|
Up
|
|
|
|
|
2022-01-01 - Analyzing an IcedID Loader Document.pdf
|
|
|
|
|
2022-01-01 - Brute Ratel.pdf
|
|
|
|
|
2022-01-02 - -Cracking Open the Malware Piñata- Series- Intro to Dynamic Analysis with RedLineStealer.pdf
|
|
|
|
|
2022-01-02 - Analyzing a Magnitude EK Appx Package Dropping Magniber.pdf
|
|
|
|
|
2022-01-02 - Cracking Open the Malware Piñata- Series- Intro to Dynamic Analysis with RedLineStealer.pdf
|
|
|
|
|
2022-01-02 - Malicious CSV text files used to install BazarBackdoor malware.pdf
|
|
|
|
|
2022-01-02 - MMON (aka KAPTOXA).pdf
|
|
|
|
|
2022-01-02 - SBIDIOT IoT Malware- miner edition.pdf
|
|
|
|
|
2022-01-02 - White Rabbit Ransomware and the F5 Backdoor.pdf
|
|
|
|
|
2022-01-03 - A Tale of Two Dropper Scripts for Agent Tesla.pdf
|
|
|
|
|
2022-01-03 - Distribution of Redline Stealer Disguised as Software Crack.pdf
|
|
|
|
|
2022-01-03 - Malicious Telegram Installer Drops Purple Fox Rootkit.pdf
|
|
|
|
|
2022-01-04 - Extracting Indicators from a Packed Mirai Sample.pdf
|
|
|
|
|
2022-01-04 - Leveraging the Power of KQL in Incident Response.pdf
|
|
|
|
|
2022-01-04 - Purple Fox malware is actively distributed via Telegram Installers.pdf
|
|
|
|
|
2022-01-05 - Analysis Report on Kimsuky Group’s APT Attacks (AppleSeed, PebbleDash).pdf
|
|
|
|
|
2022-01-05 - Can You Trust a File’s Digital Signature- New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk.pdf
|
|
|
|
|
2022-01-05 - Elephant Beetle- Uncovering an Organized Financial-Theft Operation.pdf
|
|
|
|
|
2022-01-05 - Malware Analysis Spotlight- Kuzuluy Phishing Kit.pdf
|
|
|
|
|
2022-01-05 - New Konni Campaign Kicks Off the New Year by Targeting Russian Ministry of Foreign Affairs.pdf
|
|
|
|
|
2022-01-05 - SIDECOPY APT- From Windows to nix.pdf
|
|
|
|
|
2022-01-05 - Technical Analysis of CVE-2021-1732.pdf
|
|
|
|
|
2022-01-05 - Threat Intelligence Report- The Evolution of Doppel Spider from BitPaymer to Grief Ransomware.pdf
|
|
|
|
|
2022-01-06 - A “GULP” of PlugX.pdf
|
|
|
|
|
2022-01-06 - Malware Analysis Spotlight- XLoader’ Cross-platform Support Utilizing XBinder.pdf
|
|
|
|
|
2022-01-06 - Night Sky is the latest ransomware targeting corporate networks.pdf
|
|
|
|
|
2022-01-06 - NOBELIUM’s EnvyScout infection chain goes in the registry, targeting embassies.pdf
|
|
|
|
|
2022-01-06 - Rook Ransomware Analysis.pdf
|
|
|
|
|
2022-01-06 - Unpacking Emotet malware part 01.pdf
|
|
|
|
|
2022-01-07 - Patchwork APT caught in its own web.pdf
|
|
|
|
|
2022-01-07 - Technical Analysis of Code-Signed Blister Malware Campaign Part 1.pdf
|
|
|
|
|
2022-01-07 - Technical Analysis of Code-Signed “Blister” Malware Campaign (Part 1).pdf
|
|
|
|
|
2022-01-07 - Unpacking CVE-2021-40444- A Deep Technical Analysis of an Office RCE Exploit.pdf
|
|
|
|
|
2022-01-07 - Unpacking Emotet malware part 02.pdf
|
|
|
|
|
2022-01-08 - Trojanized dnSpy app drops malware cocktail on researchers, devs.pdf
|
|
|
|
|
2022-01-08 - Unpacking Hancitor malware.pdf
|
|
|
|
|
2022-01-09 - Inspecting a PowerShell Cobalt Strike Beacon.pdf
|
|
|
|
|
2022-01-09 - Malware Headliners- Dridex.pdf
|
|
|
|
|
2022-01-09 - Observed malicious IOCs for the ChromeLoader-CS_installer aka Choziosi Loader Malware.pdf
|
|
|
|
|
2022-01-09 - Unpacking Vmprotect packer.pdf
|
|
|
|
|
2022-01-10 - Abcbot - An Evolution of Xanthe.pdf
|
|
|
|
|
2022-01-10 - COVID Omicron Variant Lure Used to Distribute RedLine Stealer.pdf
|
|
|
|
|
2022-01-10 - Detecting Malware Script Loaders using Remcos- Threat Research Release December 2021.pdf
|
|
|
|
|
2022-01-10 - TokyoX- DLL side-loading an unknown artifact.pdf
|
|
|
|
|
2022-01-11 - APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit.pdf
|
|
|
|
|
2022-01-11 - New SysJoker Backdoor Targets Windows, Linux, and macOS.pdf
|
|
|
|
|
2022-01-11 - New SysJoker backdoor targets Windows, macOS, and Linux.pdf
|
|
|
|
|
2022-01-11 - Reimplementation of Expiro's DGA.pdf
|
|
|
|
|
2022-01-11 - Signed DLL campaigns as a service.pdf
|
|
|
|
|
2022-01-11 - Signed kernel drivers – Unguarded gateway to Windows’ core.pdf
|
|
|
|
|
2022-01-11 - TellYouThePass Ransomware Analysis Reveals a Modern Reinterpretation Using Golang.pdf
|
|
|
|
|
2022-01-11 - Threat Analysis Report- DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike.pdf
|
|
|
|
|
2022-01-11 - Unpacking Dridex malware.pdf
|
|
|
|
|
2022-01-12 - 2021 Gorgon Group APT Operation.pdf
|
|
|
|
|
2022-01-12 - Abusing Microsoft Office Using Malicious Web Archive Files.pdf
|
|
|
|
|
2022-01-12 - Analysis of njRAT PowerPoint Macros.pdf
|
|
|
|
|
2022-01-12 - Deep analysis agent tesla malware.pdf
|
|
|
|
|
2022-01-12 - Exploit Kits vs. Google Chrome.pdf
|
|
|
|
|
2022-01-12 - Forensics Analysis of the NSO Group’s Pegasus Spyware.pdf
|
|
|
|
|
2022-01-12 - Hackers take over diplomat's email, target Russian deputy minister.pdf
|
|
|
|
|
2022-01-12 - Iranian intel cyber suite of malware uses open source tools.pdf
|
|
|
|
|
2022-01-12 - Magniber Ransomware Being Distributed via Microsoft Edge and Google Chrome.pdf
|
|
|
|
|
2022-01-12 - Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure.pdf
|
|
|
|
|
2022-01-12 - Newly Found Malware Threatens IoT Devices.pdf
|
|
|
|
|
2022-01-12 - NightSky Ransomware – just a Rook RW fork in VMProtect suit.pdf
|
|
|
|
|
2022-01-12 - TokyoX- DLL side-loading an unknown artifact (Part 2).pdf
|
|
|
|
|
2022-01-12 - Unpacking Ramnit malware.pdf
|
|
|
|
|
2022-01-12 - Wading Through Muddy Waters - Recent Activity of an Iranian State-Sponsored Threat Actor.pdf
|
|
|
|
|
2022-01-13 - Decrypting Qakbot’s Encrypted Registry Keys.pdf
|
|
|
|
|
2022-01-13 - FIN7 Uses Flash Drives to Spread Remote Access Trojan.pdf
|
|
|
|
|
2022-01-13 - Linux-Targeted Malware Increases by 35 Percent in 2021- XorDDoS, Mirai and Mozi Most Prevalent.pdf
|
|
|
|
|
2022-01-13 - The BlueNoroff cryptocurrency hunt is still on.pdf
|
|
|
|
|
2022-01-13 - Threat Thursday- Jupyter Infostealer is a Master of Disguise.pdf
|
|
|
|
|
2022-01-13 - Unpacking Remcos malware.pdf
|
|
|
|
|
2022-01-14 - How Attackers Use XLL Malware to Infect Systems.pdf
|
|
|
|
|
2022-01-14 - Multidex trick to unpack Android-BianLian.pdf
|
|
|
|
|
2022-01-14 - Ransom.Win32.WHITERABBIT.YACAET.pdf
|
|
|
|
|
2022-01-14 - Storm in -Safe Haven-- Takeaways from Russian Authorities Takedown of REvil.pdf
|
|
|
|
|
2022-01-15 - BazarLoader - Back from Holiday Break.pdf
|
|
|
|
|
2022-01-15 - Destructive malware targeting Ukrainian organizations (DEV-0586).pdf
|
|
|
|
|
2022-01-15 - Donot Team — Indicators of Compromise.pdf
|
|
|
|
|
2022-01-15 - Malware attacks targeting Ukraine government (DEV-0586).pdf
|
|
|
|
|
2022-01-15 - Malware Headliners- Qakbot.pdf
|
|
|
|
|
2022-01-15 - Threat Advisory- VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401).pdf
|
|
|
|
|
2022-01-16 - Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike.pdf
|
|
|
|
|
2022-01-17 - Android-BianLian payload.pdf
|
|
|
|
|
2022-01-17 - AvosLocker Ransomware Linux Version Targets VMware ESXi Servers.pdf
|
|
|
|
|
2022-01-17 - Emotet's Excel 4.0 Macros Dropping DLLs.pdf
|
|
|
|
|
2022-01-17 - IOCs for Astaroth-Guildma malware infection.pdf
|
|
|
|
|
2022-01-17 - Resources for DFIR Professionals Responding to WhisperGate Malware.pdf
|
|
|
|
|
2022-01-17 - The Chaos Ransomware Can Be Ravaging.pdf
|
|
|
|
|
2022-01-18 - Analysis of Destructive Malware (WhisperGate) targeting Ukraine.pdf
|
|
|
|
|
2022-01-18 - BlackCat Ransomware - Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims.pdf
|
|
|
|
|
2022-01-18 - DoNot Go! Do not respawn!.pdf
|
|
|
|
|
2022-01-18 - Dozens of Computers in Ukraine Wiped with Destructive Malware in Coordinated Attack.pdf
|
|
|
|
|
2022-01-18 - ESET Research investigates Donot Team- Cyberespionage targeting military & governments in South Asia.pdf
|
|
|
|
|
2022-01-18 - Evolved phishing- Device registration trick adds to phishers’ toolbox for victims without MFA.pdf
|
|
|
|
|
2022-01-18 - FORMBOOK Adopts CAB-less Approach.pdf
|
|
|
|
|
2022-01-18 - Info-Stealing Tool Posing As Naver OTP.pdf
|
|
|
|
|
2022-01-18 - New Ransomware Spotted- White Rabbit and Its Evasion Tactics.pdf
|
|
|
|
|
2022-01-18 - SideCopy Arsenal Update- Golang-based Linux stealth tools surface.pdf
|
|
|
|
|
2022-01-19 - 0.0.0.0 in Emotet Spambot Traffic.pdf
|
|
|
|
|
2022-01-19 - Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks.pdf
|
|
|
|
|
2022-01-19 - Collecting Cobalt Strike Beacons with the Elastic Stack.pdf
|
|
|
|
|
2022-01-19 - DDoS IRC Bot Malware (GoLang) Being Distributed via Webhards.pdf
|
|
|
|
|
2022-01-19 - Extracting Cobalt Strike Beacon Configurations.pdf
|
|
|
|
|
2022-01-19 - Kraken the Code on Prometheus.pdf
|
|
|
|
|
2022-01-19 - Malware vaccines can prevent pandemics, yet are rarely used.pdf
|
|
|
|
|
2022-01-19 - Meet the Malware Families Helping Hackers Steal and Mine Millions in Cryptocurrency.pdf
|
|
|
|
|
2022-01-19 - New BHUNT malware targets your crypto wallets and passwords.pdf
|
|
|
|
|
2022-01-19 - One Source to Rule Them All- Chasing AVADDON Ransomware.pdf
|
|
|
|
|
2022-01-19 - Operation Bleeding Bear.pdf
|
|
|
|
|
2022-01-19 - Technical Analysis of the WhisperGate Malicious Bootloader.pdf
|
|
|
|
|
2022-01-19 - WhisperGate.pdf
|
|
|
|
|
2022-01-19 - Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike.pdf
|
|
|
|
|
2022-01-20 - [SANS ISC] RedLine Stealer Delivered Through FTP.pdf
|
|
|
|
|
2022-01-20 - Anticipating and Preparing for Russian Cyber Activity.pdf
|
|
|
|
|
2022-01-20 - Anticipating Cyber Threats as the Ukraine Crisis Escalates.pdf
|
|
|
|
|
2022-01-20 - Buer Loader Analysis, a Rusted malware program.pdf
|
|
|
|
|
2022-01-20 - Deep Dive Into Ragnar_locker Ransomware Gang.pdf
|
|
|
|
|
2022-01-20 - Fallout from Log4Shell-related Vietnamese Cryptocurrency Exchange Attack- KYC Data for Sale on Dark Web.pdf
|
|
|
|
|
2022-01-20 - FBI links Diavol ransomware to the TrickBot cybercrime group.pdf
|
|
|
|
|
2022-01-20 - Fresh Phish- Phishers Lure Victims with Fake Invites to Bid on Nonexistent Federal Projects.pdf
|
|
|
|
|
2022-01-20 - Log4j Exploit Hits Again- Vulnerable VMWare Horizon Servers at Risk.pdf
|
|
|
|
|
2022-01-20 - MoonBounce- the dark side of UEFI firmware.pdf
|
|
|
|
|
2022-01-20 - New espionage attack by Molerats APT targeting users in the Middle East.pdf
|
|
|
|
|
2022-01-20 - New STRRAT RAT Phishing Campaign.pdf
|
|
|
|
|
2022-01-20 - RedLine Stealer Delivered Through FTP.pdf
|
|
|
|
|
2022-01-20 - Return of Pseudo Ransomware.pdf
|
|
|
|
|
2022-01-20 - Threat Brief- Ongoing Russia and Ukraine Cyber Conflict.pdf
|
|
|
|
|
2022-01-20 - Threat Thursday- Purple Fox Rootkit.pdf
|
|
|
|
|
2022-01-20 - Treasury Sanctions Russian-Backed Actors Responsible for Destabilization Activities in Ukraine (Taras Kozak, Oleh Voloshyn, Volodymyr Oliynyk, Vladimir Sivkovich).pdf
|
|
|
|
|
2022-01-20 - Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update.pdf
|
|
|
|
|
2022-01-21 - A deeper UEFI dive into MoonBounce.pdf
|
|
|
|
|
2022-01-21 - Analysis of Xloader’s C2 Network Encryption.pdf
|
|
|
|
|
2022-01-21 - Analyzing an IDA Pro anti-decompilation code.pdf
|
|
|
|
|
2022-01-21 - Better Together- The Power of Managed Cybersecurity Services in the Face of Pressing Global Security Challenges.pdf
|
|
|
|
|
2022-01-21 - Creating a safe dummy C&C to test Android bots.pdf
|
|
|
|
|
2022-01-21 - Deep Analysis Agent Tesla Malware.pdf
|
|
|
|
|
2022-01-21 - Disruptive Attacks in Ukraine Likely Linked to Escalating Tensions.pdf
|
|
|
|
|
2022-01-21 - Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware.pdf
|
|
|
|
|
2022-01-21 - Hackers Were in Ukraine Systems Months Before Deploying Wiper.pdf
|
|
|
|
|
2022-01-21 - Ukraine Campaign Delivers Defacement and Wipers, in Continued Escalation.pdf
|
|
|
|
|
2022-01-21 - WhisperGate Malware.pdf
|
|
|
|
|
2022-01-21 - WhisperGate- Not NotPetya.pdf
|
|
|
|
|
2022-01-22 - Analysis of the Cyberattack on Ukrainian Government Resources.pdf
|
|
|
|
|
2022-01-22 - BazarISO Analysis - Loading with Advpack.dll.pdf
|
|
|
|
|
2022-01-22 - Malware Headliners- Emotet.pdf
|
|
|
|
|
2022-01-23 - [QuickNote] Emotet epoch4 & epoch5 tactics.pdf
|
|
|
|
|
2022-01-23 - Analysis of a DLL Downloader.pdf
|
|
|
|
|
2022-01-23 - HCrypt Injecting BitRAT using PowerShell, HTAs, and .NET.pdf
|
|
|
|
|
2022-01-24 - Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant.pdf
|
|
|
|
|
2022-01-24 - Cobalt Strike, a Defender’s Guide – Part 2.pdf
|
|
|
|
|
2022-01-24 - Deep Dive into Trickbot's Web Injection.pdf
|
|
|
|
|
2022-01-24 - DTPacker – a .NET Packer with a Curious Password.pdf
|
|
|
|
|
2022-01-24 - How BRATA is monitoring your bank account.pdf
|
|
|
|
|
2022-01-24 - Infected PowerPoint Files Using Cloud Services to Deliver Multiple Malware.pdf
|
|
|
|
|
2022-01-24 - Intelligence Insights- January 2022.pdf
|
|
|
|
|
2022-01-24 - Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal.pdf
|
|
|
|
|
2022-01-24 - Log4Shell- No Mass Abuse, But No Respite, What Happened-.pdf
|
|
|
|
|
2022-01-24 - New TransparenTribe Operation- Targeting India with weaponized COVID-19 lure documents.pdf
|
|
|
|
|
2022-01-24 - Scammers are creating new fraudulent Crypto Tokens and misconfiguring smart contract’s to steal funds.pdf
|
|
|
|
|
2022-01-24 - TrickBot Bolsters Layered Defenses to Prevent Injection Research.pdf
|
|
|
|
|
2022-01-24 - Web Skimming Attacks Using Google Tag Manager.pdf
|
|
|
|
|
2022-01-25 - An Exhaustively Analyzed IDB for ComLook.pdf
|
|
|
|
|
2022-01-25 - Analyzing OSX.DazzleSpy.pdf
|
|
|
|
|
2022-01-25 - BianLian C&C domain name.pdf
|
|
|
|
|
2022-01-25 - Chasing Chaes Kill Chain.pdf
|
|
|
|
|
2022-01-25 - Emotet Stops Using 0.0.0.0 in Spambot Traffic.pdf
|
|
|
|
|
2022-01-25 - Hacktivist group shares details related to Belarusian Railways hack.pdf
|
|
|
|
|
2022-01-25 - How to Analyze Malware for Technical Writing.pdf
|
|
|
|
|
2022-01-25 - New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key.pdf
|
|
|
|
|
2022-01-25 - New Threat Campaign Identified- AsyncRAT Introduces a New Delivery Technique.pdf
|
|
|
|
|
2022-01-25 - Prime Minister’s Office Compromised- Details of Recent Espionage Campaign.pdf
|
|
|
|
|
2022-01-25 - Ransoms Demanded for Hijacked Instagram Accounts.pdf
|
|
|
|
|
2022-01-25 - Threats Looming Over the Horizon.pdf
|
|
|
|
|
2022-01-25 - TianySpy Malware Uses Smishing Disguised as Message From Telco.pdf
|
|
|
|
|
2022-01-25 - WastedLocker malware analysis.pdf
|
|
|
|
|
2022-01-25 - Watering hole deploys new macOS malware, DazzleSpy, in Asia.pdf
|
|
|
|
|
2022-01-25 - Weaponization of Excel Add-Ins Part 1- Malicious XLL Files and Agent Tesla Case Studies.pdf
|
|
|
|
|
2022-01-25 - Windows services lay the groundwork for a Midas ransomware attack.pdf
|
|
|
|
|
2022-01-26 - [QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam.pdf
|
|
|
|
|
2022-01-26 - ALPHV (BlackCat) Ransomware.pdf
|
|
|
|
|
2022-01-26 - ALPHV ransomware gang analysis.pdf
|
|
|
|
|
2022-01-26 - Analysis of a Management IP Address linked to Molerats APT.pdf
|
|
|
|
|
2022-01-26 - BotenaGo strikes again - malware source code uploaded to GitHub.pdf
|
|
|
|
|
2022-01-26 - Financially Motivated Mobile Scamware Exceeds 100M Installations.pdf
|
|
|
|
|
2022-01-26 - German govt warns of APT27 hackers backdooring business networks.pdf
|
|
|
|
|
2022-01-26 - Hackers Using New Evasive Technique to Deliver AsyncRAT Malware.pdf
|
|
|
|
|
2022-01-26 - KONNI evolves into stealthier RAT.pdf
|
|
|
|
|
2022-01-26 - Log4U, Shell4Me.pdf
|
|
|
|
|
2022-01-26 - Netskope Threat Coverage- WhisperGate.pdf
|
|
|
|
|
2022-01-26 - New FluBot and TeaBot Global Malware Campaigns Discovered.pdf
|
|
|
|
|
2022-01-26 - Vidar Exploiting Social Media Platform (Mastodon).pdf
|
|
|
|
|
2022-01-27 - Adversary Emulation Diavol Ransomware ThreatThursday.pdf
|
|
|
|
|
2022-01-27 - Early Bird Catches the Wormhole- Observations from the StellarParticle Campaign.pdf
|
|
|
|
|
2022-01-27 - Facestealer – The Rise of Facebook Credential Stealer Malware.pdf
|
|
|
|
|
2022-01-27 - Focusing on “Left of Boom”.pdf
|
|
|
|
|
2022-01-27 - GuLoader Executing Shellcode Using Callback Functions.pdf
|
|
|
|
|
2022-01-27 - Malware Analysis Emotet Infection.pdf
|
|
|
|
|
2022-01-27 - Malware Analysis —Manual Unpacking of Redaman.pdf
|
|
|
|
|
2022-01-27 - North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign.pdf
|
|
|
|
|
2022-01-27 - Programs Hacking Programs- How to Extract Memory Information to Spot Linux Malware.pdf
|
|
|
|
|
2022-01-27 - Ransomware as a Service Innovation Curve.pdf
|
|
|
|
|
2022-01-27 - Taiwanese Apple and Tesla contractor hit by Conti ransomware.pdf
|
|
|
|
|
2022-01-27 - Threat actor of in-Tur-est.pdf
|
|
|
|
|
2022-01-27 - Threat Advisory- STRT-TA02 - Destructive Software.pdf
|
|
|
|
|
2022-01-27 - Threat Assessment- BlackCat Ransomware.pdf
|
|
|
|
|
2022-01-27 - Threat Thursday- WhisperGate Wiper Targets Government, Non-profit, and IT Organizations in Ukraine.pdf
|
|
|
|
|
2022-01-27 - Widespread FluBot and TeaBot Malware Campaigns Targeting Android Devices.pdf
|
|
|
|
|
2022-01-28 - Indian Army Personnel Face Remote Access Trojan Attacks.pdf
|
|
|
|
|
2022-01-28 - Lessons Learned From Successive Use of Offensive Cyber Operations Against Ukraine and What May Be Next.pdf
|
|
|
|
|
2022-01-28 - Log4j Exploit Hits Again- Vulnerable Unifi Network Application (Ubiquiti) at Risk.pdf
|
|
|
|
|
2022-01-28 - Malware Headliners- LokiBot.pdf
|
|
|
|
|
2022-01-28 - Remcos RAT.pdf
|
|
|
|
|
2022-01-28 - Shedding light on the dark web.pdf
|
|
|
|
|
2022-01-28 - WhisperGate Malware Corrupts Computers in Ukraine.pdf
|
|
|
|
|
2022-01-28 - Who Wrote the ALPHV-BlackCat Ransomware Strain-.pdf
|
|
|
|
|
2022-01-30 - Point-of-Sale malware - RTPOS.pdf
|
|
|
|
|
2022-01-31 - 1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Information.pdf
|
|
|
|
|
2022-01-31 - A Detailed Analysis Of Lazarus APT Malware Disguised As Notepad Shell Extension.pdf
|
|
|
|
|
2022-01-31 - A Detailed Analysis Of Lazarus APT Malware Disguised As Notepad++ Shell Extension.pdf
|
|
|
|
|
2022-01-31 - Analyzing Malware with Hooks, Stomps and Return-addresses.pdf
|
|
|
|
|
2022-01-31 - Conversation with a top Ukrainian cyber official- What we know, what we don't, what it means.pdf
|
|
|
|
|
2022-01-31 - CrowdStrike Falcon Proactively Protects Against Wiper Malware as CISA Warns U.S. Companies of Potential Attacks.pdf
|
|
|
|
|
2022-01-31 - Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables.pdf
|
|
|
|
|
2022-01-31 - Russian 'Gamaredon' hackers use 8 new malware payloads in attacks.pdf
|
|
|
|
|
2022-01-31 - Shuckworm Continues Cyber-Espionage Attacks Against Ukraine.pdf
|
|
|
|
|
2022-01-31 - Taking the bait- The modus operandi of massive social engineering waves impacting banks in Portugal.pdf
|
|
|
|
|
2022-01-31 - Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data.pdf
|
|
|
|
|
2022-01-31 - WhisperKill vs WhiteBlackCrypt- un petit soucis de fichiers….pdf
|
|
|
|
|
2022-02-01 - Cyberspies linked to Memento ransomware use new PowerShell malware.pdf
|
|
|
|
|
2022-02-01 - Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader.pdf
|
|
|
|
|
2022-02-01 - Inside Trickbot, Russia’s Notorious Ransomware Gang.pdf
|
|
|
|
|
2022-02-01 - Mars Stealer Oski refactoring.pdf
|
|
|
|
|
2022-02-01 - N-W0rm analysis (Part 1).pdf
|
|
|
|
|
2022-02-01 - PowerLess Trojan- Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage.pdf
|
|
|
|
|
2022-02-01 - Sneaky Spies and Backdoor RATs - SysJoker and DazzleSpy Malware Target macOS.pdf
|
|
|
|
|
2022-02-01 - SolarMarker campaign used novel registry changes to establish persistence.pdf
|
|
|
|
|
2022-02-01 - StrifeWater RAT- Iranian APT Moses Staff Adds New Trojan to Ransomware Operations.pdf
|
|
|
|
|
2022-02-01 - Xenomorph - A Newly Hatched Banking Trojan.pdf
|
|
|
|
|
2022-02-01 - Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent.pdf
|
|
|
|
|
2022-02-02 - Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware.pdf
|
|
|
|
|
2022-02-02 - BlackCat ransomware implicated in attack on German oil companies.pdf
|
|
|
|
|
2022-02-02 - Catching the RAT called Agent Tesla.pdf
|
|
|
|
|
2022-02-02 - CoinStomp Malware Family Targets Asian Cloud Service Providers.pdf
|
|
|
|
|
2022-02-02 - Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op.pdf
|
|
|
|
|
2022-02-02 - Malware Analysis Spotlight- Emotet’s Use of Cryptography.pdf
|
|
|
|
|
2022-02-02 - Sandboxing Antimalware Products for Fun and Profit.pdf
|
|
|
|
|
2022-02-02 - STRRAT Attached to a MSI File.pdf
|
|
|
|
|
2022-02-02 - The evolution of a Mac trojan- UpdateAgent’s progression.pdf
|
|
|
|
|
2022-02-02 - TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware.pdf
|
|
|
|
|
2022-02-02 - US officials prepare for potential Russian cyberattacks as Ukraine standoff continues.pdf
|
|
|
|
|
2022-02-02 - White Rabbit Continued- Sardonic and F5.pdf
|
|
|
|
|
2022-02-03 - Analysis of Attack Against National Games of China Systems.pdf
|
|
|
|
|
2022-02-03 - Antlion- Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan.pdf
|
|
|
|
|
2022-02-03 - Investigating Lateral Movement — WMI and Scheduled Tasks.pdf
|
|
|
|
|
2022-02-03 - njRAT Installed from a MSI.pdf
|
|
|
|
|
2022-02-03 - QR codes on Twitter deliver malicious Chrome extension.pdf
|
|
|
|
|
2022-02-03 - Russias Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine.pdf
|
|
|
|
|
2022-02-03 - Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22).pdf
|
|
|
|
|
2022-02-03 - State hackers' new malware helped them stay undetected for 250 days.pdf
|
|
|
|
|
2022-02-03 - Threat Spotlight- WhisperGate Wiper Wreaks Havoc in Ukraine.pdf
|
|
|
|
|
2022-02-04 - ACTINIUM targets Ukrainian organizations.pdf
|
|
|
|
|
2022-02-04 - Cyberattack on News Corp, Believed Linked to China, Targeted Emails of Journalists, Others.pdf
|
|
|
|
|
2022-02-04 - FluBot Malware Persists- Most Prevalent In Germany and Spain.pdf
|
|
|
|
|
2022-02-04 - HHS- Conti ransomware encrypted 80 percent of Ireland's HSE IT systems.pdf
|
|
|
|
|
2022-02-04 - HHS- Conti ransomware encrypted 80% of Ireland's HSE IT systems.pdf
|
|
|
|
|
2022-02-04 - N-W0rm analysis (Part 2).pdf
|
|
|
|
|
2022-02-04 - News Corp discloses hack from -persistent- nation state cyber attacks.pdf
|
|
|
|
|
2022-02-04 - Shortcut to Windows Update.pdf
|
|
|
|
|
2022-02-06 - AgentTesla From RTF Exploitation to .NET Tradecraft.pdf
|
|
|
|
|
2022-02-06 - Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor.pdf
|
|
|
|
|
2022-02-06 - Deep Analysis of Vidar Information Stealer.pdf
|
|
|
|
|
2022-02-07 - APT27 Group Targets German Organizations with HyperBro.pdf
|
|
|
|
|
2022-02-07 - Avast released a free decryptor for TargetCompany ransomware.pdf
|
|
|
|
|
2022-02-07 - Decrypted- TargetCompany Ransomware.pdf
|
|
|
|
|
2022-02-07 - Exploring Windows UAC Bypasses- Techniques and Detection Strategies.pdf
|
|
|
|
|
2022-02-07 - Free decryptor released for TargetCompany ransomware victims.pdf
|
|
|
|
|
2022-02-07 - Medusa- a marriage partner as gunslinger.pdf
|
|
|
|
|
2022-02-07 - Newly Found Sugar Ransomware is Now Being Offered as RaaS.pdf
|
|
|
|
|
2022-02-07 - Qbot Likes to Move It, Move It.pdf
|
|
|
|
|
2022-02-07 - Roaming Mantis reaches Europe.pdf
|
|
|
|
|
2022-02-07 - Trellix Global Defenders- Invasion of the Information Snatchers - Protecting against RedLine Infostealer.pdf
|
|
|
|
|
2022-02-08 - Annual Threat trends 2021.pdf
|
|
|
|
|
2022-02-08 - Attackers Disguise RedLine Stealer as a Windows 11 Upgrade.pdf
|
|
|
|
|
2022-02-08 - BlackCat Ransomware as a Service - The Cat is certainly out of the bag!.pdf
|
|
|
|
|
2022-02-08 - Brbbot Analysis.pdf
|
|
|
|
|
2022-02-08 - Conficker Analysis.pdf
|
|
|
|
|
2022-02-08 - Cybereason vs. Lorenz Ransomware.pdf
|
|
|
|
|
2022-02-08 - Distribution of Kimsuky Group’s xRAT (Quasar RAT) Confirmed.pdf
|
|
|
|
|
2022-02-08 - EP 110- Spam Botnets.pdf
|
|
|
|
|
2022-02-08 - HawkEye Analysis.pdf
|
|
|
|
|
2022-02-08 - LolZarus- Lazarus Group Incorporating Lolbins into Campaigns.pdf
|
|
|
|
|
2022-02-08 - NaturalFreshMall- a mass store hack.pdf
|
|
|
|
|
2022-02-08 - NetWalker ransomware affiliate sentenced to 80 months in prison.pdf
|
|
|
|
|
2022-02-08 - Palestinian Hackers Use New NimbleMamba Implant in Recent Attacks.pdf
|
|
|
|
|
2022-02-08 - PrivateLoader The first step in many malware schemes.pdf
|
|
|
|
|
2022-02-08 - Qbot needs only 30 minutes to steal your credentials, emails.pdf
|
|
|
|
|
2022-02-08 - Ransomware Spotlight- LockBit.pdf
|
|
|
|
|
2022-02-08 - Remcos Analysis.pdf
|
|
|
|
|
2022-02-08 - RevengeRAT Analysis.pdf
|
|
|
|
|
2022-02-08 - Ugg Boots 4 Sale- A Tale of Palestinian-Aligned Espionage.pdf
|
|
|
|
|
2022-02-09 - Dragos ICS-OT Ransomware Analysis- Q4 2021.pdf
|
|
|
|
|
2022-02-09 - Fake Windows 11 upgrade installers infect you with RedLine malware.pdf
|
|
|
|
|
2022-02-09 - HiddenArt – A Russian-linked SS7 Threat Actor.pdf
|
|
|
|
|
2022-02-09 - Iranian Hackers Using New Marlin Backdoor in 'Out to Sea' Espionage Campaign.pdf
|
|
|
|
|
2022-02-09 - Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online.pdf
|
|
|
|
|
2022-02-09 - Meta and Chime sue Nigerians behind Facebook, Instagram phishing.pdf
|
|
|
|
|
2022-02-09 - ModifiedElephant APT and a Decade of Fabricating Evidence.pdf
|
|
|
|
|
2022-02-09 - Ransomware dev releases Egregor, Maze master decryption keys.pdf
|
|
|
|
|
2022-02-09 - What’s with the shared VBA code between Transparent Tribe and other threat actors-.pdf
|
|
|
|
|
2022-02-10 - 380-GlowSpark.pdf
|
|
|
|
|
2022-02-10 - A walk through Project Zero metrics.pdf
|
|
|
|
|
2022-02-10 - Malicious Chrome Browser Extension Exposed- ChromeBack Leverages Silent Extension Loading.pdf
|
|
|
|
|
2022-02-10 - Threat Analysis Report- All Paths Lead to Cobalt Strike - IcedID, Emotet and QBot.pdf
|
|
|
|
|
2022-02-10 - Threat Thursday- BHunt Scavenger Harvests Victims’ Crypto Wallets.pdf
|
|
|
|
|
2022-02-11 - [SANS ISC] CinaRAT Delivered Through HTML ID Attributes.pdf
|
|
|
|
|
2022-02-11 - Indicators of Compromise Associated with BlackByte Ransomware.pdf
|
|
|
|
|
2022-02-11 - Netwalker- from Powershell reflective loader to injected dll.pdf
|
|
|
|
|
2022-02-11 - Threat Roundup for February 4 to February 11.pdf
|
|
|
|
|
2022-02-11 - XLoader-Formbook Distributed by Encrypted VelvetSweatshop Spreadsheets.pdf
|
|
|
|
|
2022-02-12 - Analyzing a Stealer MSI using msitools.pdf
|
|
|
|
|
2022-02-12 - Full Hancitor malware analysis.pdf
|
|
|
|
|
2022-02-12 - How RAT Malware Is Using Telegram to Evade Detection.pdf
|
|
|
|
|
2022-02-13 - Colibri Loader - Back to basics.pdf
|
|
|
|
|
2022-02-13 - Kovter Analysis.pdf
|
|
|
|
|
2022-02-13 - Technical Malware Analysis- The Return of Emotet.pdf
|
|
|
|
|
2022-02-14 - Allcome clipbanker is a newcomer in underground forums.pdf
|
|
|
|
|
2022-02-14 - Chaos ransomware v4.pdf
|
|
|
|
|
2022-02-14 - FBI- BlackByte ransomware breached US critical infrastructure.pdf
|
|
|
|
|
2022-02-14 - NFT Lure Used to Distribute BitRAT.pdf
|
|
|
|
|
2022-02-14 - PrivateLoader to Anubis Loader.pdf
|
|
|
|
|
2022-02-14 - Ransomware Becomes Deadlier, Conti Makes the Most Money.pdf
|
|
|
|
|
2022-02-14 - Sophisticated FritzFrog P2P Botnet Returns After Long Break.pdf
|
|
|
|
|
2022-02-14 - Staying ahead of REvil’s Ransomware-as-a-Service business model.pdf
|
|
|
|
|
2022-02-14 - The APT Fallout of Vulnerabilities such as ProxyLogon, OGNL Injection, and log4shell.pdf
|
|
|
|
|
2022-02-14 - Var tæt på at slukke tusindvis af vindmøller- Nu fortæller Vestas om cyberangreb.pdf
|
|
|
|
|
2022-02-14 - Wazawaka Goes Waka Waka.pdf
|
|
|
|
|
2022-02-15 - Analysis of Microsoft CVE-2022-21907.pdf
|
|
|
|
|
2022-02-15 - Charting TA2541's Flight.pdf
|
|
|
|
|
2022-02-15 - Guard Your Drive from DriveGuard- Moses Staff Campaigns Against Israeli Organizations Span Several Months.pdf
|
|
|
|
|
2022-02-15 - How the Russia-Ukraine conflict is impacting cybercrime.pdf
|
|
|
|
|
2022-02-15 - Increase in Emotet Activity and Cobalt Strike Deployment.pdf
|
|
|
|
|
2022-02-15 - MATANBUCHUS- Another Loader As A Service Malware.pdf
|
|
|
|
|
2022-02-15 - New Emotet Infection Method.pdf
|
|
|
|
|
2022-02-15 - New Evidence Linking Kwampirs Malware to Shamoon APTS (Technical Blog).pdf
|
|
|
|
|
2022-02-15 - Researchers Link ShadowPad Malware Attacks to Chinese Ministry and PLA.pdf
|
|
|
|
|
2022-02-15 - ShadowPad Malware Analysis.pdf
|
|
|
|
|
2022-02-15 - TA2541- APT Has Been Shooting RATs at Aviation for Years.pdf
|
|
|
|
|
2022-02-15 - Unskilled hacker linked to years of attacks on aviation, transport sectors.pdf
|
|
|
|
|
2022-02-15 - Vulnerable Exchange server hit by Squirrelwaffle and financial fraud.pdf
|
|
|
|
|
2022-02-16 - A Modern Ninja- Evasive Trickbot Attacks Customers of 60 High-Profile Companies.pdf
|
|
|
|
|
2022-02-16 - Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology.pdf
|
|
|
|
|
2022-02-16 - DDoS Attack Campaign Targeting Multiple Organizations in Ukraine.pdf
|
|
|
|
|
2022-02-16 - Emotet Now Spreading Through Malicious Excel Files.pdf
|
|
|
|
|
2022-02-16 - Meet Kraken- A New Golang Botnet in Development.pdf
|
|
|
|
|
2022-02-16 - Playing with AsyncRAT.pdf
|
|
|
|
|
2022-02-16 - QBot Malware Detection- Old Dog New Tricks.pdf
|
|
|
|
|
2022-02-16 - Quick Malware Analysis- Emotet Epoch 5 and Cobalt Strike pcap from 2022-02-08.pdf
|
|
|
|
|
2022-02-16 - Red Cross blames hack on Zoho vulnerability, suspects APT attack.pdf
|
|
|
|
|
2022-02-16 - SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification.pdf
|
|
|
|
|
2022-02-16 - The TrickBot Saga’s Finale Has Aired- Spinoff is Already in the Works.pdf
|
|
|
|
|
2022-02-16 - TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands.pdf
|
|
|
|
|
2022-02-17 - Detecting Karakurt – an extortion focused threat actor.pdf
|
|
|
|
|
2022-02-17 - FreeCryptoScam - A New Cryptocurrency Scam That Leads to Installation of Backdoors and Stealers.pdf
|
|
|
|
|
2022-02-17 - Investigating a Monero Coin Miner.pdf
|
|
|
|
|
2022-02-17 - Log4j2 In The Wild - Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon.pdf
|
|
|
|
|
2022-02-17 - Looking over the nation-state actors’ shoulders- Even they have a difficult day sometimes.pdf
|
|
|
|
|
2022-02-17 - Nwgen Ransomware.pdf
|
|
|
|
|
2022-02-17 - Phishers Spoof Power BI to Visualize Your Credential Data.pdf
|
|
|
|
|
2022-02-17 - Ransomware Windows DarkBit.pdf
|
|
|
|
|
2022-02-17 - Technical Analysis of Code-Signed Blister Malware Campaign Part 2.pdf
|
|
|
|
|
2022-02-17 - Technical Analysis of Code-Signed “Blister” Malware Campaign (Part 2).pdf
|
|
|
|
|
2022-02-17 - The story of a ransomware builder- from Thanos to Spook and beyond (Part 1).pdf
|
|
|
|
|
2022-02-17 - Threat Thursday- Arkei Infostealer Expands Reach Using SmokeLoader to Target Crypto Wallets and MFA.pdf
|
|
|
|
|
2022-02-17 - VMProtect Analysis 1.0- VMP Mutation Fix.pdf
|
|
|
|
|
2022-02-18 - A Tale of Two Shells.pdf
|
|
|
|
|
2022-02-18 - Conti ransomware gang takes over TrickBot malware operation.pdf
|
|
|
|
|
2022-02-18 - Dynamically extracting the encryption key from a simple ransomware.pdf
|
|
|
|
|
2022-02-18 - EvilPlayout- Attack Against Iran’s State Broadcaster.pdf
|
|
|
|
|
2022-02-18 - Executive Overview of Russian Aggression Against Ukraine.pdf
|
|
|
|
|
2022-02-18 - Hackers No Hashing- Randomizing API Hashes to Evade Cobalt Strike Shellcode Detection.pdf
|
|
|
|
|
2022-02-18 - How a Saudi woman's iPhone revealed hacking around the world.pdf
|
|
|
|
|
2022-02-18 - New Golang botnet empties Windows users’ cryptocurrency wallets.pdf
|
|
|
|
|
2022-02-18 - PseudoManuscrypt Being Distributed in the Same Method as Cryptbot.pdf
|
|
|
|
|
2022-02-18 - Remcos RAT Delivered Through Double Compressed Archive.pdf
|
|
|
|
|
2022-02-18 - TeamTNT Cryptomining Explosion.pdf
|
|
|
|
|
2022-02-19 - Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm.pdf
|
|
|
|
|
2022-02-20 - Detecting Cobalt Strike Beacons.pdf
|
|
|
|
|
2022-02-20 - Technical Analysis of the DDoS Attacks against Ukrainian Websites.pdf
|
|
|
|
|
2022-02-20 - The Conti ransomware group takes over TrickBot malware operation and plans to replace it with BazarBackdoor malware..pdf
|
|
|
|
|
2022-02-21 - A flaw in the encryption algorithm of Hive Ransomware allows retrieving encrypted files.pdf
|
|
|
|
|
2022-02-21 - Chinese hackers linked to months-long attack on Taiwanese financial sector.pdf
|
|
|
|
|
2022-02-21 - Cobalt Strike Being Distributed to Vulnerable MS-SQL Servers.pdf
|
|
|
|
|
2022-02-21 - Darkside Ransomware Analysis Report.pdf
|
|
|
|
|
2022-02-21 - Iranian State Broadcaster IRIB Hit by Destructive Wiper Malware.pdf
|
|
|
|
|
2022-02-21 - Modified CryptBot Infostealer Being Distributed.pdf
|
|
|
|
|
2022-02-21 - Ousaban MSI Installer Analysis.pdf
|
|
|
|
|
2022-02-21 - Qbot and Zerologon Lead To Full Domain Compromise.pdf
|
|
|
|
|
2022-02-21 - Revamped CryptBot malware spread by pirated software sites.pdf
|
|
|
|
|
2022-02-21 - TTPs used by BlackByte Ransomware Targeting Critical Infrastructure.pdf
|
|
|
|
|
2022-02-21 - Watch out, the Kraken botnet can easily bypass Defender and steal your crypto.pdf
|
|
|
|
|
2022-02-22 - China Implicated in Prolonged Supply Chain Attack Targeting Taiwan Financial Sector.pdf
|
|
|
|
|
2022-02-22 - CrowdStrike Research Investigates Exploit Behavior to Strengthen Customer Protection.pdf
|
|
|
|
|
2022-02-22 - Cybercrime Moves- Conti Ransomware Absorbs TrickBot Malware.pdf
|
|
|
|
|
2022-02-22 - Cyberthreats during Russian-Ukrainian tensions- what can we learn from history to be prepared-.pdf
|
|
|
|
|
2022-02-22 - IcedID to Cobalt Strike In Under 20 Minutes.pdf
|
|
|
|
|
2022-02-22 - Like Father Like Son- New Mars Stealer.pdf
|
|
|
|
|
2022-02-22 - Quick Update- Kraken Completes Its Rebrand to Anubis.pdf
|
|
|
|
|
2022-02-22 - Ransomware Spotlight- Clop.pdf
|
|
|
|
|
2022-02-22 - Russia-Ukraine Cyberattacks Updated How to Protect Against Related Cyberthreats Including DDoS Hermet.pdf
|
|
|
|
|
2022-02-22 - Vulnerable Microsoft SQL Servers targeted with Cobalt Strike.pdf
|
|
|
|
|
2022-02-22 - Week 7- Supposed order confirmation delivers malware and new variants in fake extortion emails.pdf
|
|
|
|
|
2022-02-23 - (Ex)Change of Pace- UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware.pdf
|
|
|
|
|
2022-02-23 - 24 Hours From Log4Shell to Local Admin- Deep-Dive Into Conti Gang Attack on Fortune 500 (DFIR).pdf
|
|
|
|
|
2022-02-23 - Access Brokers- Who Are the Targets, and What Are They Worth-.pdf
|
|
|
|
|
2022-02-23 - Alert (AA22-054A) New Sandworm Malware Cyclops Blink Replaces VPNFilter.pdf
|
|
|
|
|
2022-02-23 - APT-C-58 (Gorgon Group) attack warning.pdf
|
|
|
|
|
2022-02-23 - Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool.pdf
|
|
|
|
|
2022-02-23 - Dridex bots deliver Entropy ransomware in recent attacks.pdf
|
|
|
|
|
2022-02-23 - HermeticWiper - New Destructive Malware Used In Cyber Attacks on Ukraine.pdf
|
|
|
|
|
2022-02-23 - New Sandworm malware Cyclops Blink replaces VPNFilter.pdf
|
|
|
|
|
2022-02-23 - New Wiper Malware Targeting Ukraine Amid Russia's Military Operation.pdf
|
|
|
|
|
2022-02-23 - NSA-linked Bvp47 Linux backdoor widely undetected for 10 years.pdf
|
|
|
|
|
2022-02-23 - Ransomware Profile- ALPHV.pdf
|
|
|
|
|
2022-02-23 - Re-cap- The Untold Story of NotPetya, The Most Devastating Cyberattack in History.pdf
|
|
|
|
|
2022-02-23 - Sanctions Be Damned - From Dridex to Macaw, The Evolution of Evil Corp.pdf
|
|
|
|
|
2022-02-23 - Second data wiper attack hits Ukraine computer networks.pdf
|
|
|
|
|
2022-02-23 - Security warning- Hackers are using this new malware to target firewall appliances.pdf
|
|
|
|
|
2022-02-23 - Shadowserver Special Reports – Cyclops Blink.pdf
|
|
|
|
|
2022-02-23 - The Bvp47 - a Top-tier Backdoor of US NSA Equation Group.pdf
|
|
|
|
|
2022-02-23 - What the Pack(er)-.pdf
|
|
|
|
|
2022-02-24 - [QuickNote] Techniques for decrypting BazarLoader strings.pdf
|
|
|
|
|
2022-02-24 - Alert (AA22-055A) Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks.pdf
|
|
|
|
|
2022-02-24 - Cyber-Attacken auf die Ukraine- Wiper-Malware befällt „Hunderte Computer“.pdf
|
|
|
|
|
2022-02-24 - Defense contractors hit by stealthy SockDetour Windows backdoor.pdf
|
|
|
|
|
2022-02-24 - HermeticWiper & resurgence of targeted attacks on Ukraine.pdf
|
|
|
|
|
2022-02-24 - HermeticWiper- New data‑wiping malware hits Ukraine.pdf
|
|
|
|
|
2022-02-24 - How to Decrypt the Files Encrypted by the Hive Ransomware.pdf
|
|
|
|
|
2022-02-24 - IBM Security X-Force Research Advisory- New Destructive Malware Used In Cyber Attacks on Ukraine.pdf
|
|
|
|
|
2022-02-24 - Left On Read- Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity.pdf
|
|
|
|
|
2022-02-24 - Malware Analysis Report (AR22-055A) MuddyWater.pdf
|
|
|
|
|
2022-02-24 - Microsoft Exchange servers hacked to deploy Cuba ransomware.pdf
|
|
|
|
|
2022-02-24 - New Wave of Emotet – When Project X Turns Into Y.pdf
|
|
|
|
|
2022-02-24 - Nobelium Returns to the Political World Stage.pdf
|
|
|
|
|
2022-02-24 - Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure.pdf
|
|
|
|
|
2022-02-24 - SockDetour - a Silent Fileless Socketless Backdoor - Targets US Defense Contractors.pdf
|
|
|
|
|
2022-02-24 - Threat Advisory- Current executive guidance for ongoing cyberattacks in Ukraine.pdf
|
|
|
|
|
2022-02-24 - Threat Advisory- Cyclops Blink.pdf
|
|
|
|
|
2022-02-24 - Threat Update – Ukraine & Russia conflict.pdf
|
|
|
|
|
2022-02-24 - TrickBot Gang Likely Shifting Operations to Switch to New Malware.pdf
|
|
|
|
|
2022-02-24 - TrickBot gang shuts down botnet after months of inactivity.pdf
|
|
|
|
|
2022-02-24 - Ukraine- Analysis Of The New Disk-Wiping Malware (HermeticWiper).pdf
|
|
|
|
|
2022-02-24 - Ukraine- Disk-wiping Attacks Precede Russian Invasion.pdf
|
|
|
|
|
2022-02-25 - Breaking news! Warning about “HermeticWiper Malware” by Russian APT Groups.pdf
|
|
|
|
|
2022-02-25 - CrowdStrike Falcon Protects from New Wiper Malware Used in Ukraine Cyberattacks.pdf
|
|
|
|
|
2022-02-25 - Details of the DDoS attacks we have seen recently against Ukraine and Russia.pdf
|
|
|
|
|
2022-02-25 - Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations.pdf
|
|
|
|
|
2022-02-25 - Il ransomware Conti si schiera a favore della Russia..pdf
|
|
|
|
|
2022-02-25 - Le ransomware Cuba s’en prend aux serveurs Exchange.pdf
|
|
|
|
|
2022-02-25 - MuddyWater Targets Critical Infrastructure in Asia, Europe.pdf
|
|
|
|
|
2022-02-25 - New -SockDetour- Fileless, Socketless Backdoor Targets U.S. Defense Contractors.pdf
|
|
|
|
|
2022-02-25 - New Infostealer ‘ColdStealer’ Being Distributed.pdf
|
|
|
|
|
2022-02-25 - Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks.pdf
|
|
|
|
|
2022-02-25 - Reverse Engineering - Hermetic Wiper.pdf
|
|
|
|
|
2022-02-25 - Russia or Ukraine- Hacking groups take sides.pdf
|
|
|
|
|
2022-02-25 - Some details of the DDoS attacks targeting Ukraine and Russia in recent days.pdf
|
|
|
|
|
2022-02-25 - Spear Phishing Attacks Target Organizations in Ukraine Payloads Include the Document Stealer OutSteel.pdf
|
|
|
|
|
2022-02-25 - Technical Analysis of PartyTicket Ransomware.pdf
|
|
|
|
|
2022-02-25 - The Hunt for the Lost Soul- Unraveling the Evolution of the SoulSearcher Malware.pdf
|
|
|
|
|
2022-02-25 - Threat updates – A new IcedID GZipLoader variant.pdf
|
|
|
|
|
2022-02-25 - Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail.pdf
|
|
|
|
|
2022-02-25 - TrickBot malware suddenly got quiet, researchers say, but it's hardly the end for its operators.pdf
|
|
|
|
|
2022-02-25 - UKRAINE- Timeline of Cyberattacks.pdf
|
|
|
|
|
2022-02-25 - What You Need to Know About Russian Cyber Escalation in Ukraine.pdf
|
|
|
|
|
2022-02-26 - Alert (AA22-057A) Destructive Malware Targeting Organizations in Ukraine.pdf
|
|
|
|
|
2022-02-26 - DiskKill-HermeticWiper, a disruptive cyber-weapon targeting Ukraine’s critical infrastructures.pdf
|
|
|
|
|
2022-02-26 - Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine.pdf
|
|
|
|
|
2022-02-26 - The hidden C2- Lampion trojan release 212 is on the rise and using a C2 server for two years.pdf
|
|
|
|
|
2022-02-26 - TRENDING EVIL Q1 2022.pdf
|
|
|
|
|
2022-02-26 - Yours Truly, Signed AV Driver- Weaponizing An Antivirus Driver.pdf
|
|
|
|
|
2022-02-27 - Conti ransomware's internal chats leaked after siding with Russia.pdf
|
|
|
|
|
2022-02-28 - Analyzing conti-leaks without speaking russian — only methodology.pdf
|
|
|
|
|
2022-02-28 - Change in Distribution Method of Malware Disguised as Estimate (VBS Script).pdf
|
|
|
|
|
2022-02-28 - Chinese cyberspies target govts with their ‘most advanced’ backdoor.pdf
|
|
|
|
|
2022-02-28 - CoinMiner Being Distributed to Vulnerable MS-SQL Servers.pdf
|
|
|
|
|
2022-02-28 - Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits.pdf
|
|
|
|
|
2022-02-28 - conti-leaks-englished.pdf
|
|
|
|
|
2022-02-28 - Cyber threat activity in Ukraine- analysis and resources.pdf
|
|
|
|
|
2022-02-28 - Daxin- Stealthy Backdoor Designed for Attacks Against Hardened Networks.pdf
|
|
|
|
|
2022-02-28 - Detecting malware kill chains with Defender and Microsoft Sentinel.pdf
|
|
|
|
|
2022-02-28 - How to Analyze Malicious Documents – Case Study of an Attack Targeting Ukrainian Organization.pdf
|
|
|
|
|
2022-02-28 - Looking for Penquins in the Wild.pdf
|
|
|
|
|
2022-02-28 - Meta- Ukrainian officials, military targeted by Ghostwriter hackers.pdf
|
|
|
|
|
2022-02-28 - Microsoft finds FoxBlade malware on Ukrainian systems, removes RT from Windows app store.pdf
|
|
|
|
|
2022-02-28 - New Chinese hacking tool found, spurring U.S. warning to allies.pdf
|
|
|
|
|
2022-02-28 - Remcos RAT malware disseminated by pretending to be tax invoices.pdf
|
|
|
|
|
2022-02-28 - Threat Actor targeted attack against Finance and Investment industry (ENG).pdf
|
|
|
|
|
2022-02-28 - Trellix Global Defenders- Analysis and Protections for BlackByte Ransomware.pdf
|
|
|
|
|
2022-02-28 - Trellix Global Defenders- Analysis and Protections for RagnarLocker Ransomware.pdf
|
|
|
|
|
2022-02-28 - Trellix Global Defenders- Cyberattacks Targeting Ukraine and HermeticWiper Protections.pdf
|
|
|
|
|
2022-03-01 - Asylum Ambuscade_State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement.pdf
|
|
|
|
|
2022-03-01 - China soll mit präzedenzlos ausgeklügelter Malware Regierungen ausspioniert haben.pdf
|
|
|
|
|
2022-03-01 - Conti Ransomware source code leaked by Ukrainian researcher.pdf
|
|
|
|
|
2022-03-01 - Cybereason vs. BlackCat Ransomware.pdf
|
|
|
|
|
2022-03-01 - Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities.pdf
|
|
|
|
|
2022-03-01 - DiskKill-HermeticWiper and NotPetya (Dis)similarities.pdf
|
|
|
|
|
2022-03-01 - Elastic protects against data wiper malware targeting Ukraine- HERMETICWIPER.pdf
|
|
|
|
|
2022-03-01 - Elections GoRansom – a smoke screen for the HermeticWiper attack.pdf
|
|
|
|
|
2022-03-01 - How IoT Botnets Evade Detection and Analysis.pdf
|
|
|
|
|
2022-03-01 - IsaacWiper and HermeticWizard- New wiper and worm targeting Ukraine.pdf
|
|
|
|
|
2022-03-01 - Leaks- Conti - Trickbot.pdf
|
|
|
|
|
2022-03-01 - Python script to decrypt embedded driver used in Daxin.pdf
|
|
|
|
|
2022-03-01 - Ransomware as a distraction.pdf
|
|
|
|
|
2022-03-01 - Second New 'IsaacWiper' Data Wiper Targets Ukraine After Russian Invasion.pdf
|
|
|
|
|
2022-03-01 - TAG Bulletin- Q1 2022.pdf
|
|
|
|
|
2022-03-01 - Targeted APT Activity- BABYSHARK Is Out for Blood.pdf
|
|
|
|
|
2022-03-01 - TeaBot is now spreading across the globe.pdf
|
|
|
|
|
2022-03-01 - The DGA Algorithm Used by Dealply and Bujo Campaigns.pdf
|
|
|
|
|
2022-03-01 - Ukraine Hit with Novel ‘FoxBlade’ Trojan Hours Before Invasion.pdf
|
|
|
|
|
2022-03-01 - Ukrainian Targets Hit by HermeticWiper, New Datawiper Malware.pdf
|
|
|
|
|
2022-03-01 - What is HermeticWiper – An Analysis of the Malware and Larger Threat Landscape in the Russian Ukrainian War.pdf
|
|
|
|
|
2022-03-02 - AvosLocker Ransomware Linux Version Analysis.pdf
|
|
|
|
|
2022-03-02 - Conti Group Leaked!.pdf
|
|
|
|
|
2022-03-02 - Conti Ransomware Decryptor, TrickBot Source Code Leaked.pdf
|
|
|
|
|
2022-03-02 - Conti Ransomware Group Diaries, Part II- The Office.pdf
|
|
|
|
|
2022-03-02 - Conti's Source Code- Deep-Dive Into.pdf
|
|
|
|
|
2022-03-02 - CrowdStrike cracks PartyTicket ransomware targeting Ukraine.pdf
|
|
|
|
|
2022-03-02 - Cybercrime bosses warn that they will -fight back- if Russia is hacked.pdf
|
|
|
|
|
2022-03-02 - DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense.pdf
|
|
|
|
|
2022-03-02 - Digging into HermeticWiper.pdf
|
|
|
|
|
2022-03-02 - Domains Linked to Phishing Attacks Targeting Ukraine.pdf
|
|
|
|
|
2022-03-02 - Hackers Begin Weaponizing TCP Middlebox Reflection for Amplified DDoS Attacks.pdf
|
|
|
|
|
2022-03-02 - Log4shell exploits now used mostly for DDoS botnets, cryptominers.pdf
|
|
|
|
|
2022-03-02 - TrickBot’s AnchorDNS is Now Upgraded to AnchorMail.pdf
|
|
|
|
|
2022-03-03 - A Closer Look at the Russian Actors Targeting Organizations in Ukraine.pdf
|
|
|
|
|
2022-03-03 - Cloud Credential Compromise Campaign Originating from Russian-Affiliated Infrastructure.pdf
|
|
|
|
|
2022-03-03 - Cyberattacks are Prominent in the Russia-Ukraine Conflict.pdf
|
|
|
|
|
2022-03-03 - Deep Analysis of Redline Stealer- Leaked Credential with WCF.pdf
|
|
|
|
|
2022-03-03 - Dissemination of malicious korean documents masquering as press releases for the 20th presidential election.pdf
|
|
|
|
|
2022-03-03 - Free decryptor released for HermeticRansom victims in Ukraine.pdf
|
|
|
|
|
2022-03-03 - Help for Ukraine- Free decryptor for HermeticRansom ransomware.pdf
|
|
|
|
|
2022-03-03 - Luci Spools The Fun With Phobos Ransomware.pdf
|
|
|
|
|
2022-03-03 - Malware campaign impersonates VC firm looking to buy sites.pdf
|
|
|
|
|
2022-03-03 - Proofpoint is Closely Monitoring the Rapidly Evolving Threat Landscape Related to Ukraine and Russia.pdf
|
|
|
|
|
2022-03-03 - SharkBot- a “new” generation Android banking Trojan being distributed on Google Play Store.pdf
|
|
|
|
|
2022-03-03 - TeaBot Banking Trojan Posted as QR Code app in Google Play Store Targeting US Users.pdf
|
|
|
|
|
2022-03-03 - Technical Analysis of The Hermetic Wiper Malware Used to Target Ukraine.pdf
|
|
|
|
|
2022-03-03 - Threat Hunting for Malicious PowerShell Usage in Gigasheet.pdf
|
|
|
|
|
2022-03-04 - Amazon's assistance in Ukraine.pdf
|
|
|
|
|
2022-03-04 - Bitdefender Labs Sees Increased Malicious and Scam Activity Exploiting the War in Ukraine.pdf
|
|
|
|
|
2022-03-04 - Details of another big ransomware group 'Trickbot' leak online, experts say.pdf
|
|
|
|
|
2022-03-04 - Free HermeticRansom Ransomware Decryptor Released.pdf
|
|
|
|
|
2022-03-04 - HermeticWiper- A detailed analysis of the destructive malware that targeted Ukraine.pdf
|
|
|
|
|
2022-03-04 - HermeticWiper-FoxBlade Analysis (in-depth).pdf
|
|
|
|
|
2022-03-04 - Imperva Mitigates Ransom DDoS Attack Measuring 2.5 Million Requests per Second.pdf
|
|
|
|
|
2022-03-04 - Legitimate Sites Used As Cobalt Strike C2s Against Indian Government.pdf
|
|
|
|
|
2022-03-04 - Massive Meris Botnet Embeds Ransomware Notes from REvil.pdf
|
|
|
|
|
2022-03-04 - New Wiper Malware Used Against Ukranian Organizations.pdf
|
|
|
|
|
2022-03-04 - Responses to Russia's Invasion of Ukraine Likely to Spur Retaliation.pdf
|
|
|
|
|
2022-03-04 - Russia-Ukraine war exploited as lure for malware distribution.pdf
|
|
|
|
|
2022-03-04 - SystemBC, PowerShell version.pdf
|
|
|
|
|
2022-03-05 - Malware now using NVIDIA's stolen code signing certificates.pdf
|
|
|
|
|
2022-03-06 - AvosLocker Ransomware Behavior Examined on Windows & Linux.pdf
|
|
|
|
|
2022-03-06 - Mozilla Firefox 97.0.2 fixes two actively exploited zero-day bugs (CVE-2022-26485 & CVE-2022-26486).pdf
|
|
|
|
|
2022-03-07 - 2021 Year In Review.pdf
|
|
|
|
|
2022-03-07 - An update on the threat landscape (APT28, UNC1151, MUSTANG PANDA).pdf
|
|
|
|
|
2022-03-07 - Distribution of Remcos RAT Disguised as Tax Invoice.pdf
|
|
|
|
|
2022-03-07 - Fake Purchase Order Used to Deliver Agent Tesla.pdf
|
|
|
|
|
2022-03-07 - FBI- Ransomware gang breached 52 US critical infrastructure orgs.pdf
|
|
|
|
|
2022-03-07 - I CAN'T HEAR YOU NOW! INTERNAL BEHAVIOR OF INFORMATION-STEALING MALWARE AND JSOC DETECTION TRENDS.pdf
|
|
|
|
|
2022-03-07 - Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected.pdf
|
|
|
|
|
2022-03-07 - MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part I.pdf
|
|
|
|
|
2022-03-07 - PHOREAL Malware Targets the Southeast Asian Financial Sector.pdf
|
|
|
|
|
2022-03-07 - PROPHET SPIDER Exploits Citrix ShareFile Remote Code Execution Vulnerability CVE-2021-22941 to Deliver Webshell.pdf
|
|
|
|
|
2022-03-07 - Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say.pdf
|
|
|
|
|
2022-03-07 - The Good, the Bad, and the Web Bug TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates.pdf
|
|
|
|
|
2022-03-08 - Conti Ransomware source code- a well-designed COTS ransomware.pdf
|
|
|
|
|
2022-03-08 - Conti-Ransomware-IOC.pdf
|
|
|
|
|
2022-03-08 - Daxin Backdoor- In-Depth Analysis, Part One.pdf
|
|
|
|
|
2022-03-08 - Does This Look Infected- A Summary of APT41 Targeting U.S. State Governments.pdf
|
|
|
|
|
2022-03-08 - Excel Add-ins Deliver JSSLoader Malware.pdf
|
|
|
|
|
2022-03-08 - GhostWriter - UNC1151 adopts MicroBackdoor Variants in Cyber Operations against Ukraine.pdf
|
|
|
|
|
2022-03-08 - Live reverse engineering of a trojanized medical app — Android-Joker.pdf
|
|
|
|
|
2022-03-08 - New RURansom Wiper Targets Russia.pdf
|
|
|
|
|
2022-03-08 - Record breaking DDoS Potential Discovered- CVE-2022-26143.pdf
|
|
|
|
|
2022-03-08 - The Media Environment and Domestic Public Opinion in China Toward Russia’s War On Ukraine.pdf
|
|
|
|
|
2022-03-08 - What Global Network Visibility Reveals about the Resurgence of One of the World’s Most Notorious Botnets.pdf
|
|
|
|
|
2022-03-09 - BazarLoader Actors Initiate Contact via Website Contact Forms.pdf
|
|
|
|
|
2022-03-09 - BokBot Technical Analysis.pdf
|
|
|
|
|
2022-03-09 - CISA updates Conti ransomware alert with nearly 100 domain names.pdf
|
|
|
|
|
2022-03-09 - Daxin Backdoor- In-Depth Analysis, Part Two.pdf
|
|
|
|
|
2022-03-09 - Exploitation of VMware Horizon Servers by TunnelVision Threat Actor.pdf
|
|
|
|
|
2022-03-09 - Hackers fork open-source reverse tunneling tool for persistence.pdf
|
|
|
|
|
2022-03-09 - New Nokoyawa Ransomware Possibly Related to Hive.pdf
|
|
|
|
|
2022-03-09 - Raccoon Stealer- “Trash panda” abuses Telegram.pdf
|
|
|
|
|
2022-03-09 - Ragnar Locker Breached 52 Organizations and Counting, FBI Warns.pdf
|
|
|
|
|
2022-03-09 - Ragnar ransomware gang hit 52 critical US orgs, says FBI.pdf
|
|
|
|
|
2022-03-09 - Set up Splunk for Incident Response in GCP in 15 minutes...pdf
|
|
|
|
|
2022-03-09 - SodinokibiREvil Ransomware Defendant Extradited to United States and Arraigned in Texas.pdf
|
|
|
|
|
2022-03-09 - The Conti Leaks - Insight into a Ransomware Unicorn.pdf
|
|
|
|
|
2022-03-09 - Very very lazy Lazyscripter’s scripts- double compromise in a single obfuscation.pdf
|
|
|
|
|
2022-03-10 - AbereBot Returns as Escobar.pdf
|
|
|
|
|
2022-03-10 - BrightTALK- A look at current cyberattacks in Ukraine.pdf
|
|
|
|
|
2022-03-10 - Corporate website contact forms used to spread BazarBackdoor malware.pdf
|
|
|
|
|
2022-03-10 - Detecting HermeticWiper.pdf
|
|
|
|
|
2022-03-10 - Diavol the Enigma of Ransomware.pdf
|
|
|
|
|
2022-03-10 - HermeticWiper - Technical Analysis Report.pdf
|
|
|
|
|
2022-03-10 - Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign.pdf
|
|
|
|
|
2022-03-10 - Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups.pdf
|
|
|
|
|
2022-03-10 - Leaks of Conti Ransomware Group Paint Picture of a Surprisingly Normal Tech Start-Up… Sort Of.pdf
|
|
|
|
|
2022-03-10 - MuddyWater targets Middle Eastern and Asian countries in phishing attacks.pdf
|
|
|
|
|
2022-03-10 - SecurityScorecard Discovers new botnet, ‘Zhadnost,’ responsible for Ukraine DDoS attacks.pdf
|
|
|
|
|
2022-03-10 - Threat Thursday- CryptBot Infostealer Masquerades as Cracked Software.pdf
|
|
|
|
|
2022-03-10 - WEDNESDAY, MARCH 9, 2022 Threat advisory- Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools.pdf
|
|
|
|
|
2022-03-11 - ChromeLoader Infects the Browser by Loading Malicious Extension.pdf
|
|
|
|
|
2022-03-11 - Five Things You Need to Know About the Cyberwar in Ukraine.pdf
|
|
|
|
|
2022-03-11 - In-depth Technical Analysis of Colibri Loader Malware.pdf
|
|
|
|
|
2022-03-11 - Infamous Russian Troll Farm Appears to Be Source of Anti-Ukraine Propaganda.pdf
|
|
|
|
|
2022-03-11 - Is this SID taken- Varonis Threat Labs Discovers Synthetic SID Injection Attack.pdf
|
|
|
|
|
2022-03-11 - IsaacWiper Followed HermeticWiper Attack on Ukraine Orgs.pdf
|
|
|
|
|
2022-03-11 - LockBit 2.0 Ransomware Bugs and Database Recovery Attempts PART 1.pdf
|
|
|
|
|
2022-03-11 - LockBit 2.0 Ransomware Bugs and Database Recovery Attempts PART 2.pdf
|
|
|
|
|
2022-03-11 - LockBit ransomware gang claims attack on Bridgestone Americas.pdf
|
|
|
|
|
2022-03-11 - Malware Posing as Russia DDoS Tool Bites Ukraine Hackers.pdf
|
|
|
|
|
2022-03-11 - New Formbook Campaign Delivered Through Phishing Emails.pdf
|
|
|
|
|
2022-03-11 - New Wiper Malware Attacking Russia- Deep-Dive Into RURansom Malware.pdf
|
|
|
|
|
2022-03-11 - Part 1- LockBit 2.0 ransomware bugs and database recovery attempts.pdf
|
|
|
|
|
2022-03-11 - Part 2- LockBit 2.0 ransomware bugs and database recovery attempts.pdf
|
|
|
|
|
2022-03-12 - Analyzing Malware with Hooks, Stomps, and Return-addresses.pdf
|
|
|
|
|
2022-03-12 - AsyncRAT RCE vulnerability.pdf
|
|
|
|
|
2022-03-12 - Iranian APT- New Methods to Target Turkey, Arabian Peninsula.pdf
|
|
|
|
|
2022-03-13 - APT41 (Double Dragon)- A Dual Espionage and Cyber Crime Operation.pdf
|
|
|
|
|
2022-03-13 - Cutting corners against a Dridex downloader.pdf
|
|
|
|
|
2022-03-13 - Fake Valorant cheats on YouTube infect you with RedLine stealer.pdf
|
|
|
|
|
2022-03-13 - The hidden C2- Lampion trojan release 212 is on the rise and using a C2 server for two years.pdf
|
|
|
|
|
2022-03-14 - Android malware Escobar steals your Google Authenticator MFA codes.pdf
|
|
|
|
|
2022-03-14 - Fake antivirus updates used to deploy Cobalt Strike in Ukraine.pdf
|
|
|
|
|
2022-03-14 - Falcon OverWatch Threat Hunting Uncovers Ongoing NIGHT SPIDER Zloader Campaign.pdf
|
|
|
|
|
2022-03-14 - Nasty Escobar Banking Trojan Is Targeting Google Authenticator Codes For Android.pdf
|
|
|
|
|
2022-03-14 - New CaddyWiper data wiping malware hits Ukrainian networks.pdf
|
|
|
|
|
2022-03-14 - New destructive wiper malware deployed in Ukraine.pdf
|
|
|
|
|
2022-03-14 - Researchers Find New Evidence Linking Kwampirs Malware to Shamoon APT Hackers.pdf
|
|
|
|
|
2022-03-14 - Reversing Common Obfuscation Techniques.pdf
|
|
|
|
|
2022-03-14 - Webinar on cyberattacks in Ukraine – summary and Q&A.pdf
|
|
|
|
|
2022-03-15 - Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability.pdf
|
|
|
|
|
2022-03-15 - Analysis of CaddyWiper, wiper targeting Ukraine.pdf
|
|
|
|
|
2022-03-15 - Anti-UPX Unpacking Technique.pdf
|
|
|
|
|
2022-03-15 - CaddyWiper, a new data wiper hits Ukraine.pdf
|
|
|
|
|
2022-03-15 - CaddyWiper- New wiper malware discovered in Ukraine.pdf
|
|
|
|
|
2022-03-15 - CaddyWiper- Third Wiper Malware Targeting Ukrainian Organizations.pdf
|
|
|
|
|
2022-03-15 - CaddyWiper- Yet Another Data Wiping Malware Targeting Ukrainian Networks.pdf
|
|
|
|
|
2022-03-15 - Decoding a DanaBot Downloader.pdf
|
|
|
|
|
2022-03-15 - Deep Dive Analysis - Pandora Ransomware.pdf
|
|
|
|
|
2022-03-15 - Detecting EnemyBot – Securonix Initial Coverage Advisory.pdf
|
|
|
|
|
2022-03-15 - Detecting EnemyBot.pdf
|
|
|
|
|
2022-03-15 - Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software.pdf
|
|
|
|
|
2022-03-15 - Threat Advisory- CaddyWiper.pdf
|
|
|
|
|
2022-03-15 - What Wicked Webs We Un-weave.pdf
|
|
|
|
|
2022-03-16 - BlackBerry says extortionists erase documents if ransom unpaid.pdf
|
|
|
|
|
2022-03-16 - China’s Government Is Learning From Russia’s Cyberattacks Against Ukraine.pdf
|
|
|
|
|
2022-03-16 - Cobalt Strike Analysis and Tutorial- How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect.pdf
|
|
|
|
|
2022-03-16 - Conti Ransomware - An Analysis of Key Findings (Arctic Wolf).pdf
|
|
|
|
|
2022-03-16 - CryptBot - Too good to be true.pdf
|
|
|
|
|
2022-03-16 - CVE-2022-23812- RIAEvangelist-node-ipc is malware - protestware.pdf
|
|
|
|
|
2022-03-16 - Destructive Data Wiper Malware Targeting high-profile Ukrainian Organizations.pdf
|
|
|
|
|
2022-03-16 - DirtyMoe- Worming Modules.pdf
|
|
|
|
|
2022-03-16 - Gh0stCringe RAT Being Distributed to Vulnerable Database Servers.pdf
|
|
|
|
|
2022-03-16 - Github Repository for Spark RAT.pdf
|
|
|
|
|
2022-03-16 - Have Your Cake and Eat it Too- An Overview of UNC2891.pdf
|
|
|
|
|
2022-03-16 - New Ransomware Family Identified- LokiLocker RaaS Targets Windows Systems.pdf
|
|
|
|
|
2022-03-16 - Preparing for denial-of-service attacks with Talos Incident Response.pdf
|
|
|
|
|
2022-03-16 - Qakbot infection with Cobalt Strike and VNC activity.pdf
|
|
|
|
|
2022-03-16 - Quick revs- Pandora Ransomware - The Box has been open for a while....pdf
|
|
|
|
|
2022-03-16 - Suspected Conti Ransomware Activity in the Auto Manufacturing Sector.pdf
|
|
|
|
|
2022-03-16 - The Attack of the Chameleon Phishing Page.pdf
|
|
|
|
|
2022-03-16 - Uncompromised- When REvil comes knocking.pdf
|
|
|
|
|
2022-03-16 - Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure.pdf
|
|
|
|
|
2022-03-17 - Analysis of CaddyWiper.pdf
|
|
|
|
|
2022-03-17 - ASUS warns of Cyclops Blink malware attacks targeting routers.pdf
|
|
|
|
|
2022-03-17 - Avira Labs Research Reveals Hydra Banking Trojan 2.0 targeting a wider network of German and Austrian banks.pdf
|
|
|
|
|
2022-03-17 - BIG sabotage- Famous npm package deletes files to protest Ukraine war.pdf
|
|
|
|
|
2022-03-17 - Cyclops Blink Sets Sights on Asus Routers.pdf
|
|
|
|
|
2022-03-17 - Exposing initial access broker with ties to Conti.pdf
|
|
|
|
|
2022-03-17 - From BlackMatter to BlackCat- Analyzing two attacks from one affiliate.pdf
|
|
|
|
|
2022-03-17 - IcedID Analysis.pdf
|
|
|
|
|
2022-03-17 - Meet Lapsus$- An Unusual Group in the Cyber Extortion Business.pdf
|
|
|
|
|
2022-03-17 - New Unix rootkit used to steal ATM banking data.pdf
|
|
|
|
|
2022-03-17 - Rook ransomware analysis.pdf
|
|
|
|
|
2022-03-17 - Suspected DarkHotel APT activity update.pdf
|
|
|
|
|
2022-03-17 - The Ransomware Threat Intelligence Center.pdf
|
|
|
|
|
2022-03-17 - Threat Thursday- HermeticWiper Targets Defense Sectors in Ukraine.pdf
|
|
|
|
|
2022-03-18 - Analysis of Leaked Conti Intrusion Procedures by eSentire’s Threat Response Unit (TRU).pdf
|
|
|
|
|
2022-03-18 - Cyclops Blink malware sets up shop in ASUS routers.pdf
|
|
|
|
|
2022-03-18 - Double header- IsaacWiper and CaddyWiper.pdf
|
|
|
|
|
2022-03-18 - Mēris and TrickBot standing on the shoulders of giants.pdf
|
|
|
|
|
2022-03-18 - Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers.pdf
|
|
|
|
|
2022-03-18 - Ransomware Spotlight- Hive.pdf
|
|
|
|
|
2022-03-19 - Behind the hack-and-leak scandal in Poland (UNC1151).pdf
|
|
|
|
|
2022-03-19 - LockBit Ransomware v2.0.pdf
|
|
|
|
|
2022-03-19 - New Phishing toolkit lets anyone create fake Chrome browser windows.pdf
|
|
|
|
|
2022-03-20 - WizardSpider.pdf
|
|
|
|
|
2022-03-21 - [QuickNote] Analysis of Pandora ransomware.pdf
|
|
|
|
|
2022-03-21 - Anatomy of An Mirai Botnet Attack.pdf
|
|
|
|
|
2022-03-21 - APT35 Automates Initial Access Using ProxyShell.pdf
|
|
|
|
|
2022-03-21 - BitRAT Disguised as Windows Product Key Verification Tool Being Distributed.pdf
|
|
|
|
|
2022-03-21 - BitRAT malware now spreading as a Windows 10 license activator.pdf
|
|
|
|
|
2022-03-21 - Conti Affiliate Exposed- New Domain Names, IP Addresses and Email Addresses Uncovered.pdf
|
|
|
|
|
2022-03-21 - Conti Ransomware V. 3, Including Decryptor, Leaked.pdf
|
|
|
|
|
2022-03-21 - Dynamics of Targeted Ransomware Negotiation.pdf
|
|
|
|
|
2022-03-21 - Emotet Is Back and Is Deadlier Than Ever! A Rundown of the Emotet Malware.pdf
|
|
|
|
|
2022-03-21 - eSentire Threat Intelligence Malware Analysis- HermeticWiper & PartyTicket.pdf
|
|
|
|
|
2022-03-21 - Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts.pdf
|
|
|
|
|
2022-03-21 - IoC from Operation Dragon Castling.pdf
|
|
|
|
|
2022-03-21 - Lorenz ransomware rebound- corruption and irrecoverable files.pdf
|
|
|
|
|
2022-03-21 - Python script to check a Cyclops Blink C&C.pdf
|
|
|
|
|
2022-03-21 - Sandworm- A tale of disruption told anew.pdf
|
|
|
|
|
2022-03-21 - Serpent malware campaign abuses Chocolatey Windows package manager.pdf
|
|
|
|
|
2022-03-21 - Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain.pdf
|
|
|
|
|
2022-03-21 - The Art and Science of macOS Malware Hunting with radare2 - Leveraging Xrefs, YARA and Zignatures.pdf
|
|
|
|
|
2022-03-21 - VPN Appliance Forensics.pdf
|
|
|
|
|
2022-03-21 - What is Arid Gopher- An Analysis of a New, Never-Before-Seen Malware Variant.pdf
|
|
|
|
|
2022-03-22 - Analyzing Exmatter- A Ransomware Data Exfiltration Tool.pdf
|
|
|
|
|
2022-03-22 - BitRAT Malware Seen Spreading Through Unofficial Microsoft Windows Activators.pdf
|
|
|
|
|
2022-03-22 - Cobalt Strike- Overview – Part 7.pdf
|
|
|
|
|
2022-03-22 - Conti ransomware leaks - what happens when hackers support Russia.pdf
|
|
|
|
|
2022-03-22 - DEV-0537 (LAPSUS$-UNC3661) criminal actor targeting organizations for data exfiltration and destruction.pdf
|
|
|
|
|
2022-03-22 - DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction.pdf
|
|
|
|
|
2022-03-22 - Dissecting a Phishing Campaign with a Captcha-based URL.pdf
|
|
|
|
|
2022-03-22 - Hunters Become The Hunted- Clipper Malware Disguised As AvD Crypto Stealer.pdf
|
|
|
|
|
2022-03-22 - Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group.pdf
|
|
|
|
|
2022-03-22 - Microsoft confirms they were hacked by Lapsus$ extortion group.pdf
|
|
|
|
|
2022-03-22 - Operation Dragon Castling- APT group targeting betting companies.pdf
|
|
|
|
|
2022-03-22 - Quantum Attack System – NSA -APT-C-40- Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I).pdf
|
|
|
|
|
2022-03-22 - Russian-Ukrainian Cyber Warfare – Rewterz Threat Intelligence Rollup.pdf
|
|
|
|
|
2022-03-22 - Storm Cloud on the Horizon- GIMMICK Malware Strikes at macOS.pdf
|
|
|
|
|
2022-03-22 - This is a BlackCat you don't want crossing your path.pdf
|
|
|
|
|
2022-03-22 - What does Go-written malware look like- Here's a sample under the microscope.pdf
|
|
|
|
|
2022-03-23 - A Closer Look at the LAPSUS$ Data Extortion Group.pdf
|
|
|
|
|
2022-03-23 - abuse mikrotik router by GLUPTEBA malware.pdf
|
|
|
|
|
2022-03-23 - Analysis of Attack Activity of PROMETHIUM Disguised.pdf
|
|
|
|
|
2022-03-23 - Arkei Variants- From Vidar to Mars Stealer.pdf
|
|
|
|
|
2022-03-23 - Bad Actors Trying to Capitalize on Current Events via Shameless Email Scams.pdf
|
|
|
|
|
2022-03-23 - Conti puts the organized in organized crime.pdf
|
|
|
|
|
2022-03-23 - Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack.pdf
|
|
|
|
|
2022-03-23 - GOLD ULRICK Leaks Reveal Organizational Structure and Relationships.pdf
|
|
|
|
|
2022-03-23 - Gone in 52 Seconds…and 42 Minutes- A Comparative Analysis of Ransomware Encryption Speed.pdf
|
|
|
|
|
2022-03-23 - Hunting Emotet campaigns with Kusto.pdf
|
|
|
|
|
2022-03-23 - It’s official, Lapsus$ gang compromised a Microsoft employee’s account.pdf
|
|
|
|
|
2022-03-23 - LokiLocker Ransomware May Use False Flag to Avoid Identification.pdf
|
|
|
|
|
2022-03-23 - Midas Ransomware - Tracing the Evolution of Thanos Ransomware Variants.pdf
|
|
|
|
|
2022-03-23 - MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part II.pdf
|
|
|
|
|
2022-03-23 - Mustang Panda’s Hodur- Old tricks, new Korplug variant.pdf
|
|
|
|
|
2022-03-23 - New JSSLoader Trojan Delivered Through XLL Files.pdf
|
|
|
|
|
2022-03-23 - New Mustang Panda hacking campaign targets diplomats, ISPs.pdf
|
|
|
|
|
2022-03-23 - Not So Lazarus- Mapping DPRK Cyber Threat Groups to Government Organizations.pdf
|
|
|
|
|
2022-03-23 - Raccoon Stealer – An Insight into Victim “Gates”.pdf
|
|
|
|
|
2022-03-23 - Tracking cyber intruders with Jupyter and Python.pdf
|
|
|
|
|
2022-03-23 - Trustwave’s Action Response- The Lapsus$ Hacker Group Shows Us the Importance of Securing the Digital Supply Chain.pdf
|
|
|
|
|
2022-03-24 - Alert (AA22-083A) Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector.pdf
|
|
|
|
|
2022-03-24 - Another cyber espionage campaign in the Russia-Ukrainian ongoing cyber attacks.pdf
|
|
|
|
|
2022-03-24 - Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection.pdf
|
|
|
|
|
2022-03-24 - Chinese Threat Actor Scarab Targeting Ukraine.pdf
|
|
|
|
|
2022-03-24 - Coper Banking Trojan- Android Malware Posing As Google Play Store App Installer.pdf
|
|
|
|
|
2022-03-24 - Countering threats from North Korea.pdf
|
|
|
|
|
2022-03-24 - Crypto malware in patched wallets targeting Android and iOS devices.pdf
|
|
|
|
|
2022-03-24 - GIMMICK Malware Attacks macOS to Attack Organizations Across Asia.pdf
|
|
|
|
|
2022-03-24 - IsaacWiper Continues Trend of Wiper Attacks Against Ukraine.pdf
|
|
|
|
|
2022-03-24 - Malicious Microsoft Excel add-ins used to deliver RAT malware.pdf
|
|
|
|
|
2022-03-24 - Microsoft Help Files Disguise Vidar Malware.pdf
|
|
|
|
|
2022-03-24 - Microsoft help files repurposed to contain Vidar malware in new campaign.pdf
|
|
|
|
|
2022-03-24 - Muhstik Gang targets Redis Servers.pdf
|
|
|
|
|
2022-03-24 - Phishing-kit market- what’s inside “off-the-shelf” phishing packages.pdf
|
|
|
|
|
2022-03-24 - Ransomware Threat Report 2022.pdf
|
|
|
|
|
2022-03-24 - Threat Advisory- DoubleZero.pdf
|
|
|
|
|
2022-03-24 - Threat Brief- Lapsus$ Group.pdf
|
|
|
|
|
2022-03-24 - Threat Thursday- SunSeed Malware Targets Ukraine Refugee Aid Efforts.pdf
|
|
|
|
|
2022-03-24 - UK exposes Russian spy agency behind cyber incidents.pdf
|
|
|
|
|
2022-03-24 - Ukrainian Cyber Lead Says ‘At Least 4 Types of Malware’ in Use to Target Critical Infrastructure and Humanitarian Aid.pdf
|
|
|
|
|
2022-03-24 - Vidar Malware Launcher Concealed in Help File.pdf
|
|
|
|
|
2022-03-25 - Conti Ransomware Attacks Persist With an Updated Version Despite Leaks.pdf
|
|
|
|
|
2022-03-25 - Cyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns.pdf
|
|
|
|
|
2022-03-25 - Cybercriminal Connected to Multimillion Dollar Ransomware Attacks Sentenced for Online Fraud Schemes.pdf
|
|
|
|
|
2022-03-25 - Mining data from Cobalt Strike beacons.pdf
|
|
|
|
|
2022-03-25 - Mustang Panda's Hodur- Old stuff, new variant of Korplug.pdf
|
|
|
|
|
2022-03-25 - Purple Fox Uses New Arrival Vector and Improves Malware Arsenal (IOCs).pdf
|
|
|
|
|
2022-03-25 - Purple Fox Uses New Arrival Vector and Improves Malware Arsenal.pdf
|
|
|
|
|
2022-03-25 - Raccoon Stealer malware suspends operations due to war in Ukraine.pdf
|
|
|
|
|
2022-03-25 - Rafel Rat GitHub repository.pdf
|
|
|
|
|
2022-03-25 - XLSB Files- Because Binary is Stealthier Than XML.pdf
|
|
|
|
|
2022-03-26 - An AgentTesla Sample Using VBA Macros and Certutil.pdf
|
|
|
|
|
2022-03-26 - Analysis of a Caddy Wiper Sample Targeting Ukraine.pdf
|
|
|
|
|
2022-03-27 - A Case of Vidar Infostealer - Part 1 (Unpacking).pdf
|
|
|
|
|
2022-03-27 - Conti ransomware source code investigation - part 1.pdf
|
|
|
|
|
2022-03-27 - Hive ransomware ports its Linux VMware ESXi encryptor to Rust.pdf
|
|
|
|
|
2022-03-28 - 'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks.pdf
|
|
|
|
|
2022-03-28 - A Step-by-Step Analysis of the Russian APT Turla Backdoor called TinyTurla.pdf
|
|
|
|
|
2022-03-28 - Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool.pdf
|
|
|
|
|
2022-03-28 - Betabot in the Rearview Mirror.pdf
|
|
|
|
|
2022-03-28 - Emotet is Back.pdf
|
|
|
|
|
2022-03-28 - Malicious Macros and Zone Identifier Alternate Data Stream Information Bypass.pdf
|
|
|
|
|
2022-03-28 - Microsoft Exchange targeted for IcedID reply-chain hijacking attacks.pdf
|
|
|
|
|
2022-03-28 - New Conversation Hijacking Campaign Delivering IcedID.pdf
|
|
|
|
|
2022-03-28 - New documents for the Okta breach.pdf
|
|
|
|
|
2022-03-28 - PlugX- A Talisman to Behold.pdf
|
|
|
|
|
2022-03-28 - Pwning Microsoft Azure Defender for IoT - Multiple Flaws Allow Remote Code Execution for All.pdf
|
|
|
|
|
2022-03-28 - Spoofed Invoice Used to Drop IcedID.pdf
|
|
|
|
|
2022-03-28 - Staatstrojaner-Hersteller FinFisher „ist geschlossen und bleibt es auch“.pdf
|
|
|
|
|
2022-03-28 - SunCrypt Ransomware Gains New Capabilities in 2022.pdf
|
|
|
|
|
2022-03-28 - SunCrypt ransomware is still alive and kicking in 2022.pdf
|
|
|
|
|
2022-03-28 - Threat Update DoubleZero Destructor.pdf
|
|
|
|
|
2022-03-28 - VBS Script Disguised as PDF File Being Distributed (Kimsuky).pdf
|
|
|
|
|
2022-03-29 - A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages.pdf
|
|
|
|
|
2022-03-29 - APT Attack Impersonating Defector Resume Form (VBS SCRIPT).pdf
|
|
|
|
|
2022-03-29 - Exchange Servers Speared in IcedID Phishing Campaign.pdf
|
|
|
|
|
2022-03-29 - Exclusive Threat Research- Mars (Stealer) Attacks!.pdf
|
|
|
|
|
2022-03-29 - From the Front Lines - Hive Ransomware Deploys Novel IPfuscation Technique To Avoid Detection.pdf
|
|
|
|
|
2022-03-29 - Hackers use modified MFA tool against Indian govt employees.pdf
|
|
|
|
|
2022-03-29 - Intrusion Truth - Five Years of Naming and Shaming China’s Spies.pdf
|
|
|
|
|
2022-03-29 - New spear phishing campaign targets Russian dissidents.pdf
|
|
|
|
|
2022-03-29 - Putin’s hackers gained full access to Hungary’s foreign ministry networks, the Orbán government has been unable to stop them.pdf
|
|
|
|
|
2022-03-29 - Threat Alert- First Python Ransomware Attack Targeting Jupyter Notebooks.pdf
|
|
|
|
|
2022-03-29 - Transparent Tribe campaign uses new bespoke malware to target Indian government officials.pdf
|
|
|
|
|
2022-03-29 - Unmasking China’s State Hackers.pdf
|
|
|
|
|
2022-03-29 - Verblecon- Sophisticated New Loader Used in Low-level Attacks.pdf
|
|
|
|
|
2022-03-29 - Woche 12- Schadsoftware «FluBot» in der Schweiz wieder aktiv und Web-Administratoren erhalten Drohmails von angeblich ukrainischen Hackern.pdf
|
|
|
|
|
2022-03-30 - Analysis of BlackGuard - a new info stealer malware being sold in a Russian hacking forum.pdf
|
|
|
|
|
2022-03-30 - Cloud Atlas Maldoc.pdf
|
|
|
|
|
2022-03-30 - Detecting COM Object Tasks by DarkHotel.pdf
|
|
|
|
|
2022-03-30 - Hive ransomware uses new 'IPfuscation' trick to hide payload.pdf
|
|
|
|
|
2022-03-30 - Malicious Word File Targeting Corporate Users Being Distributed.pdf
|
|
|
|
|
2022-03-30 - New Milestones for Deep Panda- Log4Shell and Digitally Signed Fire Chili Rootkits.pdf
|
|
|
|
|
2022-03-30 - New TACTICAL OCTOPUS Attack Campaign Targets US Entities with Malware Bundled in Tax-Themed Documents.pdf
|
|
|
|
|
2022-03-30 - New TACTICAL-OCTOPUS Attack Campaign Targets US Entities with Malware Bundled in Tax-Themed Documents.pdf
|
|
|
|
|
2022-03-30 - New Wave Of Remcos RAT Phishing Campaign.pdf
|
|
|
|
|
2022-03-30 - Phishing campaign targets Russian govt dissidents with Cobalt Strike.pdf
|
|
|
|
|
2022-03-30 - Social Engineering Remains Key Tradecraft for Iranian APTs.pdf
|
|
|
|
|
2022-03-30 - This new ransomware targets data visualization tool Jupyter Notebook.pdf
|
|
|
|
|
2022-03-30 - Tracking cyber activity in Eastern Europe.pdf
|
|
|
|
|
2022-03-30 - Who is EMBER BEAR-.pdf
|
|
|
|
|
2022-03-31 - AcidRain - A Modem Wiper Rains Down on Europe.pdf
|
|
|
|
|
2022-03-31 - China-Linked Group TAG-28 Targets India’s “The Times Group” and UIDAI (Aadhaar) Government Agency With Winnti Malware.pdf
|
|
|
|
|
2022-03-31 - Cloudy with a Chance of Unclear Mailbox Sync- CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365.pdf
|
|
|
|
|
2022-03-31 - Conti Leaks- Examining the Panama Papers of Ransomware.pdf
|
|
|
|
|
2022-03-31 - Conti-nuation- methods and techniques observed in operations post the leaks.pdf
|
|
|
|
|
2022-03-31 - CVE-2022-22965- Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell).pdf
|
|
|
|
|
2022-03-31 - Deep Dive Analysis - Borat RAT.pdf
|
|
|
|
|
2022-03-31 - eSentire Threat Intelligence Malware Analysis- CaddyWiper.pdf
|
|
|
|
|
2022-03-31 - FORCEDENTRY- Sandbox Escape.pdf
|
|
|
|
|
2022-03-31 - How to- Detect and prevent common data exfiltration attacks.pdf
|
|
|
|
|
2022-03-31 - Lazarus Trojanized DeFi app for delivering malware.pdf
|
|
|
|
|
2022-03-31 - LockBit victim estimates cost of ransomware attack to be $42 million.pdf
|
|
|
|
|
2022-03-31 - Meet BlackGuard- a new infostealer peddled on Russian hacker forums.pdf
|
|
|
|
|
2022-03-31 - New BlackGuard password-stealing malware sold on hacker forums.pdf
|
|
|
|
|
2022-03-31 - New Password-Stealing Malware Sells on Hacking Forum! Chrome, Binance, Outlook, Telegram Users Affected-.pdf
|
|
|
|
|
2022-03-31 - Novel obfuscation leveraged by Hive ransomware.pdf
|
|
|
|
|
2022-03-31 - Spring Vulnerability Update - Exploitation Attempts CVE-2022-22965.pdf
|
|
|
|
|
2022-03-31 - Spring4Shell- Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring.pdf
|
|
|
|
|
2022-03-31 - State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage.pdf
|
|
|
|
|
2022-03-31 - Suspected AsyncRAT Delivered via ISO Files Using HTML Smuggling Technique.pdf
|
|
|
|
|
2022-03-31 - Threat Thursday- Malicious Macros Still Causing Chaos.pdf
|
|
|
|
|
2022-03-31 - Viasat confirms satellite modems were wiped with AcidRain malware.pdf
|
|
|
|
|
2022-03-31 - VIASAT incident- from speculation to technical details..pdf
|
|
|
|
|
2022-04-01 - BERT Embeddings- A Modern Machine-learning Approach for Detecting Malware from Command Lines (Part 2 of 2).pdf
|
|
|
|
|
2022-04-01 - Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit.pdf
|
|
|
|
|
2022-04-01 - Complete dissection of an APK with a suspicious C2 Server.pdf
|
|
|
|
|
2022-04-01 - Dissecting Blackguard Info Stealer.pdf
|
|
|
|
|
2022-04-01 - Fresh TOTOLINK Vulnerabilities Picked Up by Beastmode Mirai Campaign.pdf
|
|
|
|
|
2022-04-01 - New UAC-0056 activity- There’s a Go Elephant in the room.pdf
|
|
|
|
|
2022-04-01 - Newly found Android malware records audio, tracks your location.pdf
|
|
|
|
|
2022-04-01 - Rising Stealer in Q1 2022- BlackGuard Stealer.pdf
|
|
|
|
|
2022-04-01 - Scammers are Exploiting Ukraine Donations.pdf
|
|
|
|
|
2022-04-01 - The Week in Ransomware - April 1st 2022 - 'I can fight with a keyboard'.pdf
|
|
|
|
|
2022-04-01 - Threat Update- CaddyWiper.pdf
|
|
|
|
|
2022-04-01 - What Our Honeypot Sees Just One Day After The Spring4Shell Advisory.pdf
|
|
|
|
|
2022-04-02 - Cyber Espionage Actor Deploying Malware Using Excel.pdf
|
|
|
|
|
2022-04-02 - Emotet Analysis Part 1- Unpacking.pdf
|
|
|
|
|
2022-04-02 - Malware development tricks. Find kernel32.dll base- asm style. C++ example..pdf
|
|
|
|
|
2022-04-02 - Malware development tricks. Find kernel32.dll base- asm style. CPlusPlus example..pdf
|
|
|
|
|
2022-04-02 - Study of targeted attacks on Russian research institutes.pdf
|
|
|
|
|
2022-04-03 - New Borat remote access malware is no laughing matter.pdf
|
|
|
|
|
2022-04-04 - AcidRain Wiper Malware hit Routers and Modems, Haults Communication.pdf
|
|
|
|
|
2022-04-04 - Confirmation of damage to domestic e-commerce sites, actual situation of Web skimming attacks and examples of countermeasures that Rack thinks (Water Pamola).pdf
|
|
|
|
|
2022-04-04 - Detailed Analysis of LAPSUS$ Cybercriminal Group that has Compromised Nvidia, Microsoft, Okta, and Globant.pdf
|
|
|
|
|
2022-04-04 - Elephant Framework Delivered in Phishing Attacks Against Ukrainian Organizations.pdf
|
|
|
|
|
2022-04-04 - Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums.pdf
|
|
|
|
|
2022-04-04 - FIN7 Power Hour Adversary Archaeology and the Evolution of FIN7.pdf
|
|
|
|
|
2022-04-04 - FIN7 Power Hour- Adversary Archaeology and the Evolution of FIN7.pdf
|
|
|
|
|
2022-04-04 - Ransomware Spotlight- AvosLocker.pdf
|
|
|
|
|
2022-04-04 - Sharing is Caring- Abusing Shared Sections for Code Injection.pdf
|
|
|
|
|
2022-04-04 - Spring4Shell (CVE-2022-22965)- details and mitigations.pdf
|
|
|
|
|
2022-04-04 - Stolen Images Campaign Ends in Conti Ransomware.pdf
|
|
|
|
|
2022-04-04 - The Ransomware Files, Episode 6- Kaseya and REvil.pdf
|
|
|
|
|
2022-04-05 - A New Info Stealer Targeting Over 30 Browsers.pdf
|
|
|
|
|
2022-04-05 - Azure Active Directory Exposes Internal Information.pdf
|
|
|
|
|
2022-04-05 - Chinese hackers abuse VLC Media Player to launch malware loader.pdf
|
|
|
|
|
2022-04-05 - Cicada - Chinese APT Group Widens Targeting in Recent Espionage Activity.pdf
|
|
|
|
|
2022-04-05 - Cicada- Chinese APT Group Widens Targeting in Recent Espionage Activity.pdf
|
|
|
|
|
2022-04-05 - Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique.pdf
|
|
|
|
|
2022-04-05 - eSentire Threat Intelligence Malware Analysis- DoubleZero.pdf
|
|
|
|
|
2022-04-05 - eSentire Threat Intelligence Malware Analysis- HeaderTip.pdf
|
|
|
|
|
2022-04-05 - Incident report- From CLI to console, chasing an attacker in AWS.pdf
|
|
|
|
|
2022-04-05 - Justice Department Investigation Leads to Shutdown of Largest Online Darknet Marketplace.pdf
|
|
|
|
|
2022-04-05 - Malicious Word Documents Using MS Media Player (Impersonating AhnLab).pdf
|
|
|
|
|
2022-04-05 - Move fast and commit crimes Contis development teams mirror corporate tech.pdf
|
|
|
|
|
2022-04-05 - New Analysis- The CaddyWiper Malware Attacking Ukraine.pdf
|
|
|
|
|
2022-04-05 - Peace through Pegasus Jordanian Human Rights Defenders and Journalists Hacked with Pegasus Spyware.pdf
|
|
|
|
|
2022-04-05 - RTF template injection sample targeting Malaysia.pdf
|
|
|
|
|
2022-04-05 - Russia's FSB malign activity- factsheet.pdf
|
|
|
|
|
2022-04-05 - Threat Spotlight- AsyncRAT campaigns feature new version of 3LOSH crypter.pdf
|
|
|
|
|
2022-04-05 - Thwarting Loaders- From SocGholish to BLISTER’s LockBit Payload (IoCs).pdf
|
|
|
|
|
2022-04-05 - Thwarting Loaders- From SocGholish to BLISTER’s LockBit Payload.pdf
|
|
|
|
|
2022-04-06 - Anonymous Affiliate NB65 Breach State-Run Russian Broadcaster; Leak 786GB of Data.pdf
|
|
|
|
|
2022-04-06 - Attorney General Merrick B. Garland Announces Enforcement Actions to Disrupt and Prosecute Russian Criminal Activity (video).pdf
|
|
|
|
|
2022-04-06 - Cado Discovers Denonia- The First Malware Specifically Targeting Lambda.pdf
|
|
|
|
|
2022-04-06 - Fake e‑shops on the prowl for banking credentials using Android malware.pdf
|
|
|
|
|
2022-04-06 - Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU).pdf
|
|
|
|
|
2022-04-06 - Karakurt Hacking Team Indicators of Compromise (IOC).pdf
|
|
|
|
|
2022-04-06 - Lockbit 3.0- Another Upgrade to World’s Most Active Ransomware.pdf
|
|
|
|
|
2022-04-06 - Operation Bearded Barbie- APT-C-23 Campaign Targeting Israeli Officials.pdf
|
|
|
|
|
2022-04-06 - Tax Return Customer Campaign Attempts to Infect Victims with Sorillus RAT.pdf
|
|
|
|
|
2022-04-06 - The Latest Remcos RAT Driven By Phishing Campaign.pdf
|
|
|
|
|
2022-04-06 - TRM Analysis Corroborates Suspected Ties Between Conti and Ryuk Ransomware Groups and Wizard Spider.pdf
|
|
|
|
|
2022-04-06 - UpdateAgent macOS Malware.pdf
|
|
|
|
|
2022-04-06 - US disrupts Russian Cyclops Blink botnet before being used in attacks.pdf
|
|
|
|
|
2022-04-06 - WannaHusky Malware Analysis w- YARA + TTPs.pdf
|
|
|
|
|
2022-04-06 - WannaHusky Malware Analysis w- YARA TTPs.pdf
|
|
|
|
|
2022-04-06 - Windows MetaStealer Malware.pdf
|
|
|
|
|
2022-04-06 - Yanluowang Ransomware Analysis.pdf
|
|
|
|
|
2022-04-07 - A Bad Luck BlackCat.pdf
|
|
|
|
|
2022-04-07 - Bypass Multi Factor Authentication (MFA) of OUTLOOK.pdf
|
|
|
|
|
2022-04-07 - Denys Iarmak, Member of hacking group (FIN7) sentenced for scheme that compromised tens of millions of debit and credit cards.pdf
|
|
|
|
|
2022-04-07 - Disrupting cyberattacks targeting Ukraine (APT28).pdf
|
|
|
|
|
2022-04-07 - First Malware Targeting AWS Lambda Serverless Platform Discovered.pdf
|
|
|
|
|
2022-04-07 - Google is on guard- sharks shall not pass!.pdf
|
|
|
|
|
2022-04-07 - Hamas-linked Hackers Targeting High-Ranking Israelis Using 'Catfish' Lures.pdf
|
|
|
|
|
2022-04-07 - Looking Inside Pandora’s Box.pdf
|
|
|
|
|
2022-04-07 - Malicious web redirect service infects 16,500 sites to push malware.pdf
|
|
|
|
|
2022-04-07 - Malpedia Page for GraphSteel.pdf
|
|
|
|
|
2022-04-07 - Mars, a red-hot information stealer.pdf
|
|
|
|
|
2022-04-07 - MoqHao Part 2- Continued European Expansion.pdf
|
|
|
|
|
2022-04-07 - New Octo Banking Trojan Spreading via Fake Apps on Google Play Store.pdf
|
|
|
|
|
2022-04-07 - North Korea- Intelligence Assessment 2022.pdf
|
|
|
|
|
2022-04-07 - office-node (OFFODE) - This is POC of how an attacker automate user's responce and bypass outlook.pdf
|
|
|
|
|
2022-04-07 - Parrot TDS takes over web servers and threatens millions.pdf
|
|
|
|
|
2022-04-07 - Revenge RAT Malware is back- From Microsoft Excel macros to Remote Access Trojan.pdf
|
|
|
|
|
2022-04-07 - SPM55- Ascending the Ranks of Indonesian Phishing As A Service Offerings.pdf
|
|
|
|
|
2022-04-07 - Threat Thursday- AvosLocker Prompts Advisory from FBI and FinCEN.pdf
|
|
|
|
|
2022-04-07 - Ukraine CyberWar Overview.pdf
|
|
|
|
|
2022-04-07 - You Bet Your Lsass- Hunting LSASS Access.pdf
|
|
|
|
|
2022-04-08 - China accused of cyberattacks on Indian power grid.pdf
|
|
|
|
|
2022-04-08 - ConversingLabs Ep. 2- Conti pivots as ransomware as a service struggles.pdf
|
|
|
|
|
2022-04-08 - CVE-2022-22965- Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware.pdf
|
|
|
|
|
2022-04-08 - East Tennessee Children’s Hospital updates information on ransomware incident.pdf
|
|
|
|
|
2022-04-08 - Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware.pdf
|
|
|
|
|
2022-04-08 - Look out for Octo's tentacles! A new on-device fraud Android Banking Trojan with a rich legacy.pdf
|
|
|
|
|
2022-04-08 - Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine.pdf
|
|
|
|
|
2022-04-08 - New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns.pdf
|
|
|
|
|
2022-04-08 - Researchers Connect BlackCat Ransomware with Past BlackMatter Malware Activity.pdf
|
|
|
|
|
2022-04-08 - Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube.pdf
|
|
|
|
|
2022-04-09 - Hackers use Conti's leaked ransomware to attack Russian companies.pdf
|
|
|
|
|
2022-04-09 - Method of analyzing and unpacking compressed PE (Portable Executable) files.pdf
|
|
|
|
|
2022-04-09 - New Android banking malware remotely takes control of your device.pdf
|
|
|
|
|
2022-04-09 - Two men arrested for impersonating DHS employees. Lets unravel some infrastructure..pdf
|
|
|
|
|
2022-04-10 - New Meta information stealer distributed in malspam campaign.pdf
|
|
|
|
|
2022-04-10 - Qakbot Series- String Obfuscation.pdf
|
|
|
|
|
2022-04-10 - Threatening Redirect Web Service Instills Malicious Campaigns In Over 16,500 Websites.pdf
|
|
|
|
|
2022-04-10 - Zebrocy Malware Technical Analysis Report.pdf
|
|
|
|
|
2022-04-11 - Analysis of the SunnyDay ransomware.pdf
|
|
|
|
|
2022-04-11 - CISA warns orgs of WatchGuard bug exploited by Russian state hackers.pdf
|
|
|
|
|
2022-04-11 - Conti ransomware source code investigation - part 2.pdf
|
|
|
|
|
2022-04-11 - DPRK-Nexus Adversary Targets South-Korean Individuals In A New Chapter of Kitty Phishing Operation.pdf
|
|
|
|
|
2022-04-11 - Fake Chrome Setup Leads to NetSupportManager RAT and Mars Stealer.pdf
|
|
|
|
|
2022-04-11 - Fakecalls- a talking Trojan.pdf
|
|
|
|
|
2022-04-11 - IRQLs Close Encounters of the Rootkit Kind.pdf
|
|
|
|
|
2022-04-11 - Leaked Conti Ransomware Used to Target Russia.pdf
|
|
|
|
|
2022-04-11 - Obfuscated obfuscation.pdf
|
|
|
|
|
2022-04-11 - Process Injection using CreateRemoteThread API.pdf
|
|
|
|
|
2022-04-11 - Qbot malware switches to new Windows Installer infection vector.pdf
|
|
|
|
|
2022-04-11 - Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild.pdf
|
|
|
|
|
2022-04-11 - Snow Abuse- Analysis of the Suspected Lazarus Attack Activities against South Korean Companies.pdf
|
|
|
|
|
2022-04-12 - Attackers linger on government agency computers before deploying Lockbit ransomware.pdf
|
|
|
|
|
2022-04-12 - Enemybot- A Look into Keksec's Latest DDoS Botnet.pdf
|
|
|
|
|
2022-04-12 - Ghidra script to handle stack strings.pdf
|
|
|
|
|
2022-04-12 - Industroyer2- Industroyer reloaded .pdf
|
|
|
|
|
2022-04-12 - Industroyer2- Industroyer reloaded.pdf
|
|
|
|
|
2022-04-12 - Malware Campaigns Targeting African Banking Sector.pdf
|
|
|
|
|
2022-04-12 - March 2022’s Most Wanted Malware- Easter Phishing Scams Help Emotet Assert its Dominance.pdf
|
|
|
|
|
2022-04-12 - Qbot Botnet Deploys Malware Payloads Through Malicious Windows Installers.pdf
|
|
|
|
|
2022-04-12 - Recent attacks by Bahamut group revealed.pdf
|
|
|
|
|
2022-04-12 - SystemBC Being Used by Various Attackers.pdf
|
|
|
|
|
2022-04-12 - Tarrask malware uses scheduled tasks for defense evasion.pdf
|
|
|
|
|
2022-04-12 - The State of Stalkerware in 2021.pdf
|
|
|
|
|
2022-04-12 - Threat Profile- Avaddon.pdf
|
|
|
|
|
2022-04-12 - Threat Profile- Conti.pdf
|
|
|
|
|
2022-04-12 - Threat Profile- Hive.pdf
|
|
|
|
|
2022-04-12 - Threat Profile- LockBit.pdf
|
|
|
|
|
2022-04-12 - Threat Profile- REvil.pdf
|
|
|
|
|
2022-04-13 - Alert (AA22-103A) APT Cyber Tools Targeting ICS-SCADA Devices.pdf
|
|
|
|
|
2022-04-13 - Court order for taking down Zloader Infrastructure.pdf
|
|
|
|
|
2022-04-13 - Dismantling ZLoader- How malicious ads led to disabled security tools and ransomware.pdf
|
|
|
|
|
2022-04-13 - Emotet modules and recent attacks.pdf
|
|
|
|
|
2022-04-13 - ESET takes part in global operation to disrupt Zloader botnets.pdf
|
|
|
|
|
2022-04-13 - Fodcha, a new DDos botnet.pdf
|
|
|
|
|
2022-04-13 - INCONTROLLER- New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems.pdf
|
|
|
|
|
2022-04-13 - New Threat- The Muffled Fodcha Botnet.pdf
|
|
|
|
|
2022-04-13 - Notorious cybercrime gang’s botnet disrupted.pdf
|
|
|
|
|
2022-04-13 - Qakbot Series- Configuration Extraction.pdf
|
|
|
|
|
2022-04-13 - What is going on with Lapsus$-.pdf
|
|
|
|
|
2022-04-13 - Zhadnost strikes again… this time in Finland..pdf
|
|
|
|
|
2022-04-14 - -Haskers Gang- Introduces New ZingoStealer.pdf
|
|
|
|
|
2022-04-14 - 404 — File still found.pdf
|
|
|
|
|
2022-04-14 - Blinding Snort- Breaking The Modbus OT Preprocessor.pdf
|
|
|
|
|
2022-04-14 - Hackers target Ukrainian govt with IcedID malware, Zimbra exploits.pdf
|
|
|
|
|
2022-04-14 - Hacking activity of SectorB Group in 2021 Chinese government supported hacking group SectorB.pdf
|
|
|
|
|
2022-04-14 - Lazarus Targets Chemical Sector.pdf
|
|
|
|
|
2022-04-14 - New ZingoStealer infostealer drops more malware, cryptominers.pdf
|
|
|
|
|
2022-04-14 - Old Gremlins, new methods.pdf
|
|
|
|
|
2022-04-14 - Orion Threat Alert- Flight of the BumbleBee.pdf
|
|
|
|
|
2022-04-14 - Threat Spotlight- -Haskers Gang- Introduces New ZingoStealer.pdf
|
|
|
|
|
2022-04-14 - Threat Thursday- HeaderTip Backdoor Shows Attackers from China Preying on Ukraine.pdf
|
|
|
|
|
2022-04-14 - Zloader 2- The Silent Night.pdf
|
|
|
|
|
2022-04-15 - Karakurt revealed as data extortion arm of Conti cybercrime syndicate.pdf
|
|
|
|
|
2022-04-15 - Revisiting BatLoader C2 structure.pdf
|
|
|
|
|
2022-04-15 - STRT-TA03 CPE - Destructive Software.pdf
|
|
|
|
|
2022-04-15 - The Karakurt Web- Threat Intel and Blockchain Analysis Reveals Extension of Conti Business Model.pdf
|
|
|
|
|
2022-04-15 - Top 10 Malware March 2022.pdf
|
|
|
|
|
2022-04-15 - Tough Times for Ukrainian Honeypot-.pdf
|
|
|
|
|
2022-04-16 - Qakbot Series- Process Injection.pdf
|
|
|
|
|
2022-04-16 - Snip3 Crypter used with DCRat via VBScript.pdf
|
|
|
|
|
2022-04-17 - Lessons from the Conti Leaks.pdf
|
|
|
|
|
2022-04-17 - Qakbot Series- API Hashing.pdf
|
|
|
|
|
2022-04-17 - Reversing a NSIS dropper using quick and dirty shellcode emulation.pdf
|
|
|
|
|
2022-04-18 - A blueprint for evading industry leading endpoint protection in 2022.pdf
|
|
|
|
|
2022-04-18 - A new type of malware from the Lazarus attack group that exploits the INITECH process..pdf
|
|
|
|
|
2022-04-18 - Alert (AA22-108A)- TraderTraitor- North Korean State-Sponsored APT Targets Blockchain Companies.pdf
|
|
|
|
|
2022-04-18 - An Investigation of the BlackCat Ransomware via Trend Micro Vision One.pdf
|
|
|
|
|
2022-04-18 - CatalanGate Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru.pdf
|
|
|
|
|
2022-04-18 - Conti Group Targets ESXi Hypervisors With its Linux Variant.pdf
|
|
|
|
|
2022-04-18 - Enter KaraKurt- Data Extortion Arm of Prolific Ransomware Group.pdf
|
|
|
|
|
2022-04-18 - Free decryptor released for Yanluowang ransomware victims.pdf
|
|
|
|
|
2022-04-18 - From the Front Lines - Peering into A PYSA Ransomware Attack.pdf
|
|
|
|
|
2022-04-18 - How to recover files encrypted by Yanlouwang.pdf
|
|
|
|
|
2022-04-18 - New BotenaGo Variant Discovered by Nozomi Networks Labs.pdf
|
|
|
|
|
2022-04-18 - Nobelium - Israeli Embassy Maldoc.pdf
|
|
|
|
|
2022-04-18 - Trends in the Recent Emotet Maldoc Outbreak.pdf
|
|
|
|
|
2022-04-18 - Under The Lens- Eagle Monitor RAT - Upgraded Version Of RAT With New TTPs.pdf
|
|
|
|
|
2022-04-18 - Unofficial Windows 11 upgrade installs info-stealing malware.pdf
|
|
|
|
|
2022-04-19 - BAZARLOADER- Unpacking An ISO File Infection.pdf
|
|
|
|
|
2022-04-19 - Emotet botnet switches to 64-bit modules, increases activity.pdf
|
|
|
|
|
2022-04-19 - Extracting Cobalt Strike from Windows Error Reporting.pdf
|
|
|
|
|
2022-04-19 - Fake MetaMask App Steals Cryptocurrency.pdf
|
|
|
|
|
2022-04-19 - Hive Ransomware Analysis.pdf
|
|
|
|
|
2022-04-19 - Stop Crypto Kleptos in Their Tracks.pdf
|
|
|
|
|
2022-04-19 - Using Emulation Against Anti-Reverse Engineering Techniques.pdf
|
|
|
|
|
2022-04-20 - 'aa' distribution Qakbot (Qbot) infection with DarkVNC traffic.pdf
|
|
|
|
|
2022-04-20 - Alert (AA22-110A)- Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure.pdf
|
|
|
|
|
2022-04-20 - Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners.pdf
|
|
|
|
|
2022-04-20 - Mars Stealer malware analysis.pdf
|
|
|
|
|
2022-04-20 - Microsoft Exchange servers hacked to deploy Hive ransomware.pdf
|
|
|
|
|
2022-04-20 - REvil's TOR sites come alive to redirect to new ransomware operation.pdf
|
|
|
|
|
2022-04-20 - Russian hackers target Czech websites in a series of cyberattacks.pdf
|
|
|
|
|
2022-04-20 - Shuckworm- Espionage Group Continues Intense Campaign Against Ukraine.pdf
|
|
|
|
|
2022-04-20 - TraderTraitor- North Korean State-Sponsored APT Targets Blockchain Companies.pdf
|
|
|
|
|
2022-04-21 - Criminals provide Ginzo stealer for free, now it is gaining traction.pdf
|
|
|
|
|
2022-04-21 - GOLD ULRICK Continues Conti Operations Despite Public Disclosures.pdf
|
|
|
|
|
2022-04-21 - Hackers Spearphish Corporate Hiring Managers with Poisoned Resumes, Infecting Them with the More_Eggs Malware, Warns eSentire.pdf
|
|
|
|
|
2022-04-21 - Nokoyawa Ransomware - New Karma-Nemty Variant Wears Thin Disguise.pdf
|
|
|
|
|
2022-04-21 - Prynt Stealer Spotted In The Wild.pdf
|
|
|
|
|
2022-04-21 - Threat Thursday- BlackGuard Infostealer Rises from Russian Underground Markets.pdf
|
|
|
|
|
2022-04-21 - Understanding Cobalt Strike Profiles - Updated For Cobalt Strike 4.6.pdf
|
|
|
|
|
2022-04-21 - Warez users fell for Certishell.pdf
|
|
|
|
|
2022-04-22 - FIN7 Power Hour- Adversary Archaeology and the Evolution of FIN7.pdf
|
|
|
|
|
2022-04-23 - Cryptojacking on the Fly- TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency.pdf
|
|
|
|
|
2022-04-23 - Industroyer2 in Perspective.pdf
|
|
|
|
|
2022-04-24 - Github Repository for Stealerium.pdf
|
|
|
|
|
2022-04-24 - Shortcut to Emotet, an odd TTP change.pdf
|
|
|
|
|
2022-04-25 - [RE026] A Deep Dive into Zloader - the Silent Night.pdf
|
|
|
|
|
2022-04-25 - Choziosi Loader- Multi-platform campaign delivering browser extension malware.pdf
|
|
|
|
|
2022-04-25 - Deep Dive into the Elephant Framework – A New Cyber Threat in Ukraine.pdf
|
|
|
|
|
2022-04-25 - Defeating BazarLoader Anti-Analysis Techniques.pdf
|
|
|
|
|
2022-04-25 - Full RedLine malware analysis - IoCs - Stealing information.pdf
|
|
|
|
|
2022-04-25 - INDUSTROYER.V2- Old Malware Learns New Tricks.pdf
|
|
|
|
|
2022-04-25 - Industroyer2 IEC-104 Analysis.pdf
|
|
|
|
|
2022-04-25 - New Core Impact Backdoor Delivered Via VMware Vulnerability.pdf
|
|
|
|
|
2022-04-25 - Quantum Ransomware.pdf
|
|
|
|
|
2022-04-25 - Simple PDF Linking to Malicious Content.pdf
|
|
|
|
|
2022-04-25 - Static unpacker and decoder for Hello Kitty Packer.pdf
|
|
|
|
|
2022-04-25 - THREAT ANALYSIS REPORT- SocGholish and Zloader – From Fake Updates and Installers to Owning Your Systems.pdf
|
|
|
|
|
2022-04-26 - A -Naver--ending game of Lazarus APT.pdf
|
|
|
|
|
2022-04-26 - American Dental Association hit by new Black Basta ransomware.pdf
|
|
|
|
|
2022-04-26 - Conti and Emotet A constantly destructive duo.pdf
|
|
|
|
|
2022-04-26 - Emotet malware now installs via PowerShell in Windows shortcut files.pdf
|
|
|
|
|
2022-04-26 - Emotet Tests New Delivery Techniques.pdf
|
|
|
|
|
2022-04-26 - Hive0117 Continues Fileless Malware Delivery in Eastern Europe.pdf
|
|
|
|
|
2022-04-26 - How Cybercriminals Abuse Cloud Tunneling Services.pdf
|
|
|
|
|
2022-04-26 - New Malware of Lazarus Threat Actor Group Exploiting INITECH Process.pdf
|
|
|
|
|
2022-04-27 - A lookback under the TA410 umbrella- Its cyberespionage TTPs and activity.pdf
|
|
|
|
|
2022-04-27 - Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities.pdf
|
|
|
|
|
2022-04-27 - APT trends report Q1 2022.pdf
|
|
|
|
|
2022-04-27 - Assembling the Russian Nesting Doll- UNC2452 Merged into APT29.pdf
|
|
|
|
|
2022-04-27 - BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX.pdf
|
|
|
|
|
2022-04-27 - Detecting Ransomware’s Stealthy Boot Configuration Edits.pdf
|
|
|
|
|
2022-04-27 - Emotet Returns With New TTPs And Delivers .Lnk Files To Its Victims.pdf
|
|
|
|
|
2022-04-27 - eSentire Threat Intelligence Malware Analysis- SolarMarker.pdf
|
|
|
|
|
2022-04-27 - Industroyer2- Nozomi Networks Labs Analyzes the IEC 104 Payload.pdf
|
|
|
|
|
2022-04-27 - IOCs for Earth Berberoka - Linux.pdf
|
|
|
|
|
2022-04-27 - IOCs for Earth Berberoka - MacOS.pdf
|
|
|
|
|
2022-04-27 - IOCs for Earth Berberoka - Windows.pdf
|
|
|
|
|
2022-04-27 - IOCs for Earth Berberoka.pdf
|
|
|
|
|
2022-04-27 - LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility.pdf
|
|
|
|
|
2022-04-27 - New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware.pdf
|
|
|
|
|
2022-04-27 - New Black Basta ransomware springs into action with a dozen breaches.pdf
|
|
|
|
|
2022-04-27 - RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign.pdf
|
|
|
|
|
2022-04-27 - Reverse Engineering PsExec for fun and knowledge.pdf
|
|
|
|
|
2022-04-27 - Stonefly- North Korea-linked Spying Operation Continues to Hit High-value Targets.pdf
|
|
|
|
|
2022-04-27 - Targeted attack on Thailand Pass customers delivers AsyncRAT.pdf
|
|
|
|
|
2022-04-27 - The chronicles of Bumblebee- The Hook, the Bee, and the Trickbot connection.pdf
|
|
|
|
|
2022-04-28 - An Overview of the Increasing Wiper Malware Threat.pdf
|
|
|
|
|
2022-04-28 - Chinese APT Bronze President Mounts Spy Campaign on Russian Military.pdf
|
|
|
|
|
2022-04-28 - LAPSUS$- Recent techniques, tactics and procedures.pdf
|
|
|
|
|
2022-04-28 - New Bumblebee malware replaces Conti's BazarLoader in cyberattacks.pdf
|
|
|
|
|
2022-04-28 - Peeking into PrivateLoader.pdf
|
|
|
|
|
2022-04-28 - Ransomware- How Attackers are Breaching Corporate Networks.pdf
|
|
|
|
|
2022-04-28 - This isn't Optimus Prime's Bumblebee but it's Still Transforming.pdf
|
|
|
|
|
2022-04-28 - Threat Thursday- BoratRAT.pdf
|
|
|
|
|
2022-04-28 - Trello From the Other Side- Tracking APT29 Phishing Campaigns.pdf
|
|
|
|
|
2022-04-29 - Adventures in the land of BumbleBee – a new malicious loader.pdf
|
|
|
|
|
2022-04-29 - Attack Graph Response to UNC1151 Continued Targeting of Ukraine.pdf
|
|
|
|
|
2022-04-29 - German wind farm operator confirms cybersecurity incident.pdf
|
|
|
|
|
2022-04-29 - Sliver Case Study- Assessing Common Offensive Security Tools The Use of the Sliver C2 Framework for Malicious Purposes.pdf
|
|
|
|
|
2022-04-29 - Stormous- The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine.pdf
|
|
|
|
|
2022-04-29 - The LOTUS PANDA Is Awake, Again. Analysis Of Its Last Strike..pdf
|
|
|
|
|
2022-04-29 - Using EPSS to Predict Threats and Secure Your Network.pdf
|
|
|
|
|
2022-04-29 - Warning- GRIM and Magnus Android Botnets are Underground.pdf
|
|
|
|
|
2022-04-30 - Fake Windows 10 updates infect you with Magniber ransomware.pdf
|
|
|
|
|
2022-04-30 - PortDoor- New Chinese APT Backdoor Attack Targets Russian Defense Sector.pdf
|
|
|
|
|
2022-05-01 - Gamer Cheater Hacker Spy.pdf
|
|
|
|
|
2022-05-01 - REvil Reborn Ransom Config.pdf
|
|
|
|
|
2022-05-02 - Analysis on recent wiper attacks- examples and how wiper malware works.pdf
|
|
|
|
|
2022-05-02 - AsyncRAT Activity.pdf
|
|
|
|
|
2022-05-02 - Attack Campaigns that Exploit Shortcuts and ISO Files.pdf
|
|
|
|
|
2022-05-02 - AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell.pdf
|
|
|
|
|
2022-05-02 - Detecting Hypervisor-assisted Hooking.pdf
|
|
|
|
|
2022-05-02 - Moshen Dragon’s Triad-and-Error Approach - Abusing Security Software to Sideload PlugX and ShadowPad.pdf
|
|
|
|
|
2022-05-02 - UNC3524- Eye Spy on Your Email.pdf
|
|
|
|
|
2022-05-03 - A new BluStealer Loader Uses Direct Syscalls to Evade EDRs.pdf
|
|
|
|
|
2022-05-03 - Analysis of BlackByte Ransomware's Go-Based Variants.pdf
|
|
|
|
|
2022-05-03 - Conti and Hive ransomware operations- What we learned from these groups' victim chats.pdf
|
|
|
|
|
2022-05-03 - SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse.pdf
|
|
|
|
|
2022-05-03 - Subdomain Takeovers and 1.1 million “dangling” risks.pdf
|
|
|
|
|
2022-05-03 - The Hermit Kingdom’s Ransomware play.pdf
|
|
|
|
|
2022-05-03 - The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader- IsaacWiper Vs Vatet.pdf
|
|
|
|
|
2022-05-03 - Unpacking Python Executables on Windows and Linux.pdf
|
|
|
|
|
2022-05-03 - Update on cyber activity in Eastern Europe.pdf
|
|
|
|
|
2022-05-04 - A new secret stash for “fileless” malware.pdf
|
|
|
|
|
2022-05-04 - Attacking Emotet’s Control Flow Flattening.pdf
|
|
|
|
|
2022-05-04 - Chinese Naikon Group Back with New Espionage Attack.pdf
|
|
|
|
|
2022-05-04 - Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack.pdf
|
|
|
|
|
2022-05-04 - Fresh Phish- Britain’s National Health Service Infected by Massive Phishing Campaign.pdf
|
|
|
|
|
2022-05-04 - Old Services, New Tricks- Cloud Metadata Abuse by UNC2903.pdf
|
|
|
|
|
2022-05-04 - Operation CuckooBees- A Winnti Malware Arsenal Deep-Dive.pdf
|
|
|
|
|
2022-05-04 - Operation CuckooBees- Deep-Dive into Stealthy Winnti Techniques.pdf
|
|
|
|
|
2022-05-04 - Scheduled Task Tampering.pdf
|
|
|
|
|
2022-05-04 - Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware.pdf
|
|
|
|
|
2022-05-05 - A Sticky Situation Part 1- The Pervasive Nature of Credit Card Skimmers.pdf
|
|
|
|
|
2022-05-05 - Analysis of MS Word to drop Remcos RAT - VBA extraction and analysis - IoCs.pdf
|
|
|
|
|
2022-05-05 - BLISTER Loader.pdf
|
|
|
|
|
2022-05-05 - Cybercrime loves company Conti cooperated with other ransomware gangs.pdf
|
|
|
|
|
2022-05-05 - Mustang Panda deploys a new wave of malware targeting Europe.pdf
|
|
|
|
|
2022-05-05 - NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service.pdf
|
|
|
|
|
2022-05-05 - Nigerian Tesla- 419 scammer gone malware distributor unmasked.pdf
|
|
|
|
|
2022-05-05 - North Korea’s Lazarus- their initial access trade-craft using social media and social engineering.pdf
|
|
|
|
|
2022-05-05 - Raspberry Robin gets the worm early.pdf
|
|
|
|
|
2022-05-05 - Studying “Next Generation Malware” - NightHawk’s Attempt At Obfuscate and Sleep.pdf
|
|
|
|
|
2022-05-05 - The Sample- Beating the Malware Piñata.pdf
|
|
|
|
|
2022-05-05 - Threat Thursday- ZingoStealer – The Cost of “Free”.pdf
|
|
|
|
|
2022-05-05 - Tinker Telco Soldier Spy (to be given 2022-06-27).pdf
|
|
|
|
|
2022-05-06 - Cobalt Strike Analysis and Tutorial- CS Metadata Encoding and Decoding.pdf
|
|
|
|
|
2022-05-06 - Emotet- New Delivery Mechanism to Bypass VBA Protection.pdf
|
|
|
|
|
2022-05-06 - Github Repository for Mineping.pdf
|
|
|
|
|
2022-05-06 - macOS Malware Is More Reality Than Myth- Popular Threats and Challenges in Analysis.pdf
|
|
|
|
|
2022-05-06 - Mobile subscription Trojans and their little tricks.pdf
|
|
|
|
|
2022-05-06 - OFAC Sanctions Virtual Asset Mixer For the First Time to Combat North Korea’s Lazarus Group.pdf
|
|
|
|
|
2022-05-06 - Ransomware- LockBit 3.0 Starts Using in Cyberattacks.pdf
|
|
|
|
|
2022-05-06 - Rebranded Babuk Ransomware In Action- DarkAngels Ransomware Performs Targeted Attack.pdf
|
|
|
|
|
2022-05-06 - This New Fileless Malware Hides Shellcode in Windows Event Logs.pdf
|
|
|
|
|
2022-05-08 - Bzz.. Bzz.. Bumblebee loader.pdf
|
|
|
|
|
2022-05-08 - Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine.pdf
|
|
|
|
|
2022-05-08 - Ursnif Malware Banks on News Events for Phishing Attacks.pdf
|
|
|
|
|
2022-05-09 - Cybereason vs. Quantum Locker Ransomware.pdf
|
|
|
|
|
2022-05-09 - Dirty Deeds Done Dirt Cheap- Russian RAT Offers Backdoor Bargains.pdf
|
|
|
|
|
2022-05-09 - Emotet C2 and Spam Traffic Video.pdf
|
|
|
|
|
2022-05-09 - Examining the Black Basta Ransomware’s Infection Routine.pdf
|
|
|
|
|
2022-05-09 - From the Front Lines - Unsigned macOS oRAT Malware Gambles For The Win.pdf
|
|
|
|
|
2022-05-09 - Hiding in Plain Sight- Obscuring C2s by Abusing CDN Services.pdf
|
|
|
|
|
2022-05-09 - Octopus Backdoor is Back with a New Embedded Obfuscated Bat File.pdf
|
|
|
|
|
2022-05-09 - Ransomware-as-a-service- Understanding the cybercrime gig economy and how to protect yourself.pdf
|
|
|
|
|
2022-05-09 - REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence.pdf
|
|
|
|
|
2022-05-09 - SEO Poisoning – A Gootloader Story.pdf
|
|
|
|
|
2022-05-09 - XenArmor - Windows Security & Password Recovery Software.pdf
|
|
|
|
|
2022-05-10 - A Malware Analysis in RU-AU conflict.pdf
|
|
|
|
|
2022-05-10 - A Tale of Two Markets - Investigating the Ransomware Payments Economy.pdf
|
|
|
|
|
2022-05-10 - APT34 targets Jordan Government using new Saitama backdoor.pdf
|
|
|
|
|
2022-05-10 - Info-stealer Campaign targets German Car Dealerships and Manufacturers.pdf
|
|
|
|
|
2022-05-10 - Malicious PDF Document Analysis - Lazyscripter.pdf
|
|
|
|
|
2022-05-10 - Redline Stealer Masquerades as Photo Editing Software.pdf
|
|
|
|
|
2022-05-11 - Analysis of an Iranian APTs E400 PowGoop Variant Reveals Dozens of Control Servers Dating Back to 202.pdf
|
|
|
|
|
2022-05-11 - Bitter APT adds Bangladesh to their targets.pdf
|
|
|
|
|
2022-05-11 - Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia.pdf
|
|
|
|
|
2022-05-11 - BPFDoor - An Evasive Linux Backdoor Technical Analysis.pdf
|
|
|
|
|
2022-05-11 - Detecting a MUMMY SPIDER campaign and Emotet infection.pdf
|
|
|
|
|
2022-05-11 - Nerbian RAT Using COVID-19 Themes Features Sophisticated Evasion Techniques.pdf
|
|
|
|
|
2022-05-11 - New ransomware trends in 2022.pdf
|
|
|
|
|
2022-05-11 - Operation RestyLink- Targeted attack campaign targeting Japanese companies.pdf
|
|
|
|
|
2022-05-11 - Please Confirm You Received Our APT.pdf
|
|
|
|
|
2022-05-11 - Proactive Threat Hunting Bears Fruit- Falcon OverWatch Detects Novel IceApple Post-Exploitation Framework.pdf
|
|
|
|
|
2022-05-11 - TA578 using thread-hijacked emails to push ISO files for Bumblebee malware.pdf
|
|
|
|
|
2022-05-11 - Transparent Tribe Targets Educational Institution.pdf
|
|
|
|
|
2022-05-12 - A Closer Look At Eternity Malware- Threat Actors Leveraging Telegram To Build Malware.pdf
|
|
|
|
|
2022-05-12 - A closer look at Eternity Malware.pdf
|
|
|
|
|
2022-05-12 - COBALT MIRAGE Conducts Ransomware Operations in U.S..pdf
|
|
|
|
|
2022-05-12 - Eternity malware kit offers stealer miner worm ransomware tools.pdf
|
|
|
|
|
2022-05-12 - Eternity malware kit offers stealer, miner, worm, ransomware tools.pdf
|
|
|
|
|
2022-05-12 - Github Repository for NetSpy.pdf
|
|
|
|
|
2022-05-12 - Harmful Help- Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla.pdf
|
|
|
|
|
2022-05-12 - KurayStealer- A Bandit Using Discord Webhooks.pdf
|
|
|
|
|
2022-05-12 - Malware targeting latest F5 vulnerability.pdf
|
|
|
|
|
2022-05-12 - Network Footprints of Gamaredon Group.pdf
|
|
|
|
|
2022-05-12 - New SYK Crypter Distributed Via Discord.pdf
|
|
|
|
|
2022-05-12 - Phishing Campaign Delivering Three Fileless Malware- AveMariaRAT - BitRAT - PandoraHVNC – Part I.pdf
|
|
|
|
|
2022-05-12 - RedLine Stealer Campaign Using Binance Mystery Box Videos to Spread GitHub-Hosted Payload.pdf
|
|
|
|
|
2022-05-12 - Reversing an Android sample which uses Flutter.pdf
|
|
|
|
|
2022-05-12 - Suspicious DLL- Raspberry Robin-.pdf
|
|
|
|
|
2022-05-12 - Taking a look at Bumblebee loader.pdf
|
|
|
|
|
2022-05-12 - Technical Analysis of Emerging, Sophisticated Pandora Ransomware Group.pdf
|
|
|
|
|
2022-05-12 - The Goot cause- Detecting Gootloader and its follow-on activity.pdf
|
|
|
|
|
2022-05-12 - Threat Thursday- Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure.pdf
|
|
|
|
|
2022-05-12 - What malware to look for if you want to prevent a ransomware attack.pdf
|
|
|
|
|
2022-05-13 - Analyzing a Pirrit adware installer.pdf
|
|
|
|
|
2022-05-13 - Cozy Smuggled Into The Box- APT29 Abusing Legitimate Software For Targeted Operations In Europe.pdf
|
|
|
|
|
2022-05-13 - Teabot.pdf
|
|
|
|
|
2022-05-15 - Fake Pixelmon NFT site infects you with password-stealing malware.pdf
|
|
|
|
|
2022-05-16 - Analysis of HUI Loader.pdf
|
|
|
|
|
2022-05-16 - Apollo on Github.pdf
|
|
|
|
|
2022-05-16 - Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis.pdf
|
|
|
|
|
2022-05-16 - Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys.pdf
|
|
|
|
|
2022-05-16 - HTML attachments in phishing e-mails.pdf
|
|
|
|
|
2022-05-16 - New Ransomware Group- RansomHouse – Is it Real or Fake-.pdf
|
|
|
|
|
2022-05-16 - Ukraine supporters in Germany targeted with PowerShell RAT malware.pdf
|
|
|
|
|
2022-05-16 - UpdateAgent Adapts Again.pdf
|
|
|
|
|
2022-05-17 - A peek behind the BPFDoor.pdf
|
|
|
|
|
2022-05-17 - Chaos Ransomware Variant Sides with Russia.pdf
|
|
|
|
|
2022-05-17 - Emotet Summary- November 2021 Through January 2022.pdf
|
|
|
|
|
2022-05-17 - EternityTeam- a new prominent threat group on underground forums.pdf
|
|
|
|
|
2022-05-17 - Hydra with Three Heads- BlackByte & The Future of Ransomware Subsidiary Groups.pdf
|
|
|
|
|
2022-05-17 - In hot pursuit of cryware Defending hot wallets from attacks.pdf
|
|
|
|
|
2022-05-17 - In hot pursuit of ‘cryware’- Defending hot wallets from attacks.pdf
|
|
|
|
|
2022-05-17 - Ransomware Spotlight RansomEXX - Security News.pdf
|
|
|
|
|
2022-05-17 - Space Pirates analyzing the tools and connections of a new hacker group.pdf
|
|
|
|
|
2022-05-17 - X-Cart Skimmer with DOM-based Obfuscation.pdf
|
|
|
|
|
2022-05-18 - A Case of Vidar Infostealer - Part 2.pdf
|
|
|
|
|
2022-05-18 - A deep dive into Eternity Group- A new emerging Cyber Threat.pdf
|
|
|
|
|
2022-05-18 - eSentire Threat Intelligence Malware Analysis- Mars Stealer.pdf
|
|
|
|
|
2022-05-18 - Steer Clear of Instant Loan Apps.pdf
|
|
|
|
|
2022-05-18 - The BlackByte ransomware group is striking users all over the globe.pdf
|
|
|
|
|
2022-05-18 - Uncovering a Kingminer Botnet Attack Using Trend Micro Managed XDR.pdf
|
|
|
|
|
2022-05-19 - .NET Stubs- Sowing the Seeds of Discord (PureCrypter).pdf
|
|
|
|
|
2022-05-19 - .NET Stubs- Sowing the Seeds of Discord (PureCryter).pdf
|
|
|
|
|
2022-05-19 - .NET Stubs- Sowing the Seeds of Discord.pdf
|
|
|
|
|
2022-05-19 - Bruised but Not Broken The Resurgence of the Emotet Botnet Malware.pdf
|
|
|
|
|
2022-05-19 - Bumblebee Malware from TransferXL URLs.pdf
|
|
|
|
|
2022-05-19 - CrateDepression - Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware.pdf
|
|
|
|
|
2022-05-19 - Interactive Phishing- Using Chatbot-like Web Applications to Harvest Information.pdf
|
|
|
|
|
2022-05-19 - ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups.pdf
|
|
|
|
|
2022-05-19 - Microsoft Windows 11 help Files have Vidar Spyware.pdf
|
|
|
|
|
2022-05-19 - Rise in XorDdos- A deeper look at the stealthy DDoS malware targeting Linux devices.pdf
|
|
|
|
|
2022-05-19 - Scam and Malicious APK targeting Malaysian- MyMaidKL Technical Analysis.pdf
|
|
|
|
|
2022-05-19 - The IO Offensive Information Operations Surrounding the Russian Invasion of Ukraine.pdf
|
|
|
|
|
2022-05-19 - Threat Update- AcidRain Wiper.pdf
|
|
|
|
|
2022-05-19 - Vidar distributed through backdoored Windows 11 downloads and abusing Telegram.pdf
|
|
|
|
|
2022-05-19 - Weaponization of Excel Add-Ins Part 2- Dridex Infection Chain Case Studies.pdf
|
|
|
|
|
2022-05-20 - [RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam.pdf
|
|
|
|
|
2022-05-20 - Bumblebee Malware from TransferXL URLs.pdf
|
|
|
|
|
2022-05-20 - Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits.pdf
|
|
|
|
|
2022-05-20 - DisCONTInued The End of Contis Brand Marks New Chapter For Cybercrime Landscape.pdf
|
|
|
|
|
2022-05-20 - Malware Campaign Targets InfoSec Community- Threat Actor Uses Fake Proof Of Concept To Deliver Cobalt-Strike Beacon.pdf
|
|
|
|
|
2022-05-20 - Metastealer – filling the Racoon void.pdf
|
|
|
|
|
2022-05-20 - Mirai Malware for Linux Double Down on Stronger Chips.pdf
|
|
|
|
|
2022-05-20 - Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022.pdf
|
|
|
|
|
2022-05-20 - New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux.pdf
|
|
|
|
|
2022-05-20 - PDF Malware Is Not Yet Dead.pdf
|
|
|
|
|
2022-05-20 - Threat Brief- VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others).pdf
|
|
|
|
|
2022-05-21 - Deep Analysis of Mars Stealer.pdf
|
|
|
|
|
2022-05-22 - Google- Predator spyware infected Android devices using zero-days.pdf
|
|
|
|
|
2022-05-22 - Introduction of a PE file extractor for various situations.pdf
|
|
|
|
|
2022-05-22 - Malware development trick - part 29- Store binary data in registry. Simple C++ example..pdf
|
|
|
|
|
2022-05-22 - Malware development trick - part 29- Store binary data in registry. Simple CPlusPlus example..pdf
|
|
|
|
|
2022-05-22 - PDF smuggles Microsoft Word doc to drop Snake Keylogger malware.pdf
|
|
|
|
|
2022-05-23 - Fake Trading Apps.pdf
|
|
|
|
|
2022-05-23 - LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups- Ransomware in Q1 2022.pdf
|
|
|
|
|
2022-05-24 - Blame the Messenger- 4 Types of Dropper Malware in Microsoft Office & How to Detect Them.pdf
|
|
|
|
|
2022-05-24 - Emotet Botnet Rises Again.pdf
|
|
|
|
|
2022-05-24 - Gamaredon Group Understanding the Russian APT.pdf
|
|
|
|
|
2022-05-24 - Gamaredon Group- Understanding the Russian APT.pdf
|
|
|
|
|
2022-05-24 - Janicab Series- First Steps in the Infection Chain.pdf
|
|
|
|
|
2022-05-24 - Malware Analysis- Trickbot.pdf
|
|
|
|
|
2022-05-24 - Twisted Panda- Chinese APT Launch Spy Operation Against Russian Defence Institutes.pdf
|
|
|
|
|
2022-05-24 - Unknown APT group has targeted Russia repeatedly since Ukraine invasion.pdf
|
|
|
|
|
2022-05-24 - Yashma Ransomware, Tracing the Chaos Family Tree.pdf
|
|
|
|
|
2022-05-25 - Bablosoft; Lowering the Barrier of Entry for Malicious Actors.pdf
|
|
|
|
|
2022-05-25 - ChromeLoader- a pushy malvertiser.pdf
|
|
|
|
|
2022-05-25 - ERMAC Back In Action- Latest Version Of Android Banking Trojan Targets Over 400 Applications.pdf
|
|
|
|
|
2022-05-25 - Hunting a Global Telecommunications Threat- DecisiveArchitect and Its Custom Implant JustForFun.pdf
|
|
|
|
|
2022-05-25 - New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices.pdf
|
|
|
|
|
2022-05-25 - SocGholish Campaigns and Initial Access Kit.pdf
|
|
|
|
|
2022-05-26 - Black Basta Besting Your Network-.pdf
|
|
|
|
|
2022-05-26 - Grandoreiro Banking Malware Resurfaces for Tax Season.pdf
|
|
|
|
|
2022-05-26 - Janicab Series- Further Steps in the Infection Chain.pdf
|
|
|
|
|
2022-05-26 - Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices.pdf
|
|
|
|
|
2022-05-26 - Worm-like propagation of Sysrv-hello crypto-jacking botnet- Network traffic analysis and latest TTPs.pdf
|
|
|
|
|
2022-05-27 - BAZARLOADER- Analysing The Main Loader.pdf
|
|
|
|
|
2022-05-27 - Emotet Analysis- New LNKs in the Infection Chain – The Monitor, Issue 20.pdf
|
|
|
|
|
2022-05-27 - How bootkits are implemented in modern firmware and how UEFI differs from Legacy BIOS.pdf
|
|
|
|
|
2022-05-27 - Janicab Series- The Core Artifact.pdf
|
|
|
|
|
2022-05-28 - A Case of Vidar Infostealer - Part 2.pdf
|
|
|
|
|
2022-05-28 - Clop ransomware gang is back, hits 21 victims in a single month.pdf
|
|
|
|
|
2022-05-29 - Full Anubis android malware analysis.pdf
|
|
|
|
|
2022-05-30 - Automatically Unpacking IcedID Stage 1 with Angr.pdf
|
|
|
|
|
2022-05-30 - Operation DarkCasino- In-Depth Analysis of Recent Attacks by APT Group EVILNUM.pdf
|
|
|
|
|
2022-05-31 - Janicab Series- Attibution and IoCs.pdf
|
|
|
|
|
2022-05-31 - WarzoneRAT Can Now Evade Detection With Process Hollowing.pdf
|
|
|
|
|
2022-05-31 - XLoader Botnet- Find Me If You Can.pdf
|
|
|
|
|
2022-05-31 - Yashma Ransomware Report.pdf
|
|
|
|
|
2022-06-01 - Alert (AA22-152A)- Karakurt Data Extortion Group.pdf
|
|
|
|
|
2022-06-01 - An In-Depth Look At Black Basta Ransomware.pdf
|
|
|
|
|
2022-06-01 - Analysis of the attack activities of the Maha grass group using the documents of relevant government agencies in Pakistan as bait.pdf
|
|
|
|
|
2022-06-01 - Analyzing AsyncRAT distributed in Colombia.pdf
|
|
|
|
|
2022-06-01 - CUBA Ransomware Campaign Analysis.pdf
|
|
|
|
|
2022-06-01 - CUBA Ransomware Malware Analysis.pdf
|
|
|
|
|
2022-06-01 - CVE-2022-30190- Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”.pdf
|
|
|
|
|
2022-06-01 - Hazard Token Grabber- Upgraded Version Of Stealer Targeting Discord Users.pdf
|
|
|
|
|
2022-06-01 - Iranian Threat Actor Continues to Develop Mass Exploitation Tools.pdf
|
|
|
|
|
2022-06-01 - SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan.pdf
|
|
|
|
|
2022-06-01 - SMSFactory Android Trojan producing high costs for victims.pdf
|
|
|
|
|
2022-06-02 - A SecPro Super Issue- Understanding LockBit.pdf
|
|
|
|
|
2022-06-02 - Clipminer Botnet Makes Operators at Least $1.7 Million.pdf
|
|
|
|
|
2022-06-02 - Complaint filed by Microsoft Digital Crimes Unit against BOHRIUM, a Iranian threat actor.pdf
|
|
|
|
|
2022-06-02 - Conti Targets Critical Firmware.pdf
|
|
|
|
|
2022-06-02 - CrowdStrike Uncovers New MacOS Browser Hijacking Campaign.pdf
|
|
|
|
|
2022-06-02 - Exposing POLONIUM activity and infrastructure targeting Israeli organizations.pdf
|
|
|
|
|
2022-06-02 - ModPipe POS Malware- New Hooking Targets Extract Card Data.pdf
|
|
|
|
|
2022-06-02 - Threat Actors Prey on Eager Travelers.pdf
|
|
|
|
|
2022-06-02 - To HADES and Back- UNC2165 Shifts to LOCKBIT to Evade Sanctions.pdf
|
|
|
|
|
2022-06-02 - TRENDING EVIL Q2 2022.pdf
|
|
|
|
|
2022-06-02 - WinDealer dealing on the side.pdf
|
|
|
|
|
2022-06-02 - YourCyanide- A CMD-Based Ransomware With Multiple Layers of Obfuscation.pdf
|
|
|
|
|
2022-06-03 - Attack Graph Response to US CERT AA22-152A- Karakurt Data Extortion Group.pdf
|
|
|
|
|
2022-06-03 - CVE-2022-30190 aka -Follina- MSDT- Advisory and Technical Analysis.pdf
|
|
|
|
|
2022-06-03 - Outbreak of Follina in Australia.pdf
|
|
|
|
|
2022-06-03 - Trustwave's Action Response- Microsoft zero-day CVE-2022-30190 (aka Follina).pdf
|
|
|
|
|
2022-06-04 - [QuickNote] CobaltStrike SMB Beacon Analysis.pdf
|
|
|
|
|
2022-06-04 - The Domain Generation Algorithms of SharkBot.pdf
|
|
|
|
|
2022-06-05 - Loading GootLoader.pdf
|
|
|
|
|
2022-06-06 - Closing the Door- DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme.pdf
|
|
|
|
|
2022-06-06 - From the Front Lines - Another Rebrand- Mindware and SFile Ransomware Technical Breakdown.pdf
|
|
|
|
|
2022-06-06 - Growling Bears Make Thunderous Noise.pdf
|
|
|
|
|
2022-06-06 - Hunting PrivateLoader- Pay-Per-Install Service.pdf
|
|
|
|
|
2022-06-06 - Shining the Light on Black Basta.pdf
|
|
|
|
|
2022-06-06 - SVCReady- A New Loader Gets Ready.pdf
|
|
|
|
|
2022-06-06 - Will the Real Msiexec Please Stand Up- Exploit Leads to Data Exfiltration.pdf
|
|
|
|
|
2022-06-07 - BlackCat — In a Shifting Threat Landscape, It Helps to Land on Your Feet- Tech Dive.pdf
|
|
|
|
|
2022-06-07 - Bumblebee Loader on The Rise.pdf
|
|
|
|
|
2022-06-07 - Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134.pdf
|
|
|
|
|
2022-06-07 - Phishing Campaigns featuring Ursnif Trojan on the Rise.pdf
|
|
|
|
|
2022-06-08 - Attackers Exploit MSDT Follina Bug to Drop RAT, Infostealer.pdf
|
|
|
|
|
2022-06-08 - Crypto stealing campaign spread via fake cracked software.pdf
|
|
|
|
|
2022-06-08 - Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques.pdf
|
|
|
|
|
2022-06-08 - MakeMoney malvertising campaign adds fake update template.pdf
|
|
|
|
|
2022-06-08 - Not all -Internet Connections- are Equal.pdf
|
|
|
|
|
2022-06-08 - Operation Tejas- A dying elephant curled up in the Kunlun Mountains.pdf
|
|
|
|
|
2022-06-09 - Aoqin Dragon - Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years.pdf
|
|
|
|
|
2022-06-09 - Finding Vulnerabilities with VulFi IDA Plugin.pdf
|
|
|
|
|
2022-06-09 - LockBit 2.0- How This RaaS Operates and How to Protect Against It.pdf
|
|
|
|
|
2022-06-09 - Lyceum .NET DNS Backdoor.pdf
|
|
|
|
|
2022-06-09 - Quick look into a new sample of Android-BianLian.pdf
|
|
|
|
|
2022-06-09 - Roblox Game Pass store used to sell ransomware decryptor.pdf
|
|
|
|
|
2022-06-09 - Swiss Army Knife Phishing Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks.pdf
|
|
|
|
|
2022-06-09 - Symbiote- A New, Nearly-Impossible-to-Detect Linux Threat.pdf
|
|
|
|
|
2022-06-09 - TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt).pdf
|
|
|
|
|
2022-06-09 - Yara- In Search Of Regular Expressions.pdf
|
|
|
|
|
2022-06-10 - Exposing HelloXD Ransomware and x4k.pdf
|
|
|
|
|
2022-06-10 - New SVCReady malware loads from Word doc properties – Detection & Response.pdf
|
|
|
|
|
2022-06-10 - Russia Ukraine Crisis Overview.pdf
|
|
|
|
|
2022-06-12 - How SeaFlower 藏海花 installs backdoors in iOS-Android web3 wallets to steal your seed phrase.pdf
|
|
|
|
|
2022-06-13 - A Detailed Analysis Of The Last Version Of REvil Ransomware (Download PDF).pdf
|
|
|
|
|
2022-06-13 - BumbleBee- a new trendy loader for Initial Access Brokers.pdf
|
|
|
|
|
2022-06-13 - GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool.pdf
|
|
|
|
|
2022-06-13 - Hydra Android Malware Distributed Via Play Store.pdf
|
|
|
|
|
2022-06-13 - Linux Threat Hunting- ‘Syslogk’ a kernel rootkit found under development in the wild.pdf
|
|
|
|
|
2022-06-13 - Risky Biz News- Google shuts down YouTube Russian propaganda channels.pdf
|
|
|
|
|
2022-06-13 - Robin Hood Ransomware ‘GOODWILL’ Forces Victim For Charity.pdf
|
|
|
|
|
2022-06-13 - Technical Analysis of PureCrypter- A Fully-Functional Loader Distributing Remote Access Trojans and Information Stealers.pdf
|
|
|
|
|
2022-06-13 - The many lives of BlackCat ransomware.pdf
|
|
|
|
|
2022-06-13 - Translating Saitama's DNS tunneling messages.pdf
|
|
|
|
|
2022-06-15 - Attack Graph Emulating the Conti Ransomware Team’s Behaviors.pdf
|
|
|
|
|
2022-06-15 - DriftingCloud- Zero-Day Sophos Firewall Exploitation and an Insidious Breach.pdf
|
|
|
|
|
2022-06-15 - F5 Labs Investigates MaliBot.pdf
|
|
|
|
|
2022-06-15 - First Conti, then Hive- Costa Rica gets hit with ransomware again.pdf
|
|
|
|
|
2022-06-15 - New IceXLoader 3.0 – Developers Warm Up to Nim.pdf
|
|
|
|
|
2022-06-16 - Confluence exploits used to drop ransomware on vulnerable servers.pdf
|
|
|
|
|
2022-06-16 - Houdini is Back Delivered Through a JavaScript Dropper.pdf
|
|
|
|
|
2022-06-16 - How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security.pdf
|
|
|
|
|
2022-06-16 - Lookout Uncovers Android Spyware Deployed in Kazakhstan.pdf
|
|
|
|
|
2022-06-16 - Raccoon Stealer is Back with a New Version.pdf
|
|
|
|
|
2022-06-16 - Thousands of IDs exposed in yet another data breach in Brazil.pdf
|
|
|
|
|
2022-06-16 - Threat Thursday- Unique Delivery Method for Snake Keylogger.pdf
|
|
|
|
|
2022-06-17 - BRATA is evolving into an Advanced Persistent Threat.pdf
|
|
|
|
|
2022-06-17 - Malspam pushes Matanbuchus malware, leads to Cobalt Strike.pdf
|
|
|
|
|
2022-06-17 - Resurgence of Voicemail-themed phishing attacks targeting key industry verticals in the US.pdf
|
|
|
|
|
2022-06-17 - sRDI - Shellcode Reflective DLL Injection.pdf
|
|
|
|
|
2022-06-17 - Unpacking Kovter malware.pdf
|
|
|
|
|
2022-06-18 - Using dotnetfile to get a Sunburst timeline for intelligence gathering.pdf
|
|
|
|
|
2022-06-19 - Matanbuchus Triage Notes.pdf
|
|
|
|
|
2022-06-20 - Charming Kitten (APT35).pdf
|
|
|
|
|
2022-06-20 - Tracking Android-Joker payloads with Medusa, static analysis (and patience).pdf
|
|
|
|
|
2022-06-21 - APT ToddyCat- Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia.pdf
|
|
|
|
|
2022-06-21 - Avos ransomware group expands with new attack arsenal.pdf
|
|
|
|
|
2022-06-21 - HTML Application Files are being used to distribute Smoke Loader Malware.pdf
|
|
|
|
|
2022-06-21 - Microsoft Exchange servers hacked by new ToddyCat APT gang.pdf
|
|
|
|
|
2022-06-21 - MuddyWater’s “light” first-stager targetting Middle East.pdf
|
|
|
|
|
2022-06-21 - Qvoid-Token-Grabber.pdf
|
|
|
|
|
2022-06-21 - Rise of LNK (Shortcut files) Malware.pdf
|
|
|
|
|
2022-06-21 - Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine.pdf
|
|
|
|
|
2022-06-23 - BRONZE STARLIGHT Ransomware Operations Use HUI Loader.pdf
|
|
|
|
|
2022-06-23 - Follina, the Latest in a Long Chain of Microsoft Office Exploits.pdf
|
|
|
|
|
2022-06-23 - Matanbuchus Loader Resurfaces.pdf
|
|
|
|
|
2022-06-23 - Spyware vendor targets users in Italy and Kazakhstan.pdf
|
|
|
|
|
2022-06-23 - The Call Is Coming from Inside the House- CrowdStrike Identifies Novel Exploit in VOIP Appliance (CVE-2022-29499).pdf
|
|
|
|
|
2022-06-23 - The curious tale of a fake Carrier.app.pdf
|
|
|
|
|
2022-06-23 - The hateful eight- Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form).pdf
|
|
|
|
|
2022-06-23 - Threat Update- Industroyer2.pdf
|
|
|
|
|
2022-06-24 - APT34 - Saitama Agent.pdf
|
|
|
|
|
2022-06-24 - Deep Analysis of Snake Keylogger.pdf
|
|
|
|
|
2022-06-24 - IcedID Banking Trojan returns with new TTPS – Detection & Response.pdf
|
|
|
|
|
2022-06-24 - LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed.pdf
|
|
|
|
|
2022-06-24 - There Is More Than One Way to Sleep- Dive Deep Into the Implementations of API Hammering by Various Malware Families.pdf
|
|
|
|
|
2022-06-24 - We see you, Gozi Hunting the latest TTPs used for delivering the Trojan.pdf
|
|
|
|
|
2022-06-24 - “We need to talk about subdomain takeovers…”.pdf
|
|
|
|
|
2022-06-26 - Overview of Russian GRU and SVR Cyberespionage Campaigns 1H 2022.pdf
|
|
|
|
|
2022-06-27 - Attacks on industrial control systems using ShadowPad.pdf
|
|
|
|
|
2022-06-27 - Dark Web Cyber Group Spotlight- SiegedSec.pdf
|
|
|
|
|
2022-06-27 - Emotet- Still Abusing Microsoft Office Macros.pdf
|
|
|
|
|
2022-06-27 - Exclusive- Hacktivists Attack Anti-Abortion U.S. States.pdf
|
|
|
|
|
2022-06-27 - GlowSand.pdf
|
|
|
|
|
2022-06-27 - Inside Matanbuchus- A Quirky Loader.pdf
|
|
|
|
|
2022-06-27 - Return of the Evilnum APT with updated TTPs and new targets.pdf
|
|
|
|
|
2022-06-27 - Revive- from spyware to Android banking trojan.pdf
|
|
|
|
|
2022-06-27 - Threat Spotlight- Eternity Project MaaS Goes On and On.pdf
|
|
|
|
|
2022-06-27 - Unpacking a JsonPacker-packed sample.pdf
|
|
|
|
|
2022-06-28 - Black Basta Ransomware Emerging From Underground to Attack Corporate Networks.pdf
|
|
|
|
|
2022-06-28 - Bumblebee- New Loader Rapidly Assuming Central Position in Cyber-crime Ecosystem.pdf
|
|
|
|
|
2022-06-28 - Interactive Phishing Mark II- Messenger Chatbot Leveraged in a New Facebook-Themed Spam.pdf
|
|
|
|
|
2022-06-28 - New Info-stealer Disguised as Crack Being Distributed.pdf
|
|
|
|
|
2022-06-28 - Pro-PRC DRAGONBRIDGE Influence Campaign Targets Rare Earths Mining Companies in Attempt to Thwart Rivalry to PRC Market Dominance.pdf
|
|
|
|
|
2022-06-28 - Raccoon Stealer v2 – Part 1- The return of the dead.pdf
|
|
|
|
|
2022-06-28 - Smash-and-grab- AstraLocker 2.0 pushes ransomware direct from Office docs.pdf
|
|
|
|
|
2022-06-28 - Steal(Bit) or exfil, what does it (Ex)Matter- Comparative Analysis of Custom Exfiltration Tools.pdf
|
|
|
|
|
2022-06-28 - The Link Between AWM Proxy & the Glupteba Botnet.pdf
|
|
|
|
|
2022-06-28 - ZuoRAT Hijacks SOHO Routers To Silently Stalk Networks.pdf
|
|
|
|
|
2022-06-29 - Bahamut Android Malware Returns With New Spying Capabilities.pdf
|
|
|
|
|
2022-06-29 - Burrowing your way into VPNs, Proxies, and Tunnels.pdf
|
|
|
|
|
2022-06-29 - Fat Cats - An analysis of the BlackCat ransomware affiliate program.pdf
|
|
|
|
|
2022-06-29 - Flubot- the evolution of a notorious Android Banking Malware.pdf
|
|
|
|
|
2022-06-29 - Raccoon Stealer v2 – Part 2- In-depth analysis.pdf
|
|
|
|
|
2022-06-29 - YTStealer Malware- “YouTube Cookies! Om Nom Nom Nom”.pdf
|
|
|
|
|
2022-06-30 - Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit.pdf
|
|
|
|
|
2022-06-30 - BRIEF- Raccoon Stealer Version 2.0.pdf
|
|
|
|
|
2022-06-30 - Countering hack-for-hire groups.pdf
|
|
|
|
|
2022-06-30 - Github Repository with source code for Pandora hVNC.pdf
|
|
|
|
|
2022-06-30 - How to Expose a Potential Cybercriminal due to Misconfigurations.pdf
|
|
|
|
|
2022-06-30 - PennyWise Stealer- An Evasive Infostealer Leveraging YouTube To Infect Users.pdf
|
|
|
|
|
2022-06-30 - The SessionManager IIS backdoor- a possibly overlooked GELSEMIUM artefact.pdf
|
|
|
|
|
2022-06-30 - Threat Thursday- China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware.pdf
|
|
|
|
|
2022-06-30 - Toll fraud malware- How an Android application can drain your wallet.pdf
|
|
|
|
|
2022-06-30 - Using process creation properties to catch evasion techniques.pdf
|
|
|
|
|
2022-07-01 - Alert (AA22-181A)- #StopRansomware- MedusaLocker.pdf
|
|
|
|
|
2022-07-01 - Alert (AA22-181A)- StopRansomware- MedusaLocker.pdf
|
|
|
|
|
2022-07-01 - AstraLocker 2.0 ransomware isn’t going to give you your files back.pdf
|
|
|
|
|
2022-07-01 - Luna Moth- The Actors Behind the Recent False Subscription Scams.pdf
|
|
|
|
|
2022-07-01 - Xloader Returns With New Infection Technique.pdf
|
|
|
|
|
2022-07-02 - Spoofing Email, Message, IP and UserAgent.pdf
|
|
|
|
|
2022-07-03 - XFiles Stealer Campaign Abusing Follina.pdf
|
|
|
|
|
2022-07-04 - AstraLocker ransomware shuts down and releases decryptors.pdf
|
|
|
|
|
2022-07-05 - Hive ransomware gets upgrades in Rust.pdf
|
|
|
|
|
2022-07-05 - Lockbit 3.0 – Ransomware Group Launches New Version.pdf
|
|
|
|
|
2022-07-05 - New RedAlert Ransomware targets Windows, Linux VMware ESXi servers.pdf
|
|
|
|
|
2022-07-05 - QBot Spreads via LNK Files – Detection & Response.pdf
|
|
|
|
|
2022-07-05 - Raccoon Stealer Detection- A Novel Malware Version 2.0 Named RecordBreaker Offers Hackers Advanced Password-Stealing Capabilities.pdf
|
|
|
|
|
2022-07-05 - Ransomware Spotlight- BlackByte.pdf
|
|
|
|
|
2022-07-05 - VSingle malware that obtains C2 server information from GitHub.pdf
|
|
|
|
|
2022-07-05 - Whatever floats your Boat – Bitter APT continues to target Bangladesh.pdf
|
|
|
|
|
2022-07-05 - When Pentest Tools Go Brutal- Red-Teaming Tool Being Abused by Malicious Actors.pdf
|
|
|
|
|
2022-07-06 - Alert (AA22-187A)- North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector.pdf
|
|
|
|
|
2022-07-06 - Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server.pdf
|
|
|
|
|
2022-07-06 - From Follina to Rozena - Leveraging Discord to Distribute a Backdoor.pdf
|
|
|
|
|
2022-07-06 - LockBit 3.0- “Making The Ransomware Great Again”.pdf
|
|
|
|
|
2022-07-06 - OrBit- New Undetected Linux Threat Uses Unique Hijack of Execution Flow.pdf
|
|
|
|
|
2022-07-06 - 变脸, Teng Snake (a.k.a. Code Core).pdf
|
|
|
|
|
2022-07-07 - ABCsoup- The Malicious Adware Extension with 350 Variants.pdf
|
|
|
|
|
2022-07-07 - AstraLocker decryptor.pdf
|
|
|
|
|
2022-07-07 - Brute Ratel Utilized By Threat Actors In New Ransomware Operations.pdf
|
|
|
|
|
2022-07-07 - Emotet infection with Cobalt Strike.pdf
|
|
|
|
|
2022-07-07 - NoMercy Stealer Adding New Features- New Stealer Rapidly Evolving Into Clipper Malware.pdf
|
|
|
|
|
2022-07-07 - Notable Droppers Emerge in Recent Threat Campaigns.pdf
|
|
|
|
|
2022-07-07 - Targets of Interest - Russian Organizations Increasingly Under Attack By Chinese APTs.pdf
|
|
|
|
|
2022-07-07 - THREAT ALERT- Raspberry Robin Worm Abuses Windows Installer and QNAP Devices.pdf
|
|
|
|
|
2022-07-07 - THREAT ANALYSIS REPORT- LockBit 2.0 - All Paths Lead to Ransom.pdf
|
|
|
|
|
2022-07-07 - Unprecedented Shift- The Trickbot Group is Systematically Attacking Ukraine.pdf
|
|
|
|
|
2022-07-07 - YamaBot Malware Used by Lazarus.pdf
|
|
|
|
|
2022-07-08 - Beware of Root Certs in VPN.pdf
|
|
|
|
|
2022-07-08 - Cruloader- Zero2auto.pdf
|
|
|
|
|
2022-07-08 - Il malware EnvyScout (APT29) è stato veicolato anche in Italia.pdf
|
|
|
|
|
2022-07-08 - Ransomware as a Service- Behind the Scenes.pdf
|
|
|
|
|
2022-07-08 - Vice Society- a discreet but steady double extortion ransomware group.pdf
|
|
|
|
|
2022-07-09 - Analyzing a Brute Ratel Badger.pdf
|
|
|
|
|
2022-07-09 - Malware analysis with IDA-Radare2 - Basic Unpacking (Dridex first stage).pdf
|
|
|
|
|
2022-07-10 - Lockbit 3.0 AKA Lockbit Black is here, with a new icon, new ransom note, new wallpaper, but less evasiveness-.pdf
|
|
|
|
|
2022-07-11 - Anubis Networks is back with new C2 server.pdf
|
|
|
|
|
2022-07-11 - AppleSeed Disguised as Purchase Order and Request Form Being Distributed.pdf
|
|
|
|
|
2022-07-11 - Predatory Sparrow- Who are the hackers who say they started a fire in Iran-.pdf
|
|
|
|
|
2022-07-11 - SELECT XMRig FROM SQLServer.pdf
|
|
|
|
|
2022-07-11 - Threat Actors Delivers New Rozena backdoor with Follina Bug – Detection & Response.pdf
|
|
|
|
|
2022-07-12 - An Analysis of Infrastructure linked to the Hagga Threat Actor.pdf
|
|
|
|
|
2022-07-12 - ChromeLoader- New Stubborn Malware Campaign.pdf
|
|
|
|
|
2022-07-12 - Example Analysis of Multi-Component Malware.pdf
|
|
|
|
|
2022-07-12 - From cookie theft to BEC- Attackers use AiTM phishing sites as entry point to further financial fraud.pdf
|
|
|
|
|
2022-07-12 - Malware analysis with IDA-Radare2 - Multiple unpacking (Ramnit worm).pdf
|
|
|
|
|
2022-07-12 - New Ransomware Groups On The Rise- “RedAlert,” LILITH And 0mega Leading A Wave Of Ransomware Campaigns.pdf
|
|
|
|
|
2022-07-12 - Rise in Qakbot attacks traced to evolving threat techniques.pdf
|
|
|
|
|
2022-07-12 - Spoofed Saudi Purchase Order Drops GuLoader – Part 2.pdf
|
|
|
|
|
2022-07-12 - TAG Bulletin- Q2 2022.pdf
|
|
|
|
|
2022-07-13 - Climbing Mount Everest- Black-Byte Bytes Back-.pdf
|
|
|
|
|
2022-07-13 - Go malware on the rise.pdf
|
|
|
|
|
2022-07-13 - Lockbit 3.0.pdf
|
|
|
|
|
2022-07-13 - Targeted Attack on Government Agencies.pdf
|
|
|
|
|
2022-07-13 - The Long Tail of Log4Shell Exploitation.pdf
|
|
|
|
|
2022-07-13 - The Next Generation of Info Stealers.pdf
|
|
|
|
|
2022-07-13 - Transparent Tribe begins targeting education sector in latest campaign.pdf
|
|
|
|
|
2022-07-13 - Uncovering a macOS App Sandbox escape vulnerability- A deep dive into CVE-2022-26706.pdf
|
|
|
|
|
2022-07-14 - Above the Fold and in Your Inbox- Tracing State-Aligned Activity Targeting Journalists, Media.pdf
|
|
|
|
|
2022-07-14 - BlackCat ransomware attacks not merely a byproduct of bad luck.pdf
|
|
|
|
|
2022-07-14 - Expert doubts Altahrea Team’s claims about Israel power plant fire.pdf
|
|
|
|
|
2022-07-14 - GootLoader, From SEO Poisoning to Multi-Stage Downloader.pdf
|
|
|
|
|
2022-07-14 - North Korean threat actor (H0lyGh0st -DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware.pdf
|
|
|
|
|
2022-07-14 - Rapid Response- The Ngrok Incident Guide.pdf
|
|
|
|
|
2022-07-14 - The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators.pdf
|
|
|
|
|
2022-07-15 - Stealthy OpenDocument Malware Deployed Against Latin American Hotels.pdf
|
|
|
|
|
2022-07-17 - Shortcut-Based (LNK) Attacks Delivering Malicious Code On The Rise.pdf
|
|
|
|
|
2022-07-18 - A Deep Dive Into ALPHV-BlackCat Ransomware.pdf
|
|
|
|
|
2022-07-18 - From the Front Lines - 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts.pdf
|
|
|
|
|
2022-07-18 - Ongoing Roaming Mantis smishing campaign targeting France.pdf
|
|
|
|
|
2022-07-18 - Ransomware Roundup- Protecting Against New Variants.pdf
|
|
|
|
|
2022-07-18 - Trident Ursa.pdf
|
|
|
|
|
2022-07-19 - A look into APT29's new early-stage Google Drive downloader.pdf
|
|
|
|
|
2022-07-19 - Analysis and technical insights on the Coper malware used to attack mobile devices.pdf
|
|
|
|
|
2022-07-19 - Continued cyber activity in Eastern Europe observed by TAG.pdf
|
|
|
|
|
2022-07-19 - Development of UNC1151-Ghostwriter attack techniques.pdf
|
|
|
|
|
2022-07-19 - I see what you did there- A look at the CloudMensis macOS spyware.pdf
|
|
|
|
|
2022-07-19 - New Variant of QakBot Being Spread by HTML File Attached to Phishing Emails.pdf
|
|
|
|
|
2022-07-19 - PrestaShop Skimmer Concealed in One Page Checkout Module.pdf
|
|
|
|
|
2022-07-19 - Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive.pdf
|
|
|
|
|
2022-07-19 - Yara vs. HyperScan- Alternative pattern-matching engines.pdf
|
|
|
|
|
2022-07-20 - Analysis of a trojanized jQuery script- GootLoader unleashed.pdf
|
|
|
|
|
2022-07-20 - Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data.pdf
|
|
|
|
|
2022-07-20 - Anatomy of Attack- Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion.pdf
|
|
|
|
|
2022-07-20 - APT41- A Case Sudy.pdf
|
|
|
|
|
2022-07-20 - Cyber National Mission Force discloses IOCs from Ukrainian networks.pdf
|
|
|
|
|
2022-07-20 - Evacuation and Humanitarian Documents used to Spear Phish Ukrainian Entities.pdf
|
|
|
|
|
2022-07-20 - LockBit- Ransomware Puts Servers in the Crosshairs.pdf
|
|
|
|
|
2022-07-20 - Luna and Black Basta — new ransomware for Windows, Linux and ESXi.pdf
|
|
|
|
|
2022-07-20 - OODA- X-Ops Takes On Burgeoning SQL Server Attacks.pdf
|
|
|
|
|
2022-07-20 - STIFF BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni-APT37 (North Korea) - Securonix.pdf
|
|
|
|
|
2022-07-20 - STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni-APT37 (North Korea) - Securonix.pdf
|
|
|
|
|
2022-07-20 - STIFF-BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni-APT37 (North Korea) - Securonix.pdf
|
|
|
|
|
2022-07-20 - The Sidewinder (APT-Q-39) uses Google Play to spread an analysis of malicious Android software.pdf
|
|
|
|
|
2022-07-21 - Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography.pdf
|
|
|
|
|
2022-07-21 - Amadey Bot Being Distributed Through SmokeLoader.pdf
|
|
|
|
|
2022-07-21 - Attackers target Ukraine using GoMet backdoor.pdf
|
|
|
|
|
2022-07-21 - Buy, Sell, Steal, EvilNum Targets Cryptocurrency, Forex, Commodities.pdf
|
|
|
|
|
2022-07-21 - Dissemination of AppleSeed to Specific Military Maintenance Companies.pdf
|
|
|
|
|
2022-07-21 - It’s time to close the door on open directories.pdf
|
|
|
|
|
2022-07-21 - Lightning Framework- New Undetected “Swiss Army Knife” Linux Malware.pdf
|
|
|
|
|
2022-07-21 - LockBit 3.0 Update - Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques.pdf
|
|
|
|
|
2022-07-21 - Malware Being Distributed by Disguising Itself as Icon of V3 Lite.pdf
|
|
|
|
|
2022-07-21 - Malware development tricks. Run shellcode like a Lazarus Group. C++ example..pdf
|
|
|
|
|
2022-07-21 - Malware development tricks. Run shellcode like a Lazarus Group. CPlusPlus example..pdf
|
|
|
|
|
2022-07-21 - Russian Ransomware C2 Network Discovered in Censys Data.pdf
|
|
|
|
|
2022-07-21 - Tecniche per semplificare l’analisi del malware GuLoader.pdf
|
|
|
|
|
2022-07-21 - The 13 Deadly Sins of APT Incident Response — Part 1.pdf
|
|
|
|
|
2022-07-21 - The Return of Candiru- Zero-days in the Middle East.pdf
|
|
|
|
|
2022-07-22 - CALISTO continues its credential harvesting campaign.pdf
|
|
|
|
|
2022-07-22 - Old cat, new tricks, bad habits An analysis of Charming Kitten’s new tools and OPSEC errors.pdf
|
|
|
|
|
2022-07-22 - Recent cyberattacks put Thai citizens’ privacy and data security at greater risk.pdf
|
|
|
|
|
2022-07-22 - Reverse Engineering a Cobalt Strike Dropper With Binary Ninja.pdf
|
|
|
|
|
2022-07-22 - The Trash Panda Reemerges From The Dumpster- Raccoon Stealer V2.pdf
|
|
|
|
|
2022-07-23 - North Korean hackers attack EU targets with Konni RAT malware.pdf
|
|
|
|
|
2022-07-24 - A DGA Seeded by the Bitcoin Genesis Block.pdf
|
|
|
|
|
2022-07-24 - QBot phishing uses Windows Calculator sideloading to infect devices.pdf
|
|
|
|
|
2022-07-25 - Burned and Blinded - Escalation Risks of Intelligence Loss from Countercyber Operations in Crisis.pdf
|
|
|
|
|
2022-07-25 - CosmicStrand- the discovery of a sophisticated UEFI firmware rootkit.pdf
|
|
|
|
|
2022-07-25 - LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities.pdf
|
|
|
|
|
2022-07-25 - PDF Analysis of Lokibot malware.pdf
|
|
|
|
|
2022-07-26 - HOW to Analyze Linux Malware - A Case Study of Symbiote.pdf
|
|
|
|
|
2022-07-26 - How To Analyze Linux Malware – A Case Study Of Symbiote.pdf
|
|
|
|
|
2022-07-26 - Malicious IIS extensions quietly open persistent backdoors into servers.pdf
|
|
|
|
|
2022-07-26 - Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers.pdf
|
|
|
|
|
2022-07-26 - ML Detection of Risky Command Exploit.pdf
|
|
|
|
|
2022-07-26 - On the FootSteps of Hive Ransomware.pdf
|
|
|
|
|
2022-07-26 - Robin Banks might be robbing your bank.pdf
|
|
|
|
|
2022-07-27 - Exploring the QBOT Attack Pattern.pdf
|
|
|
|
|
2022-07-27 - Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike.pdf
|
|
|
|
|
2022-07-27 - IcedID (Bokbot) with Dark VNC and Cobalt Strike.pdf
|
|
|
|
|
2022-07-27 - Iraqi hacker group 'ALtahrea Team' targets Israeli IT, e-commerce companies in major cyber attack- Reports.pdf
|
|
|
|
|
2022-07-27 - PrivateLoader- Network-Based Indicators of Compromise.pdf
|
|
|
|
|
2022-07-27 - QBOT Configuration Extractor.pdf
|
|
|
|
|
2022-07-27 - Targeted Attacks Being Carried Out Via DLL SideLoading.pdf
|
|
|
|
|
2022-07-27 - Threat analysis- Follina exploit fuels 'live-off-the-land' attacks.pdf
|
|
|
|
|
2022-07-27 - Untangling KNOTWEED- European private-sector offensive actor using 0-day exploits.pdf
|
|
|
|
|
2022-07-28 - APT trends report Q2 2022.pdf
|
|
|
|
|
2022-07-28 - Attackers Profiting from Proxyware.pdf
|
|
|
|
|
2022-07-28 - IPFS- The New Hotbed of Phishing.pdf
|
|
|
|
|
2022-07-28 - Living Off Windows Defender - LockBit Ransomware Sideloads Cobalt Strike Through Microsoft Security Tool.pdf
|
|
|
|
|
2022-07-28 - LofyLife- malicious npm packages steal Discord tokens and bank card data.pdf
|
|
|
|
|
2022-07-28 - New HiddenAds malware affects 1M+ users and hides on the Google Play Store.pdf
|
|
|
|
|
2022-07-28 - New HiddenAds malware affects over 1M users and hides on the Google Play Store.pdf
|
|
|
|
|
2022-07-28 - Techniques, Tactics & Procedures (TTPs) Employed by Hacktivist Group DragonForce Malaysia.pdf
|
|
|
|
|
2022-07-28 - Threats of Commercialized Malware- Knotweed.pdf
|
|
|
|
|
2022-07-29 - APT trends report Q2 2020.pdf
|
|
|
|
|
2022-07-29 - ENISA Threat Landscape for Ransomware Attacks.pdf
|
|
|
|
|
2022-07-29 - Examining New DawDropper Banking Dropper and DaaS on the Dark Web.pdf
|
|
|
|
|
2022-07-29 - Fake investment scams in Europe How we almost got rich.pdf
|
|
|
|
|
2022-07-29 - H0lyGh0st - North Korean Threat Group Strikes Back With New Ransomware.pdf
|
|
|
|
|
2022-07-29 - New Qualys Research Report- Evolution of Quasar RAT.pdf
|
|
|
|
|
2022-07-29 - Raccoon Stealer v2- The Latest Generation of the Raccoon Family.pdf
|
|
|
|
|
2022-07-29 - SmokeLoader Malware Used to Augment Amadey Infostealer.pdf
|
|
|
|
|
2022-07-30 - Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers.pdf
|
|
|
|
|
2022-07-31 - Space Invaders- Cyber Threats That Are Out Of This World.pdf
|
|
|
|
|
2022-07-31 - Thai entities continue to fall prey to cyberattacks and leaks.pdf
|
|
|
|
|
2022-08-01 - A Detailed Analysis of the RedLine Stealer.pdf
|
|
|
|
|
2022-08-01 - Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor.pdf
|
|
|
|
|
2022-08-01 - Technical Analysis of Industrial Spy Ransomware.pdf
|
|
|
|
|
2022-08-02 - Fake Atomic Wallet Website Distributing Mars Stealer.pdf
|
|
|
|
|
2022-08-02 - Large-Scale AiTM Attack targeting enterprise users of Microsoft email services.pdf
|
|
|
|
|
2022-08-02 - Manjusaka- A Chinese sibling of Sliver and Cobalt Strike.pdf
|
|
|
|
|
2022-08-02 - SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant.pdf
|
|
|
|
|
2022-08-02 - Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky).pdf
|
|
|
|
|
2022-08-03 - DDoS attacks in Q2 2022.pdf
|
|
|
|
|
2022-08-03 - Environmental hacktivists publish 2 terabytes of mining company emails.pdf
|
|
|
|
|
2022-08-03 - Flight of the Bumblebee- Email Lures and File Sharing Services Lead to Malware.pdf
|
|
|
|
|
2022-08-03 - Gwisin Ransomware Targeting Korean Companies.pdf
|
|
|
|
|
2022-08-03 - Journey to Network Protocol Fuzzing – Dissecting Microsoft IMAP Client Protocol.pdf
|
|
|
|
|
2022-08-03 - PART 3- How I Met Your Beacon – Brute Ratel.pdf
|
|
|
|
|
2022-08-03 - Reversing Golang Developed Ransomware- SNAKE.pdf
|
|
|
|
|
2022-08-03 - So RapperBot, What Ya Bruting For-.pdf
|
|
|
|
|
2022-08-03 - The Price Cybercriminals Charge for Stolen Data.pdf
|
|
|
|
|
2022-08-04 - Advanced Persistent Threats (APTs).pdf
|
|
|
|
|
2022-08-04 - Attackers leveraging Dark Utilities -C2aaS- platform in malware campaigns.pdf
|
|
|
|
|
2022-08-04 - Brata - a tale of three families.pdf
|
|
|
|
|
2022-08-04 - Flying in the clouds- APT31 renews its attacks on Russian companies through cloud storage.pdf
|
|
|
|
|
2022-08-04 - Formbook and Remcos Backdoor RAT by ConnectWise CRU.pdf
|
|
|
|
|
2022-08-04 - GwisinLocker ransomware targets South Korean industrial and pharma firms.pdf
|
|
|
|
|
2022-08-04 - IcedID leverages PrivateLoader.pdf
|
|
|
|
|
2022-08-04 - Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations.pdf
|
|
|
|
|
2022-08-04 - North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics.pdf
|
|
|
|
|
2022-08-04 - Ousaban- LATAM Banking Malware Abusing Cloud Services.pdf
|
|
|
|
|
2022-08-04 - Pro-PRC “HaiEnergy” Information Operations Campaign Leverages Infrastructure from Public Relations Firm to Disseminate Content on Inauthentic News Sites.pdf
|
|
|
|
|
2022-08-04 - Ransomware Roundup- Redeemer, Beamed, and More.pdf
|
|
|
|
|
2022-08-04 - ROADSWEEP Ransomware - Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations.pdf
|
|
|
|
|
2022-08-04 - Technical Analysis of Bumblebee Malware Loader.pdf
|
|
|
|
|
2022-08-04 - Top of the Pops- Three common ransomware entry techniques.pdf
|
|
|
|
|
2022-08-04 - X-FILES Stealer Evolution - An Analysis and Comparison Study.pdf
|
|
|
|
|
2022-08-05 - LokiBot Analysis.pdf
|
|
|
|
|
2022-08-05 - Say NO to Nopyfy!.pdf
|
|
|
|
|
2022-08-05 - The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information.pdf
|
|
|
|
|
2022-08-06 - A Look Back At Bazarloader’s Dga.pdf
|
|
|
|
|
2022-08-07 - Analyzing .NET Core Single File Samples (DUCKTAIL Case Study).pdf
|
|
|
|
|
2022-08-07 - Config Extractor per DanaBot (PARTE 1).pdf
|
|
|
|
|
2022-08-07 - LogoKit Update – The Phishing Kit Leveraging Open Redirect Vulnerabilities.pdf
|
|
|
|
|
2022-08-07 - Vulnerabilities In E-Commerce Solutions - Hunting On Big Apples.pdf
|
|
|
|
|
2022-08-08 - An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure.pdf
|
|
|
|
|
2022-08-08 - BumbleBee Roasts Its Way to Domain Admin.pdf
|
|
|
|
|
2022-08-08 - Life After Death - SmokeLoader Continues to Haunt Using Old Vulnerabilities.pdf
|
|
|
|
|
2022-08-08 - Malware sandbox evasion in x64 assembly by checking ram size - Part 1.pdf
|
|
|
|
|
2022-08-08 - YARA for config extraction.pdf
|
|
|
|
|
2022-08-09 - AiTM phishing attack targeting enterprise users of Gmail.pdf
|
|
|
|
|
2022-08-09 - Andariel deploys DTrack and Maui ransomware.pdf
|
|
|
|
|
2022-08-09 - Bitter APT Group Using “Dracarys” Android Spyware.pdf
|
|
|
|
|
2022-08-09 - Fake Instagram Verification & Twitter Badge Phishing.pdf
|
|
|
|
|
2022-08-09 - Pivoting on a SharpExt to profile Kimusky panels for great good.pdf
|
|
|
|
|
2022-08-09 - Raspberry Robin- Highly Evasive Worm Spreads over External Disks.pdf
|
|
|
|
|
2022-08-10 - Avast Q2-2022 Threat Report- Farewell to Conti, Zloader, and Maldocs; Hello Resurrection of Raccoon Stealer, and more Ransomware Attacks.pdf
|
|
|
|
|
2022-08-10 - BlueSky Ransomware- Fast Encryption via Multithreading.pdf
|
|
|
|
|
2022-08-10 - Cisco Talos shares insights related to recent cyber attack on Cisco.pdf
|
|
|
|
|
2022-08-10 - Emotet SMB Spreader is Back.pdf
|
|
|
|
|
2022-08-10 - Indian Power Sector targeted with latest LockBit 3.0 variant.pdf
|
|
|
|
|
2022-08-10 - Novel News on Cuba Ransomware- Greetings From Tropical Scorpius.pdf
|
|
|
|
|
2022-08-10 - Operation(верность) mercenary- a torrent of steel trapped in the plains of Eastern Europe.pdf
|
|
|
|
|
2022-08-10 - spynote.pdf
|
|
|
|
|
2022-08-10 - The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I).pdf
|
|
|
|
|
2022-08-10 - VileRAT- DeathStalker’s continuous strike at foreign and cryptocurrency exchanges.pdf
|
|
|
|
|
2022-08-10 - “Pegasus”, the spyware for smartphones. How does it work and how can you protect yourself-.pdf
|
|
|
|
|
2022-08-11 - Alert (AA22-223A) #StopRansomware- Zeppelin Ransomware.pdf
|
|
|
|
|
2022-08-11 - Alert (AA22-223A) StopRansomware- Zeppelin Ransomware.pdf
|
|
|
|
|
2022-08-11 - APT-C-35 GETS A NEW UPGRADE.pdf
|
|
|
|
|
2022-08-11 - Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution.pdf
|
|
|
|
|
2022-08-11 - CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies.pdf
|
|
|
|
|
2022-08-11 - How cybercriminals are weaponizing leaked ransomware data for follow-up attacks.pdf
|
|
|
|
|
2022-08-11 - LNK forensic and config extraction of a cobalt strike beacon.pdf
|
|
|
|
|
2022-08-11 - MoqHao Android malware analysis and phishing campaign.pdf
|
|
|
|
|
2022-08-11 - PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero.pdf
|
|
|
|
|
2022-08-11 - SOVA malware is back and is evolving rapidly.pdf
|
|
|
|
|
2022-08-11 - State of the Remote Access Tools, Part 1.pdf
|
|
|
|
|
2022-08-11 - The Increase in Ransomware Attacks on Local Governments.pdf
|
|
|
|
|
2022-08-11 - “BazarCall” Advisory- Essential Guide to Attack Vector that Revolutionized Data Breaches.pdf
|
|
|
|
|
2022-08-12 - Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users (IOCs).pdf
|
|
|
|
|
2022-08-12 - Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users.pdf
|
|
|
|
|
2022-08-12 - LuckyMouse uses a backdoored Electron app to target MacOS.pdf
|
|
|
|
|
2022-08-12 - Monster Libra (TA551-Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike.pdf
|
|
|
|
|
2022-08-12 - The Anatomy of Wiper Malware, Part 1- Common Techniques.pdf
|
|
|
|
|
2022-08-12 - The Swan Song for Driver Signature Enforcement Tampering.pdf
|
|
|
|
|
2022-08-13 - Early Analysis of the Twilio phishing attack-it is the tip of the iceberg.pdf
|
|
|
|
|
2022-08-15 - A Deep Dive Into Black Basta Ransomware.pdf
|
|
|
|
|
2022-08-15 - Detecting a Rogue Domain Controller – DCShadow Attack.pdf
|
|
|
|
|
2022-08-15 - Disrupting SEABORGIUM’s ongoing phishing operations.pdf
|
|
|
|
|
2022-08-15 - JSSLoader- the shellcode edition.pdf
|
|
|
|
|
2022-08-15 - Malware sandbox evasion in x64 assembly by checking ram size - Part 2.pdf
|
|
|
|
|
2022-08-15 - Shuckworm- Russia-Linked Group Maintains Ukraine Focus.pdf
|
|
|
|
|
2022-08-16 - AsyncRAT C2 Framework- Overview, Technical Analysis & Detection.pdf
|
|
|
|
|
2022-08-16 - BugDrop- the first malware trying to circumvent Google's security Controls.pdf
|
|
|
|
|
2022-08-16 - Cleartext Shenanigans- Gifting User Passwords to Adversaries With NPPSPY.pdf
|
|
|
|
|
2022-08-16 - FluBot Android Malware Analysis.pdf
|
|
|
|
|
2022-08-16 - SocGholish- 5+ Years of Massive Website Infections.pdf
|
|
|
|
|
2022-08-16 - SocGholish- Over 5 Years of Massive Website Infections.pdf
|
|
|
|
|
2022-08-16 - Threat in your browser- what dangers innocent-looking extensions hold for users.pdf
|
|
|
|
|
2022-08-16 - Two more malicious Python packages in the PyPI.pdf
|
|
|
|
|
2022-08-17 - APT Lazarus Targets Engineers with macOS Malware.pdf
|
|
|
|
|
2022-08-17 - Bumblebee Loader – The High Road to Enterprise Domain Control.pdf
|
|
|
|
|
2022-08-17 - DarkTortilla Malware Analysis.pdf
|
|
|
|
|
2022-08-17 - Hunting Follina.pdf
|
|
|
|
|
2022-08-17 - IRATA.pdf
|
|
|
|
|
2022-08-17 - Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East.pdf
|
|
|
|
|
2022-08-17 - Suspected Iranian Actor Targeting Israeli Shipping, Healthcare, Government and Energy Sectors.pdf
|
|
|
|
|
2022-08-17 - Switching side jobs Links between ATMZOW JS-sniffer and Hancitor.pdf
|
|
|
|
|
2022-08-18 - A Sticky Situation Part 2.pdf
|
|
|
|
|
2022-08-18 - APT41 World Tour 2021 on a tight schedule.pdf
|
|
|
|
|
2022-08-18 - BianLian- New Ransomware Variant On The Rise.pdf
|
|
|
|
|
2022-08-18 - Cookie stealing- the new perimeter bypass.pdf
|
|
|
|
|
2022-08-18 - From Ramnit To Bumblebee (via NeverQuest)- Similarities and Code Overlap Shed Light On Relationships Between Malware Developers.pdf
|
|
|
|
|
2022-08-18 - Grandoreiro Banking Trojan with New TTPs Targeting Various Industry Verticals.pdf
|
|
|
|
|
2022-08-18 - Hardware-based threat defense against increasingly complex cryptojackers.pdf
|
|
|
|
|
2022-08-18 - Luca Stealer Targets Password Managers and Cryptocurrency Wallets.pdf
|
|
|
|
|
2022-08-18 - New APT group MURENSHARK investigative report- Torpedoes hit Turkish Navy.pdf
|
|
|
|
|
2022-08-18 - Overview of the Cyber Weapons Used in the Ukraine - Russia War.pdf
|
|
|
|
|
2022-08-18 - Raccoon Infostealer Malware Returns with New TTPS – Detection & Response.pdf
|
|
|
|
|
2022-08-18 - Ransomware Roundup- Gwisin, Kriptor, Cuba, and More.pdf
|
|
|
|
|
2022-08-18 - RAT tool disguised as a solution file (.sln) on GitHub.pdf
|
|
|
|
|
2022-08-18 - Reservations Requested- TA558 Targets Hospitality and Travel.pdf
|
|
|
|
|
2022-08-18 - You Can’t Audit Me- APT29 Continues Targeting Microsoft 365.pdf
|
|
|
|
|
2022-08-19 - Analyzing Attack Data and Trends Targeting Ukrainian Domains.pdf
|
|
|
|
|
2022-08-19 - Back in Black- Unlocking a LockBit 3.0 Ransomware Attack.pdf
|
|
|
|
|
2022-08-19 - Brazil malspam pushes Astaroth (Guildma) malware.pdf
|
|
|
|
|
2022-08-19 - Cybercriminals Are Targeting Law Enforcement Agencies Worldwide.pdf
|
|
|
|
|
2022-08-19 - EvilCoder Project Selling Multiple Dangerous Tools Online.pdf
|
|
|
|
|
2022-08-19 - IOCs for Manjusaka.pdf
|
|
|
|
|
2022-08-19 - Is Tox The New C&C Method For Coinminers-.pdf
|
|
|
|
|
2022-08-19 - Moisha Ransomware.pdf
|
|
|
|
|
2022-08-19 - THREAT ALERT- Inside the Redeemer 2.0 Ransomware.pdf
|
|
|
|
|
2022-08-21 - Behind the Attack- Remcos RAT.pdf
|
|
|
|
|
2022-08-21 - Escanor Malware Delivered In Weaponized Microsoft Office Documents.pdf
|
|
|
|
|
2022-08-22 - A Cyber Threat Intelligence Self-Study Plan- Part 2.pdf
|
|
|
|
|
2022-08-22 - A Tale of PivNoxy and Chinoxy Puppeteer.pdf
|
|
|
|
|
2022-08-22 - Meow Ransomware.pdf
|
|
|
|
|
2022-08-22 - Ocean Lotus APT Group.pdf
|
|
|
|
|
2022-08-23 - Emotet Resurgence- Cross-Industry Campaign Analysis.pdf
|
|
|
|
|
2022-08-23 - Legitimate SaaS Platforms Being Used to Host Phishing Attacks.pdf
|
|
|
|
|
2022-08-23 - Making victims pay, infostealer malwares mimick pirated-software download sites.pdf
|
|
|
|
|
2022-08-23 - New Iranian APT data extraction tool.pdf
|
|
|
|
|
2022-08-24 - Demystifying Qbot Malware.pdf
|
|
|
|
|
2022-08-24 - Looking for the ‘Sliver’ lining- Hunting for emerging command-and-control frameworks.pdf
|
|
|
|
|
2022-08-24 - Looking into the Void - Targeting Bulletproof Hosts to Block Attacks Early in the Kill Chain.pdf
|
|
|
|
|
2022-08-24 - MagicWeb- NOBELIUM’s post-compromise trick to authenticate as anyone.pdf
|
|
|
|
|
2022-08-24 - QBOT Malware Analysis.pdf
|
|
|
|
|
2022-08-24 - Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus (IoCs).pdf
|
|
|
|
|
2022-08-24 - Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus.pdf
|
|
|
|
|
2022-08-24 - The Anatomy of Wiper Malware, Part 2- Third-Party Drivers.pdf
|
|
|
|
|
2022-08-24 - The Dark Side of Bumblebee Malware Loader.pdf
|
|
|
|
|
2022-08-24 - Virustotal Page for the sample.pdf
|
|
|
|
|
2022-08-25 - AppLocker Rules as Defense Evasion- Complete Analysis.pdf
|
|
|
|
|
2022-08-25 - BleachGap Revamped.pdf
|
|
|
|
|
2022-08-25 - BlueSky Ransomware - AD Lateral Movement, Evasion and Fast Encryption Put Threat on the Radar.pdf
|
|
|
|
|
2022-08-25 - COVID-19 Data Put For Sale In Dark Web.pdf
|
|
|
|
|
2022-08-25 - Detecting the Unknown- Revealing Uncategorized Ransomware Using Darktrace.pdf
|
|
|
|
|
2022-08-25 - Kimsuky’s GoldDragon cluster and its C2 operations.pdf
|
|
|
|
|
2022-08-25 - Major Indonesia tollroad operator hacked by DESORDEN (Updated).pdf
|
|
|
|
|
2022-08-25 - MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations.pdf
|
|
|
|
|
2022-08-25 - MORE_EGGS and Some LinkedIn Resumé Spearphishing.pdf
|
|
|
|
|
2022-08-25 - New Golang Ransomware Agenda Customizes Attacks (IoCs).pdf
|
|
|
|
|
2022-08-25 - New Golang Ransomware Agenda Customizes Attacks.pdf
|
|
|
|
|
2022-08-25 - Roasting 0ktapus- The phishing campaign going after Okta identity credentials.pdf
|
|
|
|
|
2022-08-25 - SmokeLoader Triage Taking a look how Smoke Loader works.pdf
|
|
|
|
|
2022-08-25 - Technical analysis of IRATA android malware.pdf
|
|
|
|
|
2022-08-25 - Threat Assessment- Black Basta Ransomware.pdf
|
|
|
|
|
2022-08-28 - LockBit ransomware gang gets aggressive with triple-extortion tactic.pdf
|
|
|
|
|
2022-08-28 - Revealing Europe's NSO.pdf
|
|
|
|
|
2022-08-29 - A Technical Analysis of Pegasus for Android – Part 1.pdf
|
|
|
|
|
2022-08-29 - AsyncRAT- Using Fully Undetected Downloader.pdf
|
|
|
|
|
2022-08-29 - Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications.pdf
|
|
|
|
|
2022-08-29 - CosmicDuke Malware Analysis Report.pdf
|
|
|
|
|
2022-08-29 - Crypto miners’ latest techniques.pdf
|
|
|
|
|
2022-08-29 - Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users.pdf
|
|
|
|
|
2022-08-29 - Mini Stealer- Possible Predecessor Of Parrot Stealer.pdf
|
|
|
|
|
2022-08-29 - New Golang Attack Campaign GO-WEBBFUSCATOR Leverages Office Macros and James Webb Images to Infect Systems.pdf
|
|
|
|
|
2022-08-29 - Office Files, RTF files, Shellcode and more shenanigans.pdf
|
|
|
|
|
2022-08-29 - PureCrypter is busy pumping out various malicious malware families.pdf
|
|
|
|
|
2022-08-29 - PureCrypter Loader continues to be active and has spread to more than 10 other families.pdf
|
|
|
|
|
2022-08-29 - Remcos RAT New TTPS - Detection & Response.pdf
|
|
|
|
|
2022-08-29 - Securonix Threat Labs Security Advisory- New Golang Attack Campaign GO#WEBBFUSCATOR Leverages Office Macros and James Webb Images to Infect Systems.pdf
|
|
|
|
|
2022-08-29 - Securonix Threat Labs Security Advisory- New Golang Attack Campaign GOWEBBFUSCATOR Leverages Office Macros and James Webb Images to Infect Systems.pdf
|
|
|
|
|
2022-08-29 - Tor 101- How Tor Works and its Risks to the Enterprise.pdf
|
|
|
|
|
2022-08-29 - Traffers- a deep dive into the information stealer ecosystem.pdf
|
|
|
|
|
2022-08-30 - Brute Force Attempts May Have Preceded Ransomware Attack on School District.pdf
|
|
|
|
|
2022-08-30 - ChromeLoader Browser Hijacker.pdf
|
|
|
|
|
2022-08-30 - Hacker Infrastructure Used in Cisco Breach Discovered Attacking a Top Workforce Management Corporation & an Affiliate of Russia’s Evil Corp Gang Suspected, Reports eSentire.pdf
|
|
|
|
|
2022-08-30 - ModernLoader delivers multiple stealers, cryptominers and RATs.pdf
|
|
|
|
|
2022-08-30 - NanoCore RAT Hunting Guide.pdf
|
|
|
|
|
2022-08-30 - Raccoon Stealer 2.0 Malware analysis.pdf
|
|
|
|
|
2022-08-30 - Rising Tide- Chasing the Currents of Espionage in the South China Sea.pdf
|
|
|
|
|
2022-08-30 - SmokeLoader - Quick-Analysis.pdf
|
|
|
|
|
2022-08-31 - Analysis of APT35 Infrastructure Reveals Interest in Egyptian Shipping Companies.pdf
|
|
|
|
|
2022-08-31 - Asbit- An Emerging Remote Desktop Trojan.pdf
|
|
|
|
|
2022-08-31 - Deep Dive into a Corporate Espionage Operation.pdf
|
|
|
|
|
2022-08-31 - ERMAC 2.0- Perfecting the Account Takeover.pdf
|
|
|
|
|
2022-08-31 - Tracking PrivateLoader- Malware Distribution Service.pdf
|
|
|
|
|
2022-09-01 - BianLian Ransomware Gang Gives It a Go!.pdf
|
|
|
|
|
2022-09-01 - No Honor Among Thieves - Prynt Stealer’s Backdoor Exposed.pdf
|
|
|
|
|
2022-09-01 - PyPI Phishing Campaign - JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks.pdf
|
|
|
|
|
2022-09-01 - Ransomware Spotlight Black Basta.pdf
|
|
|
|
|
2022-09-01 - Raspberry Robin and Dridex- Two Birds of a Feather.pdf
|
|
|
|
|
2022-09-01 - SafeBreach Labs Researchers Uncover New Remote Access Trojan (RAT).pdf
|
|
|
|
|
2022-09-01 - Technical analysis of SOVA android malware.pdf
|
|
|
|
|
2022-09-02 - BianLian Ransomware Expanding C2 Infrastructure and Operational Tempo.pdf
|
|
|
|
|
2022-09-02 - Buzzing in the Background- BumbleBee, a New Modular Backdoor Evolved From BookWorm.pdf
|
|
|
|
|
2022-09-02 - Customer data from hundreds of Indonesian and Malaysian restaurants hacked by DESORDEN.pdf
|
|
|
|
|
2022-09-02 - Sharkbot is back in Google Play.pdf
|
|
|
|
|
2022-09-02 - What Is Redeemer Ransomware and How Does It Spread- A Technical Analysis.pdf
|
|
|
|
|
2022-09-03 - PLAY Ransomware.pdf
|
|
|
|
|
2022-09-05 - Bumblebee Loader Malware Analysis.pdf
|
|
|
|
|
2022-09-05 - EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web.pdf
|
|
|
|
|
2022-09-05 - Mythic Case Study- Assessing Common Offensive Security Tools.pdf
|
|
|
|
|
2022-09-05 - Scam Android app steals Bank Credentials and SMS- MyPetronas APK.pdf
|
|
|
|
|
2022-09-06 - Alert (AA22-249A) #StopRansomware- Vice Society.pdf
|
|
|
|
|
2022-09-06 - Alert (AA22-249A) StopRansomware- Vice Society.pdf
|
|
|
|
|
2022-09-06 - An Obfuscated Beacon – Extra XOR Layer.pdf
|
|
|
|
|
2022-09-06 - DangerousSavanna- Two-year long campaign targets financial institutions in French-speaking Africa.pdf
|
|
|
|
|
2022-09-06 - Malware development tricks- parent PID spoofing. Simple Cplusplus example..pdf
|
|
|
|
|
2022-09-06 - Mirai Variant MooBot Targeting D-Link Devices.pdf
|
|
|
|
|
2022-09-06 - Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa.pdf
|
|
|
|
|
2022-09-06 - Pro-Palestinian Hacking Group Compromises Berghof PLCs in Israel.pdf
|
|
|
|
|
2022-09-06 - Pro-Russian Group Targeting Ukraine Supporters with DDoS Attacks.pdf
|
|
|
|
|
2022-09-06 - Shikitega - New stealthy malware targeting Linux.pdf
|
|
|
|
|
2022-09-06 - Technical analysis of SharkBot android malware.pdf
|
|
|
|
|
2022-09-06 - TTPs Associated With a New Version of the BlackCat Ransomware.pdf
|
|
|
|
|
2022-09-06 - Worok- The big picture.pdf
|
|
|
|
|
2022-09-07 - APT42- Crooked Charms, Cons, and Compromises.pdf
|
|
|
|
|
2022-09-07 - Bumblebee Returns With New Infection Technique.pdf
|
|
|
|
|
2022-09-07 - Conti vs. Monti- A Reinvention or Just a Simple Rebranding-.pdf
|
|
|
|
|
2022-09-07 - Initial access broker repurposing techniques in targeted attacks against Ukraine.pdf
|
|
|
|
|
2022-09-07 - MagicRAT- Lazarus’ latest gateway into victim networks.pdf
|
|
|
|
|
2022-09-07 - Profiling DEV-0270- PHOSPHORUS’ ransomware operations.pdf
|
|
|
|
|
2022-09-07 - The Curious Case of “Monti” Ransomware- A Real-World Doppelganger.pdf
|
|
|
|
|
2022-09-08 - BRONZE PRESIDENT Targets Government Officials.pdf
|
|
|
|
|
2022-09-08 - Charming Kitten- -Can We Have A Meeting-- Important puzzle pieces of Charming Kitten's cyber espionage operations.pdf
|
|
|
|
|
2022-09-08 - Crimeware Trends - Ransomware Developers Turn to Intermittent Encryption to Evade Detection.pdf
|
|
|
|
|
2022-09-08 - How Malicious Actors Abuse Native Linux Tools in Attacks.pdf
|
|
|
|
|
2022-09-08 - Lazarus and the tale of three RATs.pdf
|
|
|
|
|
2022-09-08 - Microsoft investigates Iranian attacks against the Albanian government.pdf
|
|
|
|
|
2022-09-08 - Russian Cyberwarfare- Unpacking the Kremlin’s Capabilities.pdf
|
|
|
|
|
2022-09-08 - The art and science behind Microsoft threat hunting- Part 1.pdf
|
|
|
|
|
2022-09-08 - Threat Analysis Report- PlugX RAT Loader Evolution.pdf
|
|
|
|
|
2022-09-08 - What to Expect When You’re Electing- Preparing for Cyber Threats to the 2022 U.S. Midterm Elections.pdf
|
|
|
|
|
2022-09-09 - BUGHATCH Malware Analysis.pdf
|
|
|
|
|
2022-09-09 - Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing.pdf
|
|
|
|
|
2022-09-10 - Malware development- persistence - part 10. Using Image File Execution Options. Simple C++ example..pdf
|
|
|
|
|
2022-09-10 - Malware development- persistence - part 10. Using Image File Execution Options. Simple CPlusPlus example..pdf
|
|
|
|
|
2022-09-10 - Realizziamo un C&C Server in Python (Bankshot).pdf
|
|
|
|
|
2022-09-12 - Chiseling In- Lorenz Ransomware Group Cracks MiVoice And Calls Back For Free.pdf
|
|
|
|
|
2022-09-12 - Dead or Alive- An Emotet Story.pdf
|
|
|
|
|
2022-09-12 - Raccoon Stealer V2 in depth Analysis.pdf
|
|
|
|
|
2022-09-12 - Raccoon Stealer v2 Malware Analysis.pdf
|
|
|
|
|
2022-09-12 - Security Breaks- TeamTNT’s DockerHub Credentials Leak.pdf
|
|
|
|
|
2022-09-12 - The evolution of GuLoader.pdf
|
|
|
|
|
2022-09-13 - AdvIntel's State of Emotet aka -SpmTools- Displays Over Million Compromised Machines Through 2022.pdf
|
|
|
|
|
2022-09-13 - Back to School- BEC Group Targets Teachers with Payroll Diversion Attacks.pdf
|
|
|
|
|
2022-09-13 - Look What You Made Me Do- TA453 Uses Multi-Persona Impersonation to Capitalize on FOMO.pdf
|
|
|
|
|
2022-09-13 - Magento vendor Fishpig hacked, backdoors added.pdf
|
|
|
|
|
2022-09-13 - New Wave of Espionage Activity Targets Asian Governments.pdf
|
|
|
|
|
2022-09-13 - OriginLogger- A Look at Agent Tesla’s Successor.pdf
|
|
|
|
|
2022-09-14 - A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities.pdf
|
|
|
|
|
2022-09-14 - Alert (AA22-257A)- Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations.pdf
|
|
|
|
|
2022-09-14 - It's Time to PuTTY! DPRK Job Opportunity Phishing via WhatsApp.pdf
|
|
|
|
|
2022-09-14 - Opsec Mistakes Reveal COBALT MIRAGE Threat Actors.pdf
|
|
|
|
|
2022-09-14 - Pro-Russian Hacktivist Groups Target Ukraine Supporters.pdf
|
|
|
|
|
2022-09-14 - THREAT ANALYSIS REPORT- Abusing Notepad Plugins for Evasion and Persistence.pdf
|
|
|
|
|
2022-09-14 - THREAT ANALYSIS REPORT- Abusing Notepad++ Plugins for Evasion and Persistence.pdf
|
|
|
|
|
2022-09-14 - You never walk alone- The SideWalk backdoor gets a Linux variant.pdf
|
|
|
|
|
2022-09-15 - Erbium InfoStealer Enters the Scene- Characteristics and Origins.pdf
|
|
|
|
|
2022-09-15 - F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech.pdf
|
|
|
|
|
2022-09-15 - From the Front Lines - Slam! Anatomy of a Publicly-Available Ransomware Builder.pdf
|
|
|
|
|
2022-09-15 - Gamaredon APT targets Ukrainian government agencies in new campaign.pdf
|
|
|
|
|
2022-09-15 - PrivateLoader- the loader of the prevalent ruzki PPI service.pdf
|
|
|
|
|
2022-09-15 - Self-spreading stealer attacks gamers via YouTube.pdf
|
|
|
|
|
2022-09-15 - Threat Alert- New Malware in the Cloud By TeamTNT.pdf
|
|
|
|
|
2022-09-15 - Webworm- Espionage Attackers Testing and Using Older Modified RATs.pdf
|
|
|
|
|
2022-09-16 - Bumblebee Malware Loader- Threat Analysis.pdf
|
|
|
|
|
2022-09-16 - Deception in Depth - Building Deceptions from Breaches.pdf
|
|
|
|
|
2022-09-16 - Recordbreaker- The Resurgence of Raccoon.pdf
|
|
|
|
|
2022-09-16 - Uber hacked, internal systems breached and vulnerability reports stolen.pdf
|
|
|
|
|
2022-09-16 - Unflattening ConfuserEx Code in IDA.pdf
|
|
|
|
|
2022-09-16 - Zero-Day Exploit Detection Using Machine Learning.pdf
|
|
|
|
|
2022-09-18 - Raccoon back with new claws!.pdf
|
|
|
|
|
2022-09-19 - Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I.pdf
|
|
|
|
|
2022-09-19 - Hacking group focused on Central America dumps 10 terabytes of military emails, files.pdf
|
|
|
|
|
2022-09-20 - Malware development- persistence - part 11. Powershell profile. Simple Cplusplus example..pdf
|
|
|
|
|
2022-09-21 - Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania.pdf
|
|
|
|
|
2022-09-21 - Native function and Assembly Code Invocation.pdf
|
|
|
|
|
2022-09-21 - Rewards plus- Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices.pdf
|
|
|
|
|
2022-09-21 - SystemBC- The Multipurpose Proxy Bot Still Breathes.pdf
|
|
|
|
|
2022-09-21 - Technical Analysis of Crytox Ransomware.pdf
|
|
|
|
|
2022-09-21 - Technical analysis of Hydra android malware.pdf
|
|
|
|
|
2022-09-21 - The art and science behind Microsoft threat hunting- Part 2.pdf
|
|
|
|
|
2022-09-22 - 7 Years of Scarlet Mimic’s Mobile Surveillance Campaign Targeting Uyghurs.pdf
|
|
|
|
|
2022-09-22 - A Technical Analysis Of The Leaked LOCKBIT 3.0 Builder.pdf
|
|
|
|
|
2022-09-22 - Alert (AA22-265A) Control System Defense- Know the Opponent.pdf
|
|
|
|
|
2022-09-22 - ALPHV-BlackCat ransomware family becoming more dangerous.pdf
|
|
|
|
|
2022-09-22 - Malicious OAuth applications used to compromise email servers and spread spam.pdf
|
|
|
|
|
2022-09-22 - Noberus Ransomware- Darkside and BlackMatter Successor Continues to Evolve its Tactics.pdf
|
|
|
|
|
2022-09-22 - Quick Overview of Leaked LockBit 3.0 (Black) builder program.pdf
|
|
|
|
|
2022-09-22 - Raspberry Robin’s Roshtyak- A Little Lesson in Trickery.pdf
|
|
|
|
|
2022-09-22 - Recent Cyber Chaos is a Structural Shift.pdf
|
|
|
|
|
2022-09-22 - Technical analysis of Ginp android malware.pdf
|
|
|
|
|
2022-09-22 - The Mystery of Metador - An Unattributed Threat Hiding in Telcos, ISPs, and Universities.pdf
|
|
|
|
|
2022-09-22 - Void Balaur - The Sprawling Infrastructure of a Careless Mercenary.pdf
|
|
|
|
|
2022-09-22 - Watch Out For The New NFT-001.pdf
|
|
|
|
|
2022-09-23 - FARGO Ransomware (Mallox) Being Distributed to Unsecured MS-SQL Servers.pdf
|
|
|
|
|
2022-09-23 - GRU- Rise of the (Telegram) MinIOns.pdf
|
|
|
|
|
2022-09-23 - In the footsteps of the Fancy Bear- PowerPoint mouse-over event abused to deliver Graphite implants.pdf
|
|
|
|
|
2022-09-23 - Mass email campaign with a pinch of targeted spam.pdf
|
|
|
|
|
2022-09-23 - Poseidon’s Offspring- Charybdis and Scylla.pdf
|
|
|
|
|
2022-09-24 - So Long (Go)Daddy - Tracking BlackTech Infrastructure.pdf
|
|
|
|
|
2022-09-25 - APT techniques- Access Token manipulation. Token theft. Simple Cplusplus example..pdf
|
|
|
|
|
2022-09-25 - Technical analysis of Alien android malware.pdf
|
|
|
|
|
2022-09-26 - BumbleBee- Round Two.pdf
|
|
|
|
|
2022-09-26 - DcDcrypt Ransomware Decryptor.pdf
|
|
|
|
|
2022-09-26 - Hunting for Unsigned DLLs to Find APTs.pdf
|
|
|
|
|
2022-09-26 - Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto.pdf
|
|
|
|
|
2022-09-26 - New Erbium password-stealing malware spreads as game cracks, cheats.pdf
|
|
|
|
|
2022-09-26 - NullMixer- oodles of Trojans in a single dropper.pdf
|
|
|
|
|
2022-09-26 - The Anatomy of Wiper Malware, Part 3- Input-Output Controls.pdf
|
|
|
|
|
2022-09-27 - A Deep Dive Into the APT28’s stealer called CredoMap.pdf
|
|
|
|
|
2022-09-27 - A technical analysis of Pegasus for Android – Part 2.pdf
|
|
|
|
|
2022-09-27 - AllcomeClipper samples on MalwareBazaar.pdf
|
|
|
|
|
2022-09-27 - Chaos Is A Go-Based Swiss Army Knife Of Malware (IOCs).pdf
|
|
|
|
|
2022-09-27 - More Than Meets the Eye- Exposing a Polyglot File That Delivers IcedID.pdf
|
|
|
|
|
2022-09-27 - Solarmarker- The Old is New.pdf
|
|
|
|
|
2022-09-28 - ArrowRat.pdf
|
|
|
|
|
2022-09-28 - Chaos Is A Go-Based Swiss Army Knife Of Malware.pdf
|
|
|
|
|
2022-09-28 - Investigating Web Shells.pdf
|
|
|
|
|
2022-09-28 - Prilex- the pricey prickle credit card complex.pdf
|
|
|
|
|
2022-09-28 - Securonix Threat Labs Security Advisory- Detecting STEEP#MAVERICK- New Covert Attack Campaign Targeting Military Contractors.pdf
|
|
|
|
|
2022-09-28 - Securonix Threat Labs Security Advisory- Detecting STEEPMAVERICK- New Covert Attack Campaign Targeting Military Contractors.pdf
|
|
|
|
|
2022-09-28 - Threat Spotlight- Continuing attacks on Atlassian Confluence zero day.pdf
|
|
|
|
|
2022-09-29 - America’s Throwaway Spies How the CIA failed Iranian informants in its secret war with Tehran.pdf
|
|
|
|
|
2022-09-29 - Bad VIB(E)s Part One- Investigating Novel Malware Persistence Within ESXi Hypervisors.pdf
|
|
|
|
|
2022-09-29 - Bad VIB(E)s Part Two- Detection and Hardening within ESXi Hypervisors.pdf
|
|
|
|
|
2022-09-29 - Doenerium- It’s Not a Crime to Steal From Thieves.pdf
|
|
|
|
|
2022-09-29 - New Royal Ransomware emerges in multi-million dollar attacks.pdf
|
|
|
|
|
2022-09-29 - Seychelles, Seychelles, on the C(2) Shore- An overview of a bulletproof hosting provider named ELITETEAM..pdf
|
|
|
|
|
2022-09-29 - Warning Campaign Attack Using Zero Day Vulnerability on Microsoft Exchange Server.pdf
|
|
|
|
|
2022-09-29 - Witchetty- Group Uses Updated Toolset in Attacks on Governments in Middle East.pdf
|
|
|
|
|
2022-09-29 - ZINC weaponizing open-source software.pdf
|
|
|
|
|
2022-09-30 - A glimpse into the shadowy realm of a Chinese APT- detailed analysis of a ShadowPad intrusion.pdf
|
|
|
|
|
2022-09-30 - Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium.pdf
|
|
|
|
|
2022-09-30 - Diavol resurfaces.pdf
|
|
|
|
|
2022-09-30 - Dissecting BlueSky Ransomware Payload.pdf
|
|
|
|
|
2022-09-30 - Malware development- persistence - part 12. Accessibility Features. Simple C++ example..pdf
|
|
|
|
|
2022-09-30 - Malware development- persistence - part 12. Accessibility Features. Simple CPlusPlus example..pdf
|
|
|
|
|
2022-09-30 - Technical Analysis of MedusaLocker Ransomware.pdf
|
|
|
|
|
2022-10-01 - Analysis-Mexico data hack exposes government cybersecurity vulnerability.pdf
|
|
|
|
|
2022-10-01 - DarkCloud Stealer Triage.pdf
|
|
|
|
|
2022-10-01 - Ladon hacking framework.pdf
|
|
|
|
|
2022-10-02 - Thailand’s THE ICON GROUP hacked by DESORDEN.pdf
|
|
|
|
|
2022-10-03 - 3rd October – Threat Intelligence Report.pdf
|
|
|
|
|
2022-10-03 - Bumblebee- increasing its capacity and evolving its TTPs.pdf
|
|
|
|
|
2022-10-03 - DeftTorero- tactics, techniques and procedures of intrusions revealed.pdf
|
|
|
|
|
2022-10-03 - Some Notes on VIRTUALGATE.pdf
|
|
|
|
|
2022-10-03 - Water Labbu Abuses Malicious DApps to Steal Cryptocurrency.pdf
|
|
|
|
|
2022-10-04 - Alert (AA22-277A) Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization.pdf
|
|
|
|
|
2022-10-04 - Deliver a Strike by Reversing a Badger- Brute Ratel Detection and Analysis.pdf
|
|
|
|
|
2022-10-04 - MSSQL, meet Maggie.pdf
|
|
|
|
|
2022-10-04 - Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse.pdf
|
|
|
|
|
2022-10-04 - Rewterz Threat Alert – KONNI APT Group – Active IOCs.pdf
|
|
|
|
|
2022-10-04 - Witchetty APT Group.pdf
|
|
|
|
|
2022-10-05 - Analysis of LilithBot Malware and Eternity Threat Group.pdf
|
|
|
|
|
2022-10-05 - Detecting and preventing LSASS credential dumping attacks.pdf
|
|
|
|
|
2022-10-05 - Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II.pdf
|
|
|
|
|
2022-10-05 - Sinkholing PseudoManuscrypt- From Zero To 50k Infections - Part 1.pdf
|
|
|
|
|
2022-10-06 - Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors.pdf
|
|
|
|
|
2022-10-06 - Amazon Web Services- Exploring The Cost Of Exfil.pdf
|
|
|
|
|
2022-10-06 - Evolution of BazarCall Social Engineering Tactics.pdf
|
|
|
|
|
2022-10-06 - Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims.pdf
|
|
|
|
|
2022-10-06 - New Spyware RatMilad Targets Middle Eastern Mobile Devices.pdf
|
|
|
|
|
2022-10-06 - NullMixer Drops Multiple Malware Families.pdf
|
|
|
|
|
2022-10-06 - Rhadamanthys Stealer Analysis.pdf
|
|
|
|
|
2022-10-07 - A Visualizza into Recent IcedID Campaigns- Reconstructing Threat Actor Metrics with Pure Signal™ Recon.pdf
|
|
|
|
|
2022-10-07 - Analysis of CISA releases Advisory on Top CVEs Exploited Chinese State-Sponsored Groups.pdf
|
|
|
|
|
2022-10-07 - LofyGang – Software Supply Chain Attackers; Organized, Persistent, and Operating for Over a Year.pdf
|
|
|
|
|
2022-10-08 - Nimbo-C2 - A new C2 Framework.pdf
|
|
|
|
|
2022-10-09 - Johnson Fitness and Wellness hit by DESORDEN Group.pdf
|
|
|
|
|
2022-10-11 - Hacking group POLONIUM uses ‘Creepy’ malware against Israel.pdf
|
|
|
|
|
2022-10-11 - POLONIUM targets Israel with Creepy malware.pdf
|
|
|
|
|
2022-10-11 - The Russian SpyAgent – a Decade Later and RAT Tools Remain at Risk.pdf
|
|
|
|
|
2022-10-11 - Tracking down Maggie.pdf
|
|
|
|
|
2022-10-12 - Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike.pdf
|
|
|
|
|
2022-10-12 - Dissecting the new shellcode-based variant of GuLoader (CloudEyE).pdf
|
|
|
|
|
2022-10-12 - IcedID BackConnect Protocol.pdf
|
|
|
|
|
2022-10-12 - Lazarus Group Uses the DLL Side-Loading Technique (mi.dll).pdf
|
|
|
|
|
2022-10-12 - TOAD attacks- Vishing combined with Android banking malware now targeting Italian banks.pdf
|
|
|
|
|
2022-10-12 - WIP19 Espionage - New Chinese APT Targets IT Service Providers and Telcos With Signed Malware.pdf
|
|
|
|
|
2022-10-13 - BianLian Ransomware Encrypts Files in the Blink of an Eye.pdf
|
|
|
|
|
2022-10-13 - Magniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates.pdf
|
|
|
|
|
2022-10-13 - QAKBOT BB Configuration and C2 IPs List.pdf
|
|
|
|
|
2022-10-13 - Ransomware Roundup- Royal Ransomware.pdf
|
|
|
|
|
2022-10-13 - Trend Micro warns of actively exploited Apex One RCE vulnerability (CVE-2022-40139).pdf
|
|
|
|
|
2022-10-14 - New “Prestige” ransomware impacts organizations in Ukraine and Poland.pdf
|
|
|
|
|
2022-10-14 - Technical Analysis of BlueSky Ransomware.pdf
|
|
|
|
|
2022-10-17 - China’s surveillance ecosystem and the global spread of its tools.pdf
|
|
|
|
|
2022-10-17 - DiceyF deploys GamePlayerFramework in online casino development studio.pdf
|
|
|
|
|
2022-10-17 - I Don’t Like Big Gateways (and I Cannot Lie) - How IP Reputation Gets Large Gateways Wrong.pdf
|
|
|
|
|
2022-10-17 - Stack String Decryption with Ghidra Emulator (Orchard).pdf
|
|
|
|
|
2022-10-18 - APT27 – One Year To Exfiltrate Them All- Intrusion In-Depth Analysis.pdf
|
|
|
|
|
2022-10-18 - Hunting Lockbit Variation.pdf
|
|
|
|
|
2022-10-19 - From RM3 to LDR4- URSNIF Leaves Banking Fraud Behind.pdf
|
|
|
|
|
2022-10-20 - Hacking group updates Furball Android spyware to evade detection.pdf
|
|
|
|
|
2022-10-20 - Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability.pdf
|
|
|
|
|
2022-10-20 - New Temp Stealer Spreading Via Free & Cracked Software.pdf
|
|
|
|
|
2022-10-21 - Alert (AA22-294A) #StopRansomware- Daixin Team.pdf
|
|
|
|
|
2022-10-21 - Alert (AA22-294A) StopRansomware- Daixin Team.pdf
|
|
|
|
|
2022-10-21 - Exbyte- BlackByte Ransomware Attackers Deploy New Exfiltration Tool.pdf
|
|
|
|
|
2022-10-21 - WarHawk- the New Backdoor in the Arsenal of the SideWinder APT Group.pdf
|
|
|
|
|
2022-10-23 - Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries.pdf
|
|
|
|
|
2022-10-24 - Chapter 1 — From Gozi to ISFB- The history of a mythical malware family..pdf
|
|
|
|
|
2022-10-24 - Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique.pdf
|
|
|
|
|
2022-10-24 - Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware.pdf
|
|
|
|
|
2022-10-25 - Brute Ratel Config Decoding update.pdf
|
|
|
|
|
2022-10-25 - DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector.pdf
|
|
|
|
|
2022-10-25 - Newly Unsealed Indictment Charges Ukrainian National with International Cybercrime Operation.pdf
|
|
|
|
|
2022-10-26 - CrowdStrike Identifies New Kiss-a-Dog Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Infrastructure.pdf
|
|
|
|
|
2022-10-26 - Pro-Kremlin Hacktivist Groups Seeking Impact By Courting Notoriety.pdf
|
|
|
|
|
2022-10-26 - Pro-PRC DRAGONBRIDGE Influence Campaign Leverages New TTPs to Aggressively Target U.S. Interests, Including Midterm Elections.pdf
|
|
|
|
|
2022-10-27 - Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets.pdf
|
|
|
|
|
2022-10-27 - Microsoft links Raspberry Robin worm to Clop ransomware attacks.pdf
|
|
|
|
|
2022-10-27 - Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity.pdf
|
|
|
|
|
2022-10-27 - STRRAT- Malware Analysis of a JAR archive.pdf
|
|
|
|
|
2022-10-28 - APT techniques- Token theft via UpdateProcThreadAttribute. Simple Cplusplus example..pdf
|
|
|
|
|
2022-10-28 - EMOTET dynamic config extraction.pdf
|
|
|
|
|
2022-10-28 - Malware wars- the attack of the droppers.pdf
|
|
|
|
|
2022-10-28 - Windows.Carving.SystemBC - SystemBC RAT configuration Purser for Velociraptor.pdf
|
|
|
|
|
2022-10-31 - A Technical Analysis of Pegasus for Android - Part 3.pdf
|
|
|
|
|
2022-10-31 - APT10- Tracking down LODEINFO 2022, part I.pdf
|
|
|
|
|
2022-10-31 - APT10- Tracking down LODEINFO 2022, part II.pdf
|
|
|
|
|
2022-10-31 - Banking Trojan Techniques- How Financially Motivated Malware Became Infrastructure.pdf
|
|
|
|
|
2022-10-31 - ICEDIDs network infrastructure is alive and well.pdf
|
|
|
|
|
2022-10-31 - Mondelez and Zurich reach settlement in NotPetya cyberattack insurance suit.pdf
|
|
|
|
|
2022-10-31 - Orion Threat Alert- Qakbot TTPs Arsenal and the Black Basta Ransomware.pdf
|
|
|
|
|
2022-10-31 - QakBot CCs prioritization and new record types.pdf
|
|
|
|
|
2022-11-01 - NCSC Annual Review 2022.pdf
|
|
|
|
|
2022-11-02 - Appleseed Being Distributed to Nuclear Power Plant-Related Companies.pdf
|
|
|
|
|
2022-11-02 - BlueFox Stealer- a newcomer designed for traffers teams.pdf
|
|
|
|
|
2022-11-02 - Could Threat Actors Be Downgrading Their Malware to Evade Detection-.pdf
|
|
|
|
|
2022-11-02 - New Laplas Clipper Distributed via SmokeLoader.pdf
|
|
|
|
|
2022-11-02 - RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom.pdf
|
|
|
|
|
2022-11-03 - APT-36 Uses New TTPs and New Tools to Target Indian Governmental Organizations.pdf
|
|
|
|
|
2022-11-03 - Black Basta Ransomware - Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor.pdf
|
|
|
|
|
2022-11-03 - Cobalt Strike Analysis and Tutorial- Identifying Beacon Team Servers in the Wild.pdf
|
|
|
|
|
2022-11-03 - Family Tree- DLL-Sideloading Cases May Be Related.pdf
|
|
|
|
|
2022-11-03 - GCTI Open Source Detection Signatures.pdf
|
|
|
|
|
2022-11-03 - P2P Botnets- Review - Status - Continuous Monitoring.pdf
|
|
|
|
|
2022-11-03 - Robin Banks still might be robbing your bank (part 2).pdf
|
|
|
|
|
2022-11-03 - What is Orcus RAT- Technical Analysis and Malware Configuration.pdf
|
|
|
|
|
2022-11-04 - Behinder Mem Shell.pdf
|
|
|
|
|
2022-11-04 - Malaysian online stock brokerage firm victim of cyberattack.pdf
|
|
|
|
|
2022-11-04 - The Android Malware’s Journey- From Google Play to banking fraud.pdf
|
|
|
|
|
2022-11-05 - Malware analysis- part 6. Shannon entropy. Simple python script..pdf
|
|
|
|
|
2022-11-06 - Analysis Of Netwire RAT.pdf
|
|
|
|
|
2022-11-07 - Arkei Staler Analysis.pdf
|
|
|
|
|
2022-11-07 - Inside the Yanluowang Leak- Organization, Members, and Tactics.pdf
|
|
|
|
|
2022-11-07 - Massive Phishing Campaigns Target India Banks’ Clients.pdf
|
|
|
|
|
2022-11-07 - SocGholish Diversifies and Expands Its Malware Staging Infrastructure to Counter Defenders.pdf
|
|
|
|
|
2022-11-08 - DeimosC2- What SOC Analysts and Incident Responders Need to Know About This C&C Framework.pdf
|
|
|
|
|
2022-11-08 - LockBit 3.0 Being Distributed via Amadey Bot.pdf
|
|
|
|
|
2022-11-08 - Massive YouTube Campaign Targeting Over 100 Applications To Deliver Info Stealer.pdf
|
|
|
|
|
2022-11-08 - ShortAndMalicious- StrelaStealer aims for mail credentials.pdf
|
|
|
|
|
2022-11-09 - BlackCat Ransomware- Tactics and Techniques From a Targeted Attack.pdf
|
|
|
|
|
2022-11-09 - Hack the Real Box- APT41’s New Subgroup Earth Longzhi.pdf
|
|
|
|
|
2022-11-09 - Ransomware-as-a-Service Transforms Gangs Into Businesses.pdf
|
|
|
|
|
2022-11-09 - Threat Spotlight- Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns.pdf
|
|
|
|
|
2022-11-10 - How LNK Files Are Abused by Threat Actors.pdf
|
|
|
|
|
2022-11-10 - Penetration and Distribution Method of Gwisin Attacker.pdf
|
|
|
|
|
2022-11-10 - Ransomware Roundup- New Inlock and Xorist Variants.pdf
|
|
|
|
|
2022-11-10 - Rise of Banking Trojan Dropper in Google Play.pdf
|
|
|
|
|
2022-11-11 - GraceWire - FlawedGrace malware adventure.pdf
|
|
|
|
|
2022-11-11 - Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web).pdf
|
|
|
|
|
2022-11-14 - Operation (Đường chín đoạn) typhoon- the cyber sea lotus coveting the nine-dash line in the South China Sea.pdf
|
|
|
|
|
2022-11-15 - Billbug- State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries.pdf
|
|
|
|
|
2022-11-15 - Cybercrime is more of a threat than nation-state hackers.pdf
|
|
|
|
|
2022-11-15 - DTrack activity targeting Europe and Latin America.pdf
|
|
|
|
|
2022-11-15 - New RapperBot Campaign – We Know What You Bruting for this Time.pdf
|
|
|
|
|
2022-11-15 - North Korean hackers targeted Ukraine as it fought off Russia’s invasion- Report.pdf
|
|
|
|
|
2022-11-15 - Somnia Malware Detection- UAC-0118 aka FRwL Launches Cyber Attacks Against Organizations in Ukraine Using Enhanced Malware Strains.pdf
|
|
|
|
|
2022-11-15 - Top Zeus Botnet Suspect “Tank” Arrested in Geneva.pdf
|
|
|
|
|
2022-11-15 - Wipermania- An All You Can Wipe Buffet.pdf
|
|
|
|
|
2022-11-16 - A Comprehensive Look at Emotet Virus’ Fall 2022 Return.pdf
|
|
|
|
|
2022-11-16 - HZ RAT goes China.pdf
|
|
|
|
|
2022-11-16 - Inside the Mind of a ‘Rat’ - Agent Tesla Detection and Analysis.pdf
|
|
|
|
|
2022-11-16 - Malware development- persistence - part 19. Disk Cleanup Utility. Simple Cplusplus example..pdf
|
|
|
|
|
2022-11-16 - Writing Tiny, Stealthy & Reliable Malware.pdf
|
|
|
|
|
2022-11-17 - China-based Mustang Panda is a targeted attack with malware -Claimloader-, may affect Japan.pdf
|
|
|
|
|
2022-11-17 - DEV-0569 finds new ways to deliver Royal ransomware, various payloads.pdf
|
|
|
|
|
2022-11-17 - Get a Loda This- LodaRAT meets new friends.pdf
|
|
|
|
|
2022-11-17 - KromSec outs AnonOpsSE as Iranian regime – Makes statement.pdf
|
|
|
|
|
2022-11-17 - Reconstructing the last activities of Royal Ransomware.pdf
|
|
|
|
|
2022-11-17 - Trellix Insights- SmokeLoader Exploits Old Vulnerabilities to Drop zgRAT.pdf
|
|
|
|
|
2022-11-18 - An AI Based Solution to Detecting the DoubleZero .NET Wiper.pdf
|
|
|
|
|
2022-11-18 - AXLocker, Octocrypt, and Alice- Leading a new wave of Ransomware Campaigns.pdf
|
|
|
|
|
2022-11-18 - Earth Preta Spear-Phishing Governments Worldwide.pdf
|
|
|
|
|
2022-11-18 - GRU 26165- The Russian cyber unit that hacks targets on-site.pdf
|
|
|
|
|
2022-11-19 - Malicious Packer pkr_ce1a.pdf
|
|
|
|
|
2022-11-21 - Aurora- a rising stealer flying under the radar.pdf
|
|
|
|
|
2022-11-21 - Black Friday Alert- 4 Emerging Skimming Attacks to Watch for This Holiday Season.pdf
|
|
|
|
|
2022-11-21 - Gamaredon Leverages Microsoft Office Docs to Target Ukraine Government and Military.pdf
|
|
|
|
|
2022-11-21 - Is Hagga Threat Actor Abusing FSociety Framework -.pdf
|
|
|
|
|
2022-11-21 - Risky Biz News- Cyber Partisans hack and disrupt Kremlin censor.pdf
|
|
|
|
|
2022-11-21 - Threat Assessment- Luna Moth Callback Phishing Campaign.pdf
|
|
|
|
|
2022-11-21 - Tofsee String Decryption Code.pdf
|
|
|
|
|
2022-11-21 - ViperSoftX- Hiding in System Logs and Spreading VenomSoftX.pdf
|
|
|
|
|
2022-11-21 - X-Ray of Malware Evasion Techniques - Analysis, Dissection, Cure-.pdf
|
|
|
|
|
2022-11-22 - Nighthawk- An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice.pdf
|
|
|
|
|
2022-11-22 - Phishing and Android Malware Campaign Targets Indian Banks.pdf
|
|
|
|
|
2022-11-22 - RansomExx upgrades to rust.pdf
|
|
|
|
|
2022-11-22 - The Yanluowang ransomware group in their own words.pdf
|
|
|
|
|
2022-11-23 - Bahamut cybermercenary group targets Android users with fake VPN apps.pdf
|
|
|
|
|
2022-11-23 - Detailing Daily Domain Hunting.pdf
|
|
|
|
|
2022-11-23 - THREAT ALERT- Aggressive Qakbot Campaign and the Black Basta Ransomware Group Targeting U.S. Companies.pdf
|
|
|
|
|
2022-11-25 - -In The Box- - Mobile Malware Webinjects Marketplace.pdf
|
|
|
|
|
2022-11-25 - Analysis of APT-C-60 Attack on South Korea.pdf
|
|
|
|
|
2022-11-25 - Python script to decode NightHawk strings.pdf
|
|
|
|
|
2022-11-25 - Russian hackers targeting Dutch gas terminal.pdf
|
|
|
|
|
2022-11-26 - Detecting and Fingerprinting Infostealer Malware-as-a-Service platforms.pdf
|
|
|
|
|
2022-11-27 - Big Socks to Fill- Tracking the Next 911RE.pdf
|
|
|
|
|
2022-11-28 - Always Another Secret- Lifting the Haze on China-nexus Espionage in Southeast Asia.pdf
|
|
|
|
|
2022-11-28 - Emotet Strikes Again – LNK File Leads to Domain Wide Ransomware.pdf
|
|
|
|
|
2022-11-28 - HiveV5 file decryptor PoC.pdf
|
|
|
|
|
2022-11-29 - CargoBay BlackHat Backdoor Analysis Report (IRIS-14738).pdf
|
|
|
|
|
2022-11-29 - Job hunting trap- Analysis of Lazarus attack activities using recruitment information such as Mizuho Bank of Japan as bait.pdf
|
|
|
|
|
2022-11-29 - Suspected Iran-Nexus TAG-56 Uses UAE Forum Lure for Credential Theft Against US Think Tank.pdf
|
|
|
|
|
2022-11-29 - Suspected Russian Activity Targeting Government and Business Entities Around the Globe.pdf
|
|
|
|
|
2022-11-30 - Analysis of APT29's attack activities against Italy.pdf
|
|
|
|
|
2022-11-30 - Evolution of the PlugX loader.pdf
|
|
|
|
|
2022-11-30 - Identifying and Defending Against QakBot's Evolving TTPs.pdf
|
|
|
|
|
2022-11-30 - LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling.pdf
|
|
|
|
|
2022-11-30 - Malware with Sandbox Evasion Techniques Observed Stealing Browser Cached Credentials.pdf
|
|
|
|
|
2022-11-30 - RansomEXX Ransomware- In-Depth Analysis, Detection, and Mitigation.pdf
|
|
|
|
|
2022-11-30 - Unpacking Colibri Loader- A Russian APT linked Campaign.pdf
|
|
|
|
|
2022-11-30 - Who’s swimming in South Korean waters- Meet ScarCruft’s Dolphin.pdf
|
|
|
|
|
2022-12-01 - Back in Black... Basta - Technical Analysis of BlackBasta Ransomware 2.0.pdf
|
|
|
|
|
2022-12-01 - From Macros to No Macros- Continuous Malware Improvements by QakBot.pdf
|
|
|
|
|
2022-12-01 - Malware Analysis and Triage Report - PirateStealer - Discord_beta.exe.pdf
|
|
|
|
|
2022-12-01 - The Mystery of Metador - Unpicking Mafalda’s Anti-Analysis Techniques.pdf
|
|
|
|
|
2022-12-01 - Новый троянец CryWiper прикидывается шифровальщиком.pdf
|
|
|
|
|
2022-12-02 - Blowing Cobalt Strike Out of the Water With Memory Analysis.pdf
|
|
|
|
|
2022-12-02 - Hitching a ride with Mustang Panda.pdf
|
|
|
|
|
2022-12-02 - KoiVM Loader Resurfaces With a Bang.pdf
|
|
|
|
|
2022-12-02 - Not a SIMulation- CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies.pdf
|
|
|
|
|
2022-12-02 - The Refinery Files 0x06- Qakbot Decoder.pdf
|
|
|
|
|
2022-12-03 - Nighthawk DLL Payload Configuration Parser.pdf
|
|
|
|
|
2022-12-03 - Preparing for a Russian cyber offensive against Ukraine this winter.pdf
|
|
|
|
|
2022-12-05 - Blue Callisto orbits around US Laboratories in 2022.pdf
|
|
|
|
|
2022-12-05 - Calisto show interests into entities involved in Ukraine war support.pdf
|
|
|
|
|
2022-12-05 - Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations.pdf
|
|
|
|
|
2022-12-05 - Iran- State-Backed Hacking of Activists, Journalists, Politicians.pdf
|
|
|
|
|
2022-12-05 - Popularity spikes for information stealer malware on the dark web.pdf
|
|
|
|
|
2022-12-05 - Threat Analysis- MSI - Masquerading as a Software Installer.pdf
|
|
|
|
|
2022-12-05 - TTPs 9- Analyzing the attack strategy monitoring the daily life of individuals.pdf
|
|
|
|
|
2022-12-05 - TTPs#9- Analyzing the attack strategy monitoring the daily life of individuals.pdf
|
|
|
|
|
2022-12-06 - Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism.pdf
|
|
|
|
|
2022-12-06 - AndroxGh0st – the python malware exploiting your AWS keys.pdf
|
|
|
|
|
2022-12-06 - Cova and Nosu- a new loader spreads a new stealer.pdf
|
|
|
|
|
2022-12-06 - Deep Dive Into a BackdoorDiplomacy Attack – A Study of an Attacker’s Toolkit.pdf
|
|
|
|
|
2022-12-06 - Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets.pdf
|
|
|
|
|
2022-12-06 - Technical Analysis of DanaBot Obfuscation Techniques.pdf
|
|
|
|
|
2022-12-07 - A Closer Look At BlackMagic Ransomware.pdf
|
|
|
|
|
2022-12-07 - An upsurge of new Android Banking Trojan “Zanubis”.pdf
|
|
|
|
|
2022-12-07 - Fantasy – a new Agrius wiper deployed through a supply‑chain attack.pdf
|
|
|
|
|
2022-12-07 - Internet Explorer 0-day exploited by North Korean actor APT37.pdf
|
|
|
|
|
2022-12-07 - New Babuk Ransomware Found in Major Attack.pdf
|
|
|
|
|
2022-12-07 - Russian Threat Actor Impersonates Aerospace and Defense Companies.pdf
|
|
|
|
|
2022-12-08 - Breaking the silence - Recent Truebot activity.pdf
|
|
|
|
|
2022-12-08 - Compromised Cloud Compute Credentials- Case Studies From the Wild.pdf
|
|
|
|
|
2022-12-08 - DeathStalker targets legal entities with new Janicab variant.pdf
|
|
|
|
|
2022-12-08 - Iranian Exploitation Activities Continue as of November 2022.pdf
|
|
|
|
|
2022-12-08 - Mallox Ransomware showing signs of Increased Activity.pdf
|
|
|
|
|
2022-12-08 - New MuddyWater Threat- Old Kitten; New Tricks.pdf
|
|
|
|
|
2022-12-08 - Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants.pdf
|
|
|
|
|
2022-12-08 - Trojanized OneNote Document Leads to Formbook Malware.pdf
|
|
|
|
|
2022-12-08 - Zombinder- new obfuscation service used by Ermac, now distributed next to desktop stealers.pdf
|
|
|
|
|
2022-12-09 - APT Cloud Atlas- Unbroken Threat.pdf
|
|
|
|
|
2022-12-09 - Drokbk Malware Uses GitHub as Dead Drop Resolver.pdf
|
|
|
|
|
2022-12-09 - Malware development- persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example..pdf
|
|
|
|
|
2022-12-09 - Malware development- persistence - part 20. UserInitMprLogonScript (Logon Script). Simple CPlusPlus example..pdf
|
|
|
|
|
2022-12-12 - Dark Web Profile- APT42 – Iranian Cyber Espionage Group.pdf
|
|
|
|
|
2022-12-12 - Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT.pdf
|
|
|
|
|
2022-12-12 - North Korean cyber spies deploy new tactic- tricking foreign experts into writing research for them.pdf
|
|
|
|
|
2022-12-12 - Precious Gemstones- The New Generation of Kerberos Attacks.pdf
|
|
|
|
|
2022-12-12 - Pulling the Curtains on Azov Ransomware- Not a Skidsware but Polymorphic Wiper.pdf
|
|
|
|
|
2022-12-12 - YARA rule for Vohuk ransomware.pdf
|
|
|
|
|
2022-12-13 - Analyzing Russian SDK Pushwoosh and Russian Code Contributions.pdf
|
|
|
|
|
2022-12-13 - Everything You Need to Know about Royal Ransomware.pdf
|
|
|
|
|
2022-12-13 - I Solemnly Swear My Driver Is Up to No Good- Hunting for Attestation Signed Malware.pdf
|
|
|
|
|
2022-12-13 - Signed driver malware moves up the software trust chain.pdf
|
|
|
|
|
2022-12-13 - Threat Actors use Google Ads to Deploy VIDAR Stealer.pdf
|
|
|
|
|
2022-12-14 - 50 Domains Worth Blocking- The Evolution of ViperSoftX's Underreported DGA.pdf
|
|
|
|
|
2022-12-14 - Reassessing cyberwarfare. Lessons learned in 2022.pdf
|
|
|
|
|
2022-12-14 - Royal Rumble- Analysis of Royal Ransomware.pdf
|
|
|
|
|
2022-12-14 - Unmasking MirrorFace- Operation LiberalFace targeting Japanese political entities.pdf
|
|
|
|
|
2022-12-15 - BrasDex- A new Brazilian ATS Android Banker with ties to Desktop malware.pdf
|
|
|
|
|
2022-12-15 - Google ads lead to fake software pages pushing IcedID (Bokbot).pdf
|
|
|
|
|
2022-12-15 - Tracking Malicious Glupteba Activity Through the Blockchain.pdf
|
|
|
|
|
2022-12-15 - Trojanized Windows 10 Operating System Installers Targeted Ukrainian Government.pdf
|
|
|
|
|
2022-12-16 - Agenda Ransomware Uses Rust to Target More Vital Industries.pdf
|
|
|
|
|
2022-12-16 - Dark Web Profile- Killnet – Russian Hacktivist Group.pdf
|
|
|
|
|
2022-12-16 - Russia’s Wartime Cyber Operations in Ukraine- Military Impacts, Influences, and Implications.pdf
|
|
|
|
|
2022-12-16 - SCL -1- The Dangerous Side Of Safe Senders.pdf
|
|
|
|
|
2022-12-16 - SiestaGraph- New implant uncovered in ASEAN member foreign ministry.pdf
|
|
|
|
|
2022-12-16 - The DPRK delicate sound of cyber.pdf
|
|
|
|
|
2022-12-17 - [QuickNote] VidarStealer Analysis.pdf
|
|
|
|
|
2022-12-18 - Infostealer Malware with Double Extension.pdf
|
|
|
|
|
2022-12-19 - [Z2A]Bimonthly malware challege – Emotet (Back From the Dead).pdf
|
|
|
|
|
2022-12-19 - Malware Analysis- GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy.pdf
|
|
|
|
|
2022-12-19 - Ukraine's DELTA military system users targeted by info-stealing malware.pdf
|
|
|
|
|
2022-12-20 - Lazarus APT’s Operation Interception Uses Signed Binary.pdf
|
|
|
|
|
2022-12-20 - Nokoyawa Ransomware- Rust or Bust.pdf
|
|
|
|
|
2022-12-20 - Raspberry Robin Malware Targets Telecom, Governments.pdf
|
|
|
|
|
2022-12-20 - Russian hackers targeted petroleum refining company in NATO state.pdf
|
|
|
|
|
2022-12-20 - Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine.pdf
|
|
|
|
|
2022-12-21 - Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks.pdf
|
|
|
|
|
2022-12-21 - Godfather- A banking Trojan that is impossible to refuse.pdf
|
|
|
|
|
2022-12-21 - Inside the IcedID BackConnect Protocol.pdf
|
|
|
|
|
2022-12-21 - Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT.pdf
|
|
|
|
|
2022-12-21 - Microsoft research uncovers new Zerobot capabilities.pdf
|
|
|
|
|
2022-12-22 - Custom-Branded Ransomware- The Vice Society Group and the Threat of Outsourced Development.pdf
|
|
|
|
|
2022-12-22 - New RisePro Stealer distributed by the prominent PrivateLoader.pdf
|
|
|
|
|
2022-12-22 - Nitol DDoS Malware Installing Amadey Bot.pdf
|
|
|
|
|
2022-12-22 - Qakbot Being Distributed via Virtual Disk Files (.vhd).pdf
|
|
|
|
|
2022-12-22 - Ransomware Roundup – Play Ransomware.pdf
|
|
|
|
|
2022-12-23 - IcedID Botnet Distributors Abuse Google PPC to Distribute Malware.pdf
|
|
|
|
|
2022-12-24 - njRAT malware spreading through Discord CDN and Facebook Ads.pdf
|
|
|
|
|
2022-12-25 - Detect Nokoyawa ransomware With YARA Rule.pdf
|
|
|
|
|
2022-12-27 - BlueNoroff introduces new methods bypassing MoTW.pdf
|
|
|
|
|
2022-12-27 - Diving into a PlugX sample of Mustang Panda group.pdf
|
|
|
|
|
2022-12-27 - Navigating the Vast Ocean of Sandbox Evasions.pdf
|
|
|
|
|
2022-12-27 - Pure coder offers multiple malware for sale in Darkweb forums.pdf
|
|
|
|
|
2022-12-28 - Analysis of Cyber Attacks by APT Organization Confucius Against IBO Anti-Terrorism Operations in Pakistan.pdf
|
|
|
|
|
2022-12-28 - HTML Smuggling Detection.pdf
|
|
|
|
|
2022-12-28 - PLAYing the game.pdf
|
|
|
|
|
2022-12-28 - The Underground Economist- Volume 2, Issue 24.pdf
|
|
|
|
|
2022-12-29 - Mars Stealer Analysis.pdf
|
|
|
|
|
2022-12-29 - New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection.pdf
|
|
|
|
|
2022-12-29 - This app will self-destruct- How Belarusian hackers created an alternative Telegram for activists.pdf
|
|
|
|
|
2022-12-30 - A Quick Look at ELF Bifrose (Part 1).pdf
|
|
|
|
|
2022-12-30 - Cyber Threat Report- RambleOn Android Malware - Detailed analysis report of cyber threat targeting journalist in South Korea through APT phishing campaign with malicious APK.pdf
|
|
|
|
|
2022-12-30 - Russian cyberattacks.pdf
|
|
|
|
|
2022-12-31 - Analyzing a VIDAR Infostealer Sample.pdf
|
|
|
|