits.pdf
|
|
|
|
|
2021-10-21 - How to- Threat hunting and threat intelligence.pdf
|
|
|
|
|
2021-10-21 - Initial Access Broker Landscape.pdf
|
|
|
|
|
2021-10-21 - Massive campaign uses YouTube to push password-stealing malware.pdf
|
|
|
|
|
2021-10-21 - Multi-Staged JSOutProx RAT Targets Indian Co-operative Banks and Finance Companies.pdf
|
|
|
|
|
2021-10-21 - Stopping GRACEFUL SPIDER- Falcon Complete’s Fast Response to Recent SolarWinds Serv-U Exploit Campaign.pdf
|
|
|
|
|
2021-10-21 - Raccoon Stealer Under the Lens- A Deep-dive Analysis.pdf
|
|
|
|
|
2021-10-21 - “Missed Voice Message,” the Latest Phishing Lure.pdf
|
|
|
|
|
2021-10-22 - Advanced IP Scanner- the preferred scanner in the A(P)T toolbox.pdf
|
|
|
|
|
2021-10-22 - Assassinations of -MiniNinja- in Various APAC Countries.pdf
|
|
|
|
|
2021-10-22 - DarkSide bitcoins on the move following government cyberattack against REvil ransomware group.pdf
|
|
|
|
|
2021-10-22 - DarkSide ransomware rushes to cash out $7 million in Bitcoin.pdf
|
|
|
|
|
2021-10-22 - EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline.pdf
|
|
|
|
|
2021-10-22 - New MultiloginBot Phishing Campaign.pdf
|
|
|
|
|
2021-10-22 - Recent Attack Uses Vulnerability on Confluence Server.pdf
|
|
|
|
|
2021-10-22 - Spectre v4.0 - The Speed of Malware Threats After the Pandemics.pdf
|
|
|
|
|
2021-10-22 - Threat Advisory- Hackers Are Exploiting a Vulnerability in Popular Billing Software to Deploy Ransomware.pdf
|
|
|
|
|
2021-10-22 - “Page Not Found”- REvil Darknet Services Offline After Attack Last Weekend.pdf
|
|
|
|
|
2021-10-23 - Links to Previous Attacks in UAParserJS Compromise.pdf
|
|
|
|
|
2021-10-24 - Breaking the News New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts.pdf
|
|
|
|
|
2021-10-24 - New activity from Russian actor Nobelium.pdf
|
|
|
|
|
2021-10-24 - Node poisoning- hijacked package delivers coin miner and credential-stealing backdoor.pdf
|
|
|
|
|
2021-10-25 - Bear in the Net- A Network-Focused Perspective on Berserk Bear.pdf
|
|
|
|
|
2021-10-25 - Conti Ransom Gang Starts Selling Access to Victims.pdf
|
|
|
|
|
2021-10-25 - Digital banking fraud- how the Gozi malware works.pdf
|
|
|
|
|
2021-10-25 - NOBELIUM targeting delegated administrative privileges to facilitate broader attacks.pdf
|
|
|
|
|
2021-10-25 - OverWatch Elite In Action- Prompt Call Escalation Proves Vital to Containing Attack.pdf
|
|
|
|
|
2021-10-25 - TeamTNT Continues to Target Exposed Docker API.pdf
|
|
|
|
|
2021-10-25 - UAParser.js npm Package Supply Chain Attack- Impact and Response.pdf
|
|
|
|
|
2021-10-25 - UltimaSMS- A widespread premium SMS scam on the Google Play Store.pdf
|
|
|
|
|
2021-10-25 - WebAssembly Is Abused by eCriminals to Hide Malware.pdf
|
|
|
|
|
2021-10-26 - Almost 100 Organizations in Brazil Targeted with Banking Trojan.pdf
|
|
|
|
|
2021-10-26 - APT trends report Q3 2021.pdf
|
|
|
|
|
2021-10-26 - Detecting CONTI CobaltStrike Lateral Movement Techniques - Part 1.pdf
|
|
|
|
|
2021-10-26 - DRIDEX- Analysing API Obfuscation Through VEH.pdf
|
|
|
|
|
2021-10-26 - EP 103- Cloud Hopper.pdf
|
|
|
|
|
2021-10-26 - High(er) Fidelity Software Supply Chain Attack Detection.pdf
|
|
|
|
|
2021-10-26 - Malware WinDealer used by LuoYu Attack Group.pdf
|
|
|
|
|
2021-10-26 - Mercenary APTs – An Exploration.pdf
|
|
|
|
|
2021-10-26 - Protect your business from password sprays with Microsoft DART recommendations.pdf
|
|
|
|
|
2021-10-26 - SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike.pdf
|
|
|
|
|
2021-10-27 - [RE025] TrickBot ... many tricks.pdf
|
|
|
|
|
2021-10-27 - Avast releases decryptor for AtomSilo and LockFile ransomware.pdf
|
|
|
|
|
2021-10-27 - Cobalt Strike- Using Known Private Keys To Decrypt Traffic – Part 2.pdf
|
|
|
|
|
2021-10-27 - Code similarity analysis with r2diaphora.pdf
|
|
|
|
|
2021-10-27 - Evading EDR Detection with Reentrancy Abuse.pdf
|
|
|
|
|
2021-10-27 - Extracting type information from Go binaries.pdf
|
|
|
|
|
2021-10-27 - Github Repo for TripleCross.pdf
|
|
|
|
|
2021-10-27 - New Threat Actor Spoofs Philippine Government, COVID-19 Health Data in Widespread RAT Campaigns.pdf
|
|
|
|
|
2021-10-27 - Portable Executable File Infecting Malware Is Increasingly Found in OT Networks.pdf
|
|
|
|
|
2021-10-27 - Tales From the Cryptojacking Front Lines.pdf
|
|
|
|
|
2021-10-27 - THREAT ALERT- Malicious Code Implant in the UAParser.js Library.pdf
|
|
|
|
|
2021-10-27 - Vidar stealer campaign targeting Baltic region and NATO entities.pdf
|
|
|
|
|
2021-10-27 - Wslink- Unique and undocumented malicious loader that runs as a server.pdf
|
|
|
|
|
2021-10-28 - A Detailed Walkthrough of Ranzy Locker Ransomware TTPs.pdf
|
|
|
|
|
2021-10-28 - Chaos Ransomware Variant in Fake Minecraft Alt List Brings Destruction to Japanese Gamers.pdf
|
|
|
|
|
2021-10-28 - DECAF Ransomware- A New Golang Threat Makes Its Appearance.pdf
|
|
|
|
|
2021-10-28 - Mutmaßlicher Ransomware-Millionär identifiziert.pdf
|
|
|
|
|
2021-10-28 - Rooting Malware Makes a Comeback- Lookout Discovers Global Campaign.pdf
|
|
|
|
|
2021-10-28 - Russian National (Vladimir Dunaev) Extradited to United States to Face Charges for Alleged Role in Cybercriminal Organization.pdf
|
|
|
|
|
2021-10-28 - Spook Ransomware - Prometheus Derivative Names Those That Pay, Shames Those That Don’t.pdf
|
|
|
|
|
2021-10-28 - TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware.pdf
|
|
|
|
|
2021-10-28 - Termination of Federal Unemployment Programs Represents Turning Point for Fraudsters.pdf
|
|
|
|
|
2021-10-28 - THREAT ANALYSIS REPORT- Snake Infostealer Malware.pdf
|
|
|
|
|
2021-10-28 - Urgency, Mail Relay Serve Phishers Well on Craigslist.pdf
|
|
|
|
|
2021-10-29 - OpenCTI data sharing.pdf
|
|
|
|
|
2021-10-29 - Pink, a botnet that competed with the vendor to control the massive infected devices.pdf
|
|
|
|
|
2021-10-29 - TAG Bulletin- Q3 2021.pdf
|
|
|
|
|
2021-10-30 - Reversing CryptoCrazy Ransomware - PoC Decryptor and some Tricks.pdf
|
|
|
|
|
2021-10-31 - A detailed analysis of the STOP-Djvu Ransomware.pdf
|
|
|
|
|
2021-10-31 - Measuring User Behavior.pdf
|
|
|
|
|
2021-11-01 - BlackMatter- New Data Exfiltration Tool Used in Attacks.pdf
|
|
|
|
|
2021-11-01 - Cybercrime underground flush with shipping companies credentials.pdf
|
|
|
|
|
2021-11-01 - Deceive the Heavens to Cross the Sea - Over 300K Infections via Droppers on Google Play Store.pdf
|
|
|
|
|
2021-11-01 - Diving into double extortion campaigns.pdf
|
|
|
|
|
2021-11-01 - From Thanos to Prometheus- When Ransomware Encryption Goes Wrong.pdf
|
|
|
|
|
2021-11-01 - From Zero to Domain Admin.pdf
|
|
|
|
|
2021-11-01 - The Hack that Changed the World.pdf
|
|
|
|
|
2021-11-01 - Two Tools for Malware Analysis and Reverse Engineering in Ghidra.pdf
|
|
|
|
|
2021-11-02 - Adults Only Malware Lures.pdf
|
|
|
|
|
2021-11-02 - BlackMatter Ransomware- In-Depth Analysis & Recommendations.pdf
|
|
|
|
|
2021-11-02 - Cobalt Strike Process Injection.pdf
|
|
|
|
|
2021-11-02 - Detecting CONTI CobaltStrike Lateral Movement Techniques - Part 2.pdf
|
|
|
|
|
2021-11-02 - FBI Warning- HelloKitty Ransomware Add DDoS to Extortion Arsenal.pdf
|
|
|
|
|
2021-11-02 - Hunting for potential network beaconing patterns using Apache Spark via Azure Synapse – Part 1.pdf
|
|
|
|
|
2021-11-02 - Malware analysis- Hands-On Shellbot malware.pdf
|
|
|
|
|
2021-11-02 - New Malware “Gameloader” in Discord Malspam Campaign Identified by GoSecure Titan Labs.pdf
|
|
|
|
|
2021-11-02 - Underminer Exploit Kit- The More You Check The More Evasive You Become.pdf
|
|
|
|
|
2021-11-02 - US seeks extradition of alleged Ukrainian scammer arrested at Polish border stop.pdf
|
|
|
|
|
2021-11-02 - ‘Destructive’ cyberattack hits National Bank of Pakistan.pdf
|
|
|
|
|
2021-11-03 - BlackMatter ransomware moves victims to LockBit after shutdown.pdf
|
|
|
|
|
2021-11-03 - BlackMatter ransomware says its shutting down due to pressure from local authorities.pdf
|
|
|
|
|
2021-11-03 - Cobalt Strike- Using Process Memory To Decrypt Traffic – Part 3.pdf
|
|
|
|
|
2021-11-03 - Credit card skimmer evades Virtual Machines.pdf
|
|
|
|
|
2021-11-03 - DirtyMoe- Deployment.pdf
|
|
|
|
|
2021-11-03 - Identification of a new cybercriminal group- Lockean.pdf
|
|
|
|
|
2021-11-03 - Mekotio Banker Returns with Improved Stealth and Ancient Encryption.pdf
|
|
|
|
|
2021-11-03 - Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk.pdf
|
|
|
|
|
2021-11-03 - New Tool- cs-extract-key.py.pdf
|
|
|
|
|
2021-11-03 - TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments.pdf
|
|
|
|
|
2021-11-03 - The Darker Things BlackMatter and their victims.pdf
|
|
|
|
|
2021-11-03 - Use EVTX files on VirusTotal with Timesketch and Sigma (Part1).pdf
|
|
|
|
|
2021-11-03 - Webinject Panel Administration- A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance.pdf
|
|
|
|
|
2021-11-04 - Blackboxing Diebold-Nixdorf ATMs.pdf
|
|
|
|
|
2021-11-04 - CARBON SPIDER Embraces Big Game Hunting, Part 2.pdf
|
|
|
|
|
2021-11-04 - Caught Beneath the Landline- A 411 on Telephone Oriented Attack Delivery.pdf
|
|
|
|
|
2021-11-04 - Deep Dive into a Fresh Variant of Snake Keylogger Malware.pdf
|
|
|
|
|
2021-11-04 - Detecting IcedID... Could It Be A Trickbot Copycat-.pdf
|
|
|
|
|
2021-11-04 - DoD's 2021 China Military Power Report- How Advances in AI and Emerging Technologies Will Shape China’s Military.pdf
|
|
|
|
|
2021-11-04 - Google fixes Android zero-day exploited in the wild in targeted attacks (CVE-2021-1048).pdf
|
|
|
|
|
2021-11-04 - SSU identified FSB hackers who carried out more than 5,000 cyberattacks on state bodies of Ukraine (video).pdf
|
|
|
|
|
2021-11-04 - Threat Thursday- Karma Ransomware.pdf
|
|
|
|
|
2021-11-04 - Understanding the Windows JavaScript Threat Landscape.pdf
|
|
|
|
|
2021-11-05 - A Review and Analysis of 2021 Buer Loader Campaigns.pdf
|
|
|
|
|
2021-11-05 - Hunter Becomes Hunted- Zebra2104 Hides a Herd of Malware.pdf
|
|
|
|
|
2021-11-05 - Jury Convicts Chinese Intelligence Officer of Espionage Crimes, Attempting to Steal Trade Secrets (Yanjun Xu).pdf
|
|
|
|
|
2021-11-05 - Spike in DanaBot Malware Activity.pdf
|
|
|
|
|
2021-11-05 - The BigBoss Rules- Something about one of the Uroburos’ RPC-based backdoors.pdf
|
|
|
|
|
2021-11-07 - CONTI Ransomware- Cheat Sheet.pdf
|
|
|
|
|
2021-11-07 - Selling China's Story.pdf
|
|
|
|
|
2021-11-07 - Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer.pdf
|
|
|
|
|
2021-11-07 - Who Will Bend the Knee in RaaS Game of Thrones in 2022-.pdf
|
|
|
|
|
2021-11-08 - Desorden Group Reportedly Hacks Centara Hotels & Resorts Within 10 Minutes After Recovering From the First Data Breach.pdf
|
|
|
|
|
2021-11-08 - Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware.pdf
|
|
|
|
|
2021-11-08 - Hacking group says it has found encryption keys needed to unlock the PS5 [Updated].pdf
|
|
|
|
|
2021-11-08 - In-Depth Analysis of Ransom Note Files.pdf
|
|
|
|
|
2021-11-08 - Popular NPM Repositories Compromised in Man-in-the-Middle Attack.pdf
|
|
|
|
|
2021-11-08 - REvil Ransom Arrest, $6M Seizure, and $10M Reward.pdf
|
|
|
|
|
2021-11-08 - TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access.pdf
|
|
|
|
|
2021-11-08 - Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus.pdf
|
|
|
|
|
2021-11-08 - Treasury Continues to Counter Ransomware as Part of Whole-of-Government Effort; Sanctions Ransomware Operators and Virtual Currency Exchange (Yaroslav Vasinskyi & Yevgeniy Polyanin).pdf
|
|
|
|
|
2021-11-08 - Ukrainian Arrested and Charged with Ransomware Attack on Kaseya.pdf
|
|
|
|
|
2021-11-08 - WANTED poster for Yevhgyeniy Polyanin (REvil affiliate).pdf
|
|
|
|
|
2021-11-08 - “A grim outlook”- How cyber surveillance is booming on a global scale.pdf
|
|
|
|
|
2021-11-09 - [EX008] The exploit chain allows to take control of Zalo user accounts.pdf
|
|
|
|
|
2021-11-09 - A New DatopLoader Delivers QakBot Trojan.pdf
|
|
|
|
|
2021-11-09 - Cisco Talos finds 10 vulnerabilities in Azure Sphere’s Linux kernel, Security Monitor and Pluton.pdf
|
|
|
|
|
2021-11-09 - Compromised Docker Hub Accounts Abused for Cryptomining Linked to TeamTNT.pdf
|
|
|
|
|
2021-11-09 - Scheming with URLs- One-Click Attack Surface in Linux Desktop Environments.pdf
|
|
|
|
|
2021-11-09 - The Invisible JavaScript Backdoor.pdf
|
|
|
|
|
2021-11-09 - THREAT ANALYSIS REPORT- From Shatak Emails to the Conti Ransomware.pdf
|
|
|
|
|
2021-11-09 - Who are latest targets of cyber group Lyceum-.pdf
|
|
|
|
|
2021-11-10 - -He does not get in touch-- what is known about Barnaul, wanted by the FBI on charges of cybercrime.pdf
|
|
|
|
|
2021-11-10 - mai1zhi2 - SharpBeacon - CobaltStrike Beacon written in .Net 4.pdf
|
|
|
|
|
2021-11-10 - North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets.pdf
|
|
|
|
|
2021-11-10 - PhoneSpy- The App-Based Cyberattack Snooping South Korean Citizens.pdf
|
|
|
|
|
2021-11-10 - Ploutus ATM Malware Case Study- Automated Deobfuscation of a Strongly Obfuscated .NET Binary.pdf
|
|
|
|
|
2021-11-10 - REvil Under the Microscope.pdf
|
|
|
|
|
2021-11-10 - Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!.pdf
|
|
|
|
|
2021-11-10 - The hunt for NOBELIUM, the most sophisticated nation-state attack in history.pdf
|
|
|
|
|
2021-11-10 - The Newest Malicious Actor- “Squirrelwaffle” Malicious Doc..pdf
|
|
|
|
|
2021-11-10 - TR-64 - Exploited Exchange Servers - Mails with links to malware from known-valid senders.pdf
|
|
|
|
|
2021-11-10 - Use EVTX files on VirusTotal with Timesketch and Sigma (Part 2).pdf
|
|
|
|
|
2021-11-10 - Void Balaur and the Rise of the Cybermercenary Industry (IOCs).pdf
|
|
|
|
|
2021-11-10 - Walking on APT31 infrastructure footprints.pdf
|
|
|
|
|
2021-11-10 - Zero-Day Disclosure- Palo Alto Networks GlobalProtect VPN CVE-2021-3064.pdf
|
|
|
|
|
2021-11-11 - A Duck Nightmare Quakbot Strikes with QuakNightmare Exploitation.pdf
|
|
|
|
|
2021-11-11 - Analyzing a watering hole campaign using macOS exploits.pdf
|
|
|
|
|
2021-11-11 - AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits.pdf
|
|
|
|
|
2021-11-11 - BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism.pdf
|
|
|
|
|
2021-11-11 - FIN7 Tools Resurface in the Field – Splinter or Copycat-.pdf
|
|
|
|
|
2021-11-11 - HTML smuggling surges- Highly evasive loader technique increasingly used in banking malware, targeted attacks.pdf
|
|
|
|
|
2021-11-11 - Is SquirrelWaffle the New Emotet- How to Detect the Latest MalSpam Loader.pdf
|
|
|
|
|
2021-11-11 - Magniber ransomware gang now exploits Internet Explorer flaws in attacks.pdf
|
|
|
|
|
2021-11-11 - OSX.CDDS a sophisticated watering hole campaign drops a new macOS implant!.pdf
|
|
|
|
|
2021-11-11 - SharkBot- a new generation of Android Trojans is targeting banks in Europe.pdf
|
|
|
|
|
2021-11-11 - SideCopy organization's recent attack incident analysis using China-India current affairs news.pdf
|
|
|
|
|
2021-11-11 - Stopping Cybersecurity Threats- Why Databases Matter.pdf
|
|
|
|
|
2021-11-11 - TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments.pdf
|
|
|
|
|
2021-11-11 - Threat Thursday- SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts.pdf
|
|
|
|
|
2021-11-11 - To Joke or Not to Joke- COVID-22 Brings Disaster to MBR.pdf
|
|
|
|
|
2021-11-12 - A multi-stage PowerShell based attack targets Kazakhstan.pdf
|
|
|
|
|
2021-11-12 - AgentTesla dropped via NSIS installer.pdf
|
|
|
|
|
2021-11-12 - Golang Malware Is More than a Fad- Financial Motivation Drives Adoption.pdf
|
|
|
|
|
2021-11-12 - Malware Analysis- Syscalls- Examining how to analyse malware that uses syscalls as opposed to API calls.pdf
|
|
|
|
|
2021-11-12 - New Threat Alert- Krane Malware.pdf
|
|
|
|
|
2021-11-13 - QAKBOT Loader Returns With New Techniques and Tools.pdf
|
|
|
|
|
2021-11-13 - Threat Spotlight - Domain Fronting.pdf
|
|
|
|
|
2021-11-15 - Emotet malware is back and rebuilding its botnet via TrickBot.pdf
|
|
|
|
|
2021-11-15 - Evasive maneuvers- HTML smuggling explained.pdf
|
|
|
|
|
2021-11-15 - Exchange Exploit Leads to Domain Wide Ransomware.pdf
|
|
|
|
|
2021-11-15 - Fake Ransomware Infection Spooks Website Owners.pdf
|
|
|
|
|
2021-11-15 - Finding Beacons in the Dark - A Guide to CTI (X).pdf
|
|
|
|
|
2021-11-15 - Groups Target Alibaba ECS Instances for Cryptojacking.pdf
|
|
|
|
|
2021-11-15 - Guess who’s back.pdf
|
|
|
|
|
2021-11-15 - How cryptomixers allow cybercriminals to clean their ransoms.pdf
|
|
|
|
|
2021-11-15 - Infect If Needed - A Deeper Dive Into Targeted Backdoor macOS.Macma.pdf
|
|
|
|
|
2021-11-15 - ProxyShell, QBot, and Conti Ransomware Combined in a Series of Cyberattacks.pdf
|
|
|
|
|
2021-11-15 - Uncovering MosesStaff techniques- Ideology over Money.pdf
|
|
|
|
|
2021-11-16 - Attackers use domain fronting technique to target Myanmar with Cobalt Strike.pdf
|
|
|
|
|
2021-11-16 - Comeback of Emotet.pdf
|
|
|
|
|
2021-11-16 - Emotet Returns.pdf
|
|
|
|
|
2021-11-16 - Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021.pdf
|
|
|
|
|
2021-11-16 - Excel 4 macro code obfuscation.pdf
|
|
|
|
|
2021-11-16 - Global Operations Lead to Arrests of Alleged Members of GandCrab-REvil and Cl0p Cartels.pdf
|
|
|
|
|
2021-11-16 - Hands-On Muhstik Botnet- crypto-mining attacks targeting Kubernetes.pdf
|
|
|
|
|
2021-11-16 - How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware.pdf
|
|
|
|
|
2021-11-16 - New Type of Supply Chain Attack Could Put Popular Admin Tools at Risk.pdf
|
|
|
|
|
2021-11-16 - Office Documents- May the XLL technique change the threat Landscape in 2022-.pdf
|
|
|
|
|
2021-11-16 - RAMP Ransomware’s Apparent Overture to Chinese Threat Actors.pdf
|
|
|
|
|
2021-11-16 - Return of Emotet malware.pdf
|
|
|
|
|
2021-11-16 - Strategic web compromises in the Middle East with a pinch of Candiru.pdf
|
|
|
|
|
2021-11-16 - Taking Action Against Hackers in Pakistan and Syria.pdf
|
|
|
|
|
2021-11-16 - TrickBot helps Emotet come back from the dead.pdf
|
|
|
|
|
2021-11-16 - UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests.pdf
|
|
|
|
|
2021-11-16 - Vulnerability Intelligence- What’s the Word in Dark Web Forums-.pdf
|
|
|
|
|
2021-11-16 - ‘Ghostwriter’ Looks Like a Purely Russian Op - Except It's Not.pdf
|
|
|
|
|
2021-11-17 - An in-depth look at hacking back, active defense, and cyber letters of marque.pdf
|
|
|
|
|
2021-11-17 - Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR.pdf
|
|
|
|
|
2021-11-17 - Astaroth- Banking Trojan.pdf
|
|
|
|
|
2021-11-17 - BrazKing Android Malware Upgraded and Targeting Brazilian Banks.pdf
|
|
|
|
|
2021-11-17 - Cobalt Strike- Decrypting Obfuscated Traffic – Part 4.pdf
|
|
|
|
|
2021-11-17 - Creating your first Microsoft Sentinel Notebook.pdf
|
|
|
|
|
2021-11-17 - DNS Over HTTPS for Cobalt Strike.pdf
|
|
|
|
|
2021-11-17 - Evil Corp- 'My hunt for the world's most wanted hackers'.pdf
|
|
|
|
|
2021-11-17 - GitHub - cube0x0 - SharpMapExec.pdf
|
|
|
|
|
2021-11-17 - ProxyNoShell- A Change in Tactics Exploiting ProxyShell Vulnerabilities.pdf
|
|
|
|
|
2021-11-17 - Ransomware (R)evolution Plagues Organizations, But CrowdStrike Protection Never Wavers.pdf
|
|
|
|
|
2021-11-17 - Sorveglianza- l’azienda italiana che vuole sfidare i colossi NSO e Palantir.pdf
|
|
|
|
|
2021-11-18 - APT41 Perfects Code Signing Abuse to Escalate Supply Chain Attacks.pdf
|
|
|
|
|
2021-11-18 - BlackMatter, LockBit, and THOR.pdf
|
|
|
|
|
2021-11-18 - Conti Ransomware Group In-Depth Analysis.pdf
|
|
|
|
|
2021-11-18 - Conti Ransomware Nets at Least $25.5 Million in Four Months.pdf
|
|
|
|
|
2021-11-18 - Conti Ransomware.pdf
|
|
|
|
|
2021-11-18 - Emotet Activity Identified.pdf
|
|
|
|
|
2021-11-18 - Intelligence Insights- November 2021.pdf
|
|
|
|
|
2021-11-18 - Introducing Mandiant's Digital Forensics and Incident Response Framework for Embedded OT Systems.pdf
|
|
|
|
|
2021-11-18 - Iranian targeting of IT sector on the rise.pdf
|
|
|
|
|
2021-11-18 - Linux malware agent hits eCommerce sites.pdf
|
|
|
|
|
2021-11-18 - Netskope Threat Coverage- The Return of Emotet.pdf
|
|
|
|
|
2021-11-18 - New ransomware actor uses password protected archives to bypass encryption protection.pdf
|
|
|
|
|
2021-11-18 - New ransomware actor uses password-protected archives to bypass encryption protection.pdf
|
|
|
|
|
2021-11-18 - The Art of PerSwaysion Investigation of a Long-Lived Phishing Kit.pdf
|
|
|
|
|
2021-11-18 - The awakening- Group-IB uncovers new corporate espionage attacks by RedCurl.pdf
|
|
|
|
|
2021-11-18 - The Pitfall of Threat Intelligence Whitelisting- Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service.pdf
|
|
|
|
|
2021-11-18 - Threat Thursday- DanaBot’s Evolution from Bank Fraud to DDos Attacks.pdf
|
|
|
|
|
2021-11-18 - Treasury Sanctions Iran Cyber Actors for Attempting to Influence the 2020 U.S. Presidential Election.pdf
|
|
|
|
|
2021-11-18 - Triple Threat- North Korea-Aligned TA406 Scams, Spies, and Steals.pdf
|
|
|
|
|
2021-11-18 - Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 U.S. Presidential Election ( Seyyed Mohammad Hosein Musa Kazemi & Sajjad Kashian ).pdf
|
|
|
|
|
2021-11-19 - Im Rätsel um gruselige Spionage-Software führt die Spur über Wirecard in den Kreml.pdf
|
|
|
|
|
2021-11-19 - Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict-.pdf
|
|
|
|
|
2021-11-19 - It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack.pdf
|
|
|
|
|
2021-11-19 - It’s a BEE! It’s a… no, it’s ShadowPad..pdf
|
|
|
|
|
2021-11-19 - La Botnet de EMOTET reinicia ataques en Chile y LATAM.pdf
|
|
|
|
|
2021-11-19 - Malware Emotet resumes its activities for the first time in 10 months, and Japan is also the target of the attack.pdf
|
|
|
|
|
2021-11-19 - Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains.pdf
|
|
|
|
|
2021-11-19 - The New Threat- Mallox Ransomware.pdf
|
|
|
|
|
2021-11-20 - Corporate Loader -Emotet-- History of -X- Project Return for Ransomware.pdf
|
|
|
|
|
2021-11-21 - Dridex Trojan - Defeating Anti-Analysis - Strings Decryption - C&C Extraction.pdf
|
|
|
|
|
2021-11-22 - Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part1].pdf
|
|
|
|
|
2021-11-22 - Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part2].pdf
|
|
|
|
|
2021-11-23 - A Long List Of Arkei Stealer's Crypto Browser Wallets.pdf
|
|
|
|
|
2021-11-23 - Android APT spyware, targeting Middle East victims, enhances evasiveness.pdf
|
|
|
|
|
2021-11-23 - Babadeda Crypter targeting crypto, NFT, and DeFi communities.pdf
|
|
|
|
|
2021-11-23 - BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors.pdf
|
|
|
|
|
2021-11-23 - HANCITOR- Analysing The Malicious Document.pdf
|
|
|
|
|
2021-11-23 - Mummy Spider’s Emotet Malware is Back After a Year Hiatus; Wizard Spider’s TrickBot Observed in Its Return.pdf
|
|
|
|
|
2021-11-23 - RATDispenser- Stealthy JavaScript Loader Dispensing RATs into the Wild.pdf
|
|
|
|
|
2021-11-24 - CronRAT malware hides behind February 31st.pdf
|
|
|
|
|
2021-11-24 - From the archive #1- OSTap downloader deobfuscation and analysis.pdf
|
|
|
|
|
2021-11-24 - From the archive 1- OSTap downloader deobfuscation and analysis.pdf
|
|
|
|
|
2021-11-24 - New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability to Spy on Farsi Speakers.pdf
|
|
|
|
|
2021-11-25 - A Deep Dive Into SoWaT- APT31’s Multifunctional Router Implant.pdf
|
|
|
|
|
2021-11-25 - Emotet de retour, POC Exchange, 0-day Windows - à quelle sauce les attaquants prévoient de nous manger cette semaine-.pdf
|
|
|
|
|
2021-11-27 - Halos Gate Evolves - Tartarus Gate.pdf
|
|
|
|
|
2021-11-29 - Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites.pdf
|
|
|
|
|
2021-11-29 - CONTInuing the Bazar Ransomware Story.pdf
|
|
|
|
|
2021-11-29 - Kitten.gif- Meet the Sabbath Ransomware Affiliate Program, Again.pdf
|
|
|
|
|
2021-11-29 - Nowhere to Hide- Detecting SILENT CHOLLIMA’s Custom Tooling.pdf
|
|
|
|
|
2021-11-29 - Pysa Ransomware Under the Lens- A Deep-Dive Analysis.pdf
|
|
|
|
|
2021-11-29 - ScarCruft surveilling North Korean defectors and human rights activists.pdf
|
|
|
|
|
2021-11-29 - Unpatched Exchange Servers distribute Phishing Links (SquirrelWaffle).pdf
|
|
|
|
|
2021-11-29 - WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019.pdf
|
|
|
|
|
2021-11-30 - Cyberspace's Magic Eye- PROMETHIUM Fakes attack activity analysis of NotePads and installation packages.pdf
|
|
|
|
|
2021-11-30 - Is -KAX17- performing de-anonymization Attacks against Tor Users-.pdf
|
|
|
|
|
2021-11-30 - Just another analysis of the njRAT malware – A step-by-step approach.pdf
|
|
|
|
|
2021-11-30 - ProxyShell exploitation leads to BlackByte ransomware.pdf
|
|
|
|
|
2021-11-30 - The Re-Emergence of Emotet.pdf
|
|
|
|
|
2021-11-30 - Yanluowang ransomware operation matures with experienced affiliates.pdf
|
|
|
|
|
2021-11-30 - Yanluowang- Further Insights on New Ransomware Threat.pdf
|
|
|
|
|
2021-12-01 - Analyzing How TeamTNT Used Compromised Docker Hub Accounts.pdf
|
|
|
|
|
2021-12-01 - BlackCat Ransomware.pdf
|
|
|
|
|
2021-12-01 - BlackTech, an East Asian hacking group, has launched attacks in sectors such as finance and education.pdf
|
|
|
|
|
2021-12-01 - Injection is the New Black- Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors.pdf
|
|
|
|
|
2021-12-01 - Ransomware Spotlight- Conti.pdf
|
|
|
|
|
2021-12-01 - Smishing Botnets Going Viral in Iran.pdf
|
|
|
|
|
2021-12-01 - Toss a Coin to your Helper (Part 2 of 2).pdf
|
|
|
|
|
2021-12-01 - Tracking a P2P network related to TA505.pdf
|
|
|
|
|
2021-12-02 - ABC Botnet Attacks on the Rise.pdf
|
|
|
|
|
2021-12-02 - Alert (AA21-336A)- APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus.pdf
|
|
|
|
|
2021-12-02 - APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus.pdf
|
|
|
|
|
2021-12-02 - Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension.pdf
|
|
|
|
|
2021-12-02 - Revix Linux Ransomware.pdf
|
|
|
|
|
2021-12-02 - SideCopy APT- Connecting lures to victims, payloads to infrastructure.pdf
|
|
|
|
|
2021-12-02 - Spreading AgentTesla through more sophisticated malicious PPT.pdf
|
|
|
|
|
2021-12-02 - Structured threat hunting- One way Microsoft Threat Experts prioritizes customer defense.pdf
|
|
|
|
|
2021-12-02 - TAG Bulletin- Q4 2021.pdf
|
|
|
|
|
2021-12-03 - Hive Demo and IoCs.pdf
|
|
|
|
|
2021-12-03 - Mobile banking fraud- BRATA strikes again.pdf
|
|
|
|
|
2021-12-03 - TA551 (Shathak) pushes IcedID (Bokbot).pdf
|
|
|
|
|
2021-12-03 - TrickBot Leverages Zoom Work from Home Interview Malspam, Heaven’s Gate and… Spamhaus-.pdf
|
|
|
|
|
2021-12-03 - Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify.pdf
|
|
|
|
|
2021-12-03 - Who Is the Network Access Broker ‘Babam’-.pdf
|
|
|
|
|
2021-12-04 - Malicious KMSPico installers steal your cryptocurrency wallets.pdf
|
|
|
|
|
2021-12-04 - Pivoting through malicious infrastructure- from ZoomPortable to Windscribe.pdf
|
|
|
|
|
2021-12-06 - AGENT TESLAGGAH.pdf
|
|
|
|
|
2021-12-06 - APT37 Using a New Android Spyware, Chinotto.pdf
|
|
|
|
|
2021-12-06 - Attack Lifecycle Detection of an Operational Technology Breach.pdf
|
|
|
|
|
2021-12-06 - Complaint filed by Microsoft against NICKEL-APT15.pdf
|
|
|
|
|
2021-12-06 - Magecart Groups Abuse Google Tag Manager.pdf
|
|
|
|
|
2021-12-06 - Mirai-based Botnet - Moobot Targets Hikvision Vulnerability.pdf
|
|
|
|
|
2021-12-06 - NICKEL targeting government organizations across Latin America and Europe.pdf
|
|
|
|
|
2021-12-06 - Phishing campaigns by the Nobelium intrusion set.pdf
|
|
|
|
|
2021-12-06 - Protecting people from recent cyberattacks.pdf
|
|
|
|
|
2021-12-06 - Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452).pdf
|
|
|
|
|
2021-12-07 - Critical Hit- How DoppelPaymer Hunts and Kills Windows Processes.pdf
|
|
|
|
|
2021-12-07 - Disrupting the Glupteba operation.pdf
|
|
|
|
|
2021-12-07 - Emotet now drops Cobalt Strike, fast forwards ransomware attacks.pdf
|
|
|
|
|
2021-12-07 - Exploit, steganography and Delphi- unpacking DBatLoader.pdf
|
|
|
|
|
2021-12-07 - FIN13- A Cybercriminal Threat Actor Focused on Mexico.pdf
|
|
|
|
|
2021-12-07 - New action to combat cyber crime.pdf
|
|
|
|
|
2021-12-07 - Revix Linux Ransomware.pdf
|
|
|
|
|
2021-12-07 - Threat news- TeamTNT stealing credentials using EC2 Instance Metadata.pdf
|
|
|
|
|
2021-12-07 - University Targeted Credential Phishing Campaigns Use COVID-19, Omicron Themes.pdf
|
|
|
|
|
2021-12-07 - XE Group – Exposed- 8 Years of Hacking & Card Skimming for Profit.pdf
|
|
|
|
|
2021-12-08 - Chasing Shadows- A deep dive into the latest obfuscation methods being used by ShadowPad.pdf
|
|
|
|
|
2021-12-08 - Collector-stealer- a Russian origin credential and information extractor.pdf
|
|
|
|
|
2021-12-08 - Full malware analysis Work-Flow of AgentTesla Malware.pdf
|
|
|
|
|
2021-12-08 - The double extortion business- Conti Ransomware Gang finds new avenues of negotiation.pdf
|
|
|
|
|
2021-12-08 - When old friends meet again- why Emotet chose Trickbot for rebirth.pdf
|
|
|
|
|
2021-12-09 - A closer look at Qakbot’s latest building blocks (and how to knock them down).pdf
|
|
|
|
|
2021-12-09 - A new StrongPity variant hides behind Notepad installation.pdf
|
|
|
|
|
2021-12-09 - A new StrongPity variant hides behind Notepad++ installation.pdf
|
|
|
|
|
2021-12-09 - Emotet’s Return- What’s Different-.pdf
|
|
|
|
|
2021-12-09 - Inside the Hive- Deep dive into Hive RaaS, analysis of latest samples.pdf
|
|
|
|
|
2021-12-09 - The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs.pdf
|
|
|
|
|
2021-12-10 - BlackCatConf - Static Configuration Extractor for BlackCat Ransomware.pdf
|
|
|
|
|
2021-12-10 - Karakurt rises from its lair.pdf
|
|
|
|
|
2021-12-10 - Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228).pdf
|
|
|
|
|
2021-12-10 - New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes.pdf
|
|
|
|
|
2021-12-11 - Apache Log4j Zero-Day Being Exploited in the Wild.pdf
|
|
|
|
|
2021-12-11 - Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability.pdf
|
|
|
|
|
2021-12-12 - Log4Shell Hell- anatomy of an exploit outbreak.pdf
|
|
|
|
|
2021-12-12 - Log4Shell- Reconnaissance and post exploitation network detection.pdf
|
|
|
|
|
2021-12-12 - More Flagpro, More Problems.pdf
|
|
|
|
|
2021-12-13 - A Look Into Purple Fox’s Server Infrastructure.pdf
|
|
|
|
|
2021-12-13 - Analysis of Initial In The Wild Attacks Exploiting Log4Shell-Log4J-CVE-2021-44228.pdf
|
|
|
|
|
2021-12-13 - Diavol Ransomware.pdf
|
|
|
|
|
2021-12-13 - Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits.pdf
|
|
|
|
|
2021-12-13 - Return of Emotet- Malware Analysis.pdf
|
|
|
|
|
2021-12-14 - Analysis of Novel Khonsari Ransomware Deployed by the Log4Shell Vulnerability.pdf
|
|
|
|
|
2021-12-14 - Azure Run Command for Dummies.pdf
|
|
|
|
|
2021-12-14 - Collecting In the Dark- Tropic Trooper Targets Transportation and Government.pdf
|
|
|
|
|
2021-12-14 - Cuba Ransomware Analysis.pdf
|
|
|
|
|
2021-12-14 - DarkWatchman- A new evolution in fileless techniques.pdf
|
|
|
|
|
2021-12-14 - Espionage Campaign Targets Telecoms Organizations across Middle East and Asia.pdf
|
|
|
|
|
2021-12-14 - Full Spectrum Detections for 5 Popular Web Shells- Alfa, SharPyShell, Krypton, ASPXSpy, and TWOFACE.pdf
|
|
|
|
|
2021-12-14 - Network Security Monitoring Opportunities and Best Practices for Log4j Defense.pdf
|
|
|
|
|
2021-12-14 - Neutralizing Apache Log4j Exploits with Identity-Based Segmentation.pdf
|
|
|
|
|
2021-12-14 - Owowa- the add-on that turns your OWA into a credential stealer and remote access panel.pdf
|
|
|
|
|
2021-12-15 - Log4Shell Initial Exploitation and Mitigation Recommendations.pdf
|
|
|
|
|
2021-12-15 - Nation State Threat Group Targets Airline with Aclip Backdoor.pdf
|
|
|
|
|
2021-12-15 - No Unaccompanied Miners- Supply Chain Compromises Through Node.js Packages (UNC3379).pdf
|
|
|
|
|
2021-12-15 - The dirty dozen of Latin America- From Amavaldo to Zumanek.pdf
|
|
|
|
|
2021-12-15 - ThreatLabz analysis - Log4Shell CVE-2021-44228 Exploit Attempts.pdf
|
|
|
|
|
2021-12-15 - Tracking Malicious Glupteba Activity Through the Blockchain.pdf
|
|
|
|
|
2021-12-16 - Avast Finds Backdoor on US Government Commission Network.pdf
|
|
|
|
|
2021-12-16 - Global outbreak of Log4Shell.pdf
|
|
|
|
|
2021-12-16 - How the -Contact Forms- campaign tricks people.pdf
|
|
|
|
|
2021-12-16 - Inside the LockBit Arsenal - The StealBit Exfiltration Tool.pdf
|
|
|
|
|
2021-12-16 - Intelligence Insights- December 2021.pdf
|
|
|
|
|
2021-12-16 - Noberus- Technical Analysis Shows Sophistication of New Rust-based Ransomware.pdf
|
|
|
|
|
2021-12-16 - Pegasus vs. Predator- Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware.pdf
|
|
|
|
|
2021-12-16 - Phorpiex botnet is back with a new Twizt- Hijacking Hundreds of crypto transactions.pdf
|
|
|
|
|
2021-12-16 - PseudoManuscrypt- a mass-scale spyware attack campaign.pdf
|
|
|
|
|
2021-12-16 - Threat Thursday- Warzone RAT Breeds a Litter of ScriptKiddies.pdf
|
|
|
|
|
2021-12-16 - Winnti is Coming - Evolution after Prosecution.pdf
|
|
|
|
|
2021-12-17 - Diavol Ransomware.pdf
|
|
|
|
|
2021-12-17 - Inside the code- How the Log4Shell exploit works.pdf
|
|
|
|
|
2021-12-17 - noPac- A Tale of Two Vulnerabilities That Could End in Ransomware.pdf
|
|
|
|
|
2021-12-17 - Ransomware Advisory- Log4Shell Exploitation for Initial Access & Lateral Movement.pdf
|
|
|
|
|
2021-12-17 - Serverless InfoStealer delivered in Est European Countries.pdf
|
|
|
|
|
2021-12-17 - Staging a Quack- Reverse Analyzing a Fileless QAKBOT Stager.pdf
|
|
|
|
|
2021-12-17 - Wir enthüllen den Staatstrojaner „Subzero“ aus Österreich.pdf
|
|
|
|
|
2021-12-19 - Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware.pdf
|
|
|
|
|
2021-12-20 - (Don't) Bring Dridex Home for the Holidays.pdf
|
|
|
|
|
2021-12-20 - Detecting anomalous network traffic resulting from a successful Log4j attack.pdf
|
|
|
|
|
2021-12-20 - Log4j vulnerability now used to install Dridex banking malware.pdf
|
|
|
|
|
2021-12-20 - Logjam- Log4j exploit attempts continue in globally distributed scans, attacks.pdf
|
|
|
|
|
2021-12-20 - PowerPoint attachments, Agent Tesla and code reuse in malware.pdf
|
|
|
|
|
2021-12-20 - Ransomware Spotlight- REvil.pdf
|
|
|
|
|
2021-12-20 - STOP-DJVU Ransomware IOC List.pdf
|
|
|
|
|
2021-12-21 - Attackers test “CAB-less 40444” exploit in a dry run.pdf
|
|
|
|
|
2021-12-21 - China’s Narrative War on Democracy.pdf
|
|
|
|
|
2021-12-21 - Ready-made fraud Behind the scenes of targeted scams.pdf
|
|
|
|
|
2021-12-21 - The Continued Evolution of Abcbot.pdf
|
|
|
|
|
2021-12-21 - The Log Keeps Rolling On- Evaluating Log4j Developments and Defensive Requirements.pdf
|
|
|
|
|
2021-12-22 - Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities.pdf
|
|
|
|
|
2021-12-22 - APT Tracking Analytics- Transparent Tribe Attack Activity.pdf
|
|
|
|
|
2021-12-22 - Avos Locker remotely accesses boxes, even running in Safe Mode.pdf
|
|
|
|
|
2021-12-22 - CrowdStrike Launches Free Targeted Log4j Search Tool.pdf
|
|
|
|
|
2021-12-22 - Emotet 2.0- Everything you need to know about the new Variant of the Banking Trojan.pdf
|
|
|
|
|
2021-12-22 - Establishing the TigerRAT and TigerDownloader Malware Families.pdf
|
|
|
|
|
2021-12-22 - Stopping a DreamBus Botnet Attack with Aqua’s CNDR.pdf
|
|
|
|
|
2021-12-22 - The ‘STOP’ Ransomware Variant.pdf
|
|
|
|
|
2021-12-23 - COVID-19 Phishing Lure to Steal and Mine Cryptocurrency.pdf
|
|
|
|
|
2021-12-23 - Cyber Threat Profile MALTEIRO.pdf
|
|
|
|
|
2021-12-23 - Elastic Security uncovers BLISTER malware campaign.pdf
|
|
|
|
|
2021-12-23 - Hacker gains access to Hewlett-Packard 9000 EPYC server hardware to mine the cryptocurrency Raptoreum using Java exploit.pdf
|
|
|
|
|
2021-12-23 - Log4j Vulnerabilities- Attack Insights.pdf
|
|
|
|
|
2021-12-23 - New Rook Ransomware Feeds Off the Code of Babuk.pdf
|
|
|
|
|
2021-12-23 - Snip3, an investigation into malware.pdf
|
|
|
|
|
2021-12-23 - Threat Report- Echelon Malware Detected in Mobile Chat Forums.pdf
|
|
|
|
|
2021-12-27 - A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard.pdf
|
|
|
|
|
2021-12-28 - APT Attack Cases of Kimsuky Group (PebbleDash).pdf
|
|
|
|
|
2021-12-28 - Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons.pdf
|
|
|
|
|
2021-12-28 - Cases of Lockis ransomware infection.pdf
|
|
|
|
|
2021-12-28 - CrowdStrike Strengthens Exploit Protection Using Intel CPU Telemetry.pdf
|
|
|
|
|
2021-12-28 - Extracting Hancitor’s Configuration with Ghidra part 1.pdf
|
|
|
|
|
2021-12-28 - Flagpro- The new malware used by BlackTech.pdf
|
|
|
|
|
2021-12-28 - Iranian hackers behind Cox Media Group ransomware attack (DEV-0270).pdf
|
|
|
|
|
2021-12-28 - The attack on ONUS – A real-life case of the Log4Shell vulnerability.pdf
|
|
|
|
|
2021-12-28 - The hacker-for-hire industry is now too big to fail.pdf
|
|
|
|
|
2021-12-29 - AsyncRAT Configuration Parser.pdf
|
|
|
|
|
2021-12-29 - Cobalt Strike DFIR- Listening to the Pipes.pdf
|
|
|
|
|
2021-12-29 - Japan aerospace cyberattacks show link to Chinese military- police (PLA Unit 61419).pdf
|
|
|
|
|
2021-12-29 - OverWatch Exposes AQUATIC PANDA in Possession of Log4Shell Exploit Tools During Hands-on Intrusion Attempt.pdf
|
|
|
|
|
2021-12-29 - Strategically Aged Domain Detection- Capture APT Attacks With DNS Traffic Trends.pdf
|
|
|
|
|
2021-12-29 - Threat Alert- Evolving Attack Techniques of Autom Cryptomining Campaign.pdf
|
|
|
|
|
2021-12-30 - Agent Tesla Updates SMTP Data Exfiltration Technique.pdf
|
|
|
|
|
2021-12-30 - Lights Out in Isfahan.pdf
|
|
|
|
|
2021-12-30 - Technical Analysis of Khonsari Ransomware Campaign Exploiting the Log4Shell Vulnerability.pdf
|
|
|
|
|
2021-12-30 - Vice Society- Ransomware Gang Disrupted Spar Stores.pdf
|
|
|
|
|
2021-12-31 - Compromised Godaddy Infrastructure Attacking Numerous U.S. Government Websites to Promote “Canadian Pharmacy” Scam Websites.pdf
|
|
|
|
|
2021-12-31 - Do you want your Agent Tesla in the 300 MB or 8 kB package-.pdf
|
|
|
|
|
2021-12-31 - HANCITOR- Analysing The Main Loader.pdf
|
|
|
|
|
2021-12-31 - IKO activation - Malware campaign.pdf
|
|
|
|
