|
Up
|
|
|
|
|
2024-01-01 - Russian Language Cybercriminal Forums - An Excursion Into The Core Of The Underground Ecosystem..pdf
|
|
|
|
|
2024-01-01 - The CrowdStrike Global Threat Report.pdf
|
|
|
|
|
2024-01-02 - Critical Infrastructure Remains the Brass Ring for Cyber Attackers in 2024.pdf
|
|
|
|
|
2024-01-02 - Iranian Food Delivery Giant Snappfood Cyber Attack- 3TB of Data Stolen.pdf
|
|
|
|
|
2024-01-03 - Ukraine Targeted by UAC-0050 Using Remcos RAT Pipe Method for Evasion.pdf
|
|
|
|
|
2024-01-04 - Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware.pdf
|
|
|
|
|
2024-01-04 - Hunting for Cobalt Strike in PCAP.pdf
|
|
|
|
|
2024-01-04 - Pilfered Data From Iranian Insurance and Food Delivery Firms Leaked Online.pdf
|
|
|
|
|
2024-01-04 - Qakbot Returns.pdf
|
|
|
|
|
2024-01-05 - AsyncRAT loader- Obfuscation, DGAs, decoys and Govno.pdf
|
|
|
|
|
2024-01-05 - DarkGate from AutoIT to Shellcode Execution.pdf
|
|
|
|
|
2024-01-05 - Tomb Crypter and ChrGetPdsi Stealer Analysis Report (INT00011701).pdf
|
|
|
|
|
2024-01-05 - Turkish espionage campaigns in the Netherlands.pdf
|
|
|
|
|
2024-01-06 - [QuickNote] Technical Analysis of recent Pikabot Core Module.pdf
|
|
|
|
|
2024-01-06 - Understanding Internals of SmokeLoader.pdf
|
|
|
|
|
2024-01-07 - INC Linux Ransomware - Sandboxing with ELFEN and Analysis.pdf
|
|
|
|
|
2024-01-07 - VirusTotal page for a sample of LoupeLoader.pdf
|
|
|
|
|
2024-01-08 - Deceptive Cracked Software Spreads Lumma Variant on YouTube.pdf
|
|
|
|
|
2024-01-09 - Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police.pdf
|
|
|
|
|
2024-01-09 - Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign.pdf
|
|
|
|
|
2024-01-09 - Data Insights on AgentTesla and OriginLogger Victims.pdf
|
|
|
|
|
2024-01-09 - IcedID – Technical Malware Analysis [Second Stage].pdf
|
|
|
|
|
2024-01-09 - New RE TURGENCE Attack Campaign- Turkish Hackers Target MSSQL Servers to Deliver Domain-Wide MIMIC Ransomware.pdf
|
|
|
|
|
2024-01-10 - Analysis of an Info Stealer — Chapter 2- The iOS App.pdf
|
|
|
|
|
2024-01-10 - Analyzing APT28’s OCEANMAP Backdoor & Exploring its C2 Server Artifacts.pdf
|
|
|
|
|
2024-01-10 - Atomic Stealer rings in the new year with updated version.pdf
|
|
|
|
|
2024-01-11 - Clearing the Fog of War – A critical analysis of recent energy sector cyberattacks in Denmark and Ukraine.pdf
|
|
|
|
|
2024-01-11 - Volt Typhoon Compromises 30 Percent of Cisco RV320-325 Devices in 37 Days.pdf
|
|
|
|
|
2024-01-12 - Cutting Edge- Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation.pdf
|
|
|
|
|
2024-01-12 - CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign.pdf
|
|
|
|
|
2024-01-12 - Sneaky Azorult Back in Action and Goes Undetected.pdf
|
|
|
|
|
2024-01-15 - A Victim of Mallox Ransomware- How Truesec CSIRT Fought Back.pdf
|
|
|
|
|
2024-01-15 - An Introduction to Reverse Engineering .NET AOT Applications.pdf
|
|
|
|
|
2024-01-15 - From Russia With Code- Disarming Atomic Stealer.pdf
|
|
|
|
|
2024-01-15 - Hunting AsyncRAT & QuasarRAT.pdf
|
|
|
|
|
2024-01-15 - NoaBot Botnet - Sandboxing with ELFEN and Analysis.pdf
|
|
|
|
|
2024-01-16 - Detailed Analysis of DarkGate; Investigating new top-trend backdoor malware.pdf
|
|
|
|
|
2024-01-16 - Keyhole Analysis.pdf
|
|
|
|
|
2024-01-16 - P2PInfect Worm Evolves to Target a New Platform.pdf
|
|
|
|
|
2024-01-17 - Enter The Gates- An Analysis of the DarkGate AutoIt Loader.pdf
|
|
|
|
|
2024-01-17 - Nearly 7K WordPress Sites Compromised by Balada Injector.pdf
|
|
|
|
|
2024-01-17 - New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs.pdf
|
|
|
|
|
2024-01-17 - Whispers of Atlantida- Safeguarding Your Digital Treasure.pdf
|
|
|
|
|
2024-01-18 - Chae$ Chronicles- Version 4.1 Dedicated to Morphisec Researchers.pdf
|
|
|
|
|
2024-01-18 - Detect Mortis Locker Ransomware with YARA.pdf
|
|
|
|
|
2024-01-18 - Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware.pdf
|
|
|
|
|
2024-01-19 - Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021.pdf
|
|
|
|
|
2024-01-19 - npm Package Found Delivering Sophisticated RAT.pdf
|
|
|
|
|
2024-01-19 - Parrot TDS- A Persistent and Evolving Malware Campaign.pdf
|
|
|
|
|
2024-01-19 - Zloader- No Longer Silent in the Night.pdf
|
|
|
|
|
2024-01-21 - A Look into PlugX Kernel driver.pdf
|
|
|
|
|
2024-01-22 - Cactus Ransomware.pdf
|
|
|
|
|
2024-01-22 - Pikabot distirbution methods and capabilities.pdf
|
|
|
|
|
2024-01-22 - ScarCruft - Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals.pdf
|
|
|
|
|
2024-01-23 - CherryLoader- A New Go-based Loader Discovered in Recent Intrusions.pdf
|
|
|
|
|
2024-01-23 - Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver.pdf
|
|
|
|
|
2024-01-23 - NetSupport RAT hits again with new IOCs.pdf
|
|
|
|
|
2024-01-23 - Stately Taurus Targets Myanmar Amidst Concerns over Military Junta’s Handling of Rebel Attacks.pdf
|
|
|
|
|
2024-01-24 - Layers of Deception- Analyzing the Complex Stages of XLoader 4.3 Malware Evolution.pdf
|
|
|
|
|
2024-01-24 - The Endless Struggle Against APT10- Insights from LODEINFO v0.6.6 - v0.7.3 Analysis.pdf
|
|
|
|
|
2024-01-25 - Broomstick Analysis Report (IRIS-17079).pdf
|
|
|
|
|
2024-01-25 - Midnight Blizzard- Guidance for responders on nation-state attack.pdf
|
|
|
|
|
2024-01-25 - NSPX30- A sophisticated AitM-enabled implant evolving since 2005.pdf
|
|
|
|
|
2024-01-26 - Russian APT Operation- Star Blizzard.pdf
|
|
|
|
|
2024-01-26 - The life and times of Cozy Bear, the Russian hackers who just hit Microsoft and HPE.pdf
|
|
|
|
|
2024-01-29 - Blackwood APT Group Has a New DLL Loader.pdf
|
|
|
|
|
2024-01-29 - Compromised Routers Are Still Leveraged as Malicious Infrastructure to Target Government Organizations in Europe and the Caucasus.pdf
|
|
|
|
|
2024-01-29 - HeadCrab 2.0- Evolving Threat in Redis Malware Landscape.pdf
|
|
|
|
|
2024-01-29 - KrustyLoader - Rust malware linked to Ivanti ConnectSecure compromises.pdf
|
|
|
|
|
2024-01-30 - DarkGate malware delivered via Microsoft Teams - detection and response.pdf
|
|
|
|
|
2024-01-30 - Evolution of UNC4990- Uncovering USB Malware's Hidden Depths.pdf
|
|
|
|
|
2024-01-30 - JinxLoader samples on YARAify.pdf
|
|
|
|
|
2024-01-30 - Police disrupt Grandoreiro banking malware operation, make arrests.pdf
|
|
|
|
|
2024-01-30 - Python’s Byte- The Rise of Scripted Ransomware.pdf
|
|
|
|
|
2024-01-30 - Reporting on Volt Typhoon’s “JDY” Botnet Administration Via Tor Sparks Questions.pdf
|
|
|
|
|
2024-01-30 - The Bear and The Shell- New Campaign Against Russian Opposition.pdf
|
|
|
|
|
2024-01-30 - Trigona Ransomware Threat Actor Uses Mimic Ransomware.pdf
|
|
|
|
|
2024-01-31 - CrackedCantil- A Malware Symphony Breakdown.pdf
|
|
|
|
|
2024-01-31 - Pawn Storm Uses Brute Force and Stealth Against High-Value Targets.pdf
|
|
|
|
|
2024-01-31 - Technical analysis- The silent torrent of VileRAT.pdf
|
|
|
|
|
2024-01-31 - Tracking 15 Years of Qakbot Development.pdf
|
|
|
|
|
2024-01-31 - U.S. Government Disrupts Botnet People’s Republic of China Used to Conceal Hacking of Critical Infrastructure.pdf
|
|
|
|
|
2024-02-01 - Analysis and Detection of STEADYURSA Attack Campaign Targeting Ukraine Military Dropping New Covert SUBTLE-PAWS PowerShell Backdoor.pdf
|
|
|
|
|
2024-02-01 - ESET takes part in global operation to disrupt the Grandoreiro banking trojan.pdf
|
|
|
|
|
2024-02-01 - From the Depths - Analyzing the Cthulhu Stealer Malware for macOS.pdf
|
|
|
|
|
2024-02-01 - Installskey Rewind 2023.pdf
|
|
|
|
|
2024-02-01 - PurpleFox malware infects thousands of computers in Ukraine.pdf
|
|
|
|
|
2024-02-01 - T34loader payload URLs.pdf
|
|
|
|
|
2024-02-01 - The Accidental Malware Repository- Hunting & Collecting Malware Via Open Directories (Part 1).pdf
|
|
|
|
|
2024-02-02 - CrackedCantil Dropper Delivers Numerous Malware.pdf
|
|
|
|
|
2024-02-02 - FritzFrog Botnet Expands Attack Arsenal with Log4Shell Exploits.pdf
|
|
|
|
|
2024-02-02 - Practical FOFA Asset Expansion- APT-C-23 Android Malware.pdf
|
|
|
|
|
2024-02-02 - Proactive response- AnyDesk, any breach.pdf
|
|
|
|
|
2024-02-02 - WikiLoader -notepad- part 1 - Decrypting Shellcode.pdf
|
|
|
|
|
2024-02-03 - From Discussion Forums to Malware Mayhem- The Alarming Rise of Abuse on Google Groups and Usenet.pdf
|
|
|
|
|
2024-02-04 - CrackedCantil- A Malware Symphony Breakdown.pdf
|
|
|
|
|
2024-02-05 - How to remove CrackedCantil from the operating system.pdf
|
|
|
|
|
2024-02-06 - APT-K-47 Organization Launches Espionage Attacks Using a New Trojan Tool.pdf
|
|
|
|
|
2024-02-06 - Beware- Fake Facebook Job Ads Spreading 'Ov3r_Stealer' to Steal Crypto and Credentials.pdf
|
|
|
|
|
2024-02-06 - Unfolding Agent Tesla- The Art of Credentials Harvesting..pdf
|
|
|
|
|
2024-02-07 - HijackLoader Expands Techniques to Improve Defense Evasion.pdf
|
|
|
|
|
2024-02-07 - How to tell if your toothbrush is being used in a DDoS attack.pdf
|
|
|
|
|
2024-02-07 - Kimsuky disguised as a Korean company signed with a valid certificate to distribute Troll Stealer.pdf
|
|
|
|
|
2024-02-07 - KV-Botnet- Don’t call it a Comeback.pdf
|
|
|
|
|
2024-02-07 - MAR-10448362-1.v1 Volt Typhoon.pdf
|
|
|
|
|
2024-02-07 - PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure.pdf
|
|
|
|
|
2024-02-07 - Raspberry Robin Keeps Riding the Wave of Endless 1-Days.pdf
|
|
|
|
|
2024-02-08 - New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization.pdf
|
|
|
|
|
2024-02-08 - Unmasking-the-dot-stealer.pdf
|
|
|
|
|
2024-02-09 - A Beginners Guide to Tracking Malware Infrastructure.pdf
|
|
|
|
|
2024-02-09 - International Cybercrime Malware Service Dismantled by Federal Authorities- Key Malware Sales and Support Actors in Malta and Nigeria Charged in Federal Indictments.pdf
|
|
|
|
|
2024-02-09 - The Phoenix Rises Again.pdf
|
|
|
|
|
2024-02-11 - Analysing STOP Ransomware.pdf
|
|
|
|
|
2024-02-12 - Decryptor for Rhysida ransomware is available!.pdf
|
|
|
|
|
2024-02-12 - FBI seizes Warzone RAT infrastructure, arrests malware vendor.pdf
|
|
|
|
|
2024-02-12 - The (D)Evolution of Pikabot.pdf
|
|
|
|
|
2024-02-12 - WikiLoader -notepad- part 2 - bingmaps.dll & explorer.exe injection.pdf
|
|
|
|
|
2024-02-13 - A Deep Dive Into Malicious Direct Syscall Detection.pdf
|
|
|
|
|
2024-02-13 - Bumblebee Buzzes Back in Black.pdf
|
|
|
|
|
2024-02-13 - CharmingCypress- Innovating Persistence.pdf
|
|
|
|
|
2024-02-13 - Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day.pdf
|
|
|
|
|
2024-02-13 - What is Lumma Stealer-.pdf
|
|
|
|
|
2024-02-14 - My-Game Retired- Latest Changes to Gootloader.pdf
|
|
|
|
|
2024-02-14 - Zloader Strikes Back.pdf
|
|
|
|
|
2024-02-15 - Foreign National Pleads Guilty to Role in Cybercrime Schemes Involving Tens of Millions of Dollars in Losses.pdf
|
|
|
|
|
2024-02-15 - Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU).pdf
|
|
|
|
|
2024-02-15 - TinyTurla Next Generation - Turla APT spies on Polish NGOs.pdf
|
|
|
|
|
2024-02-15 - Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison.pdf
|
|
|
|
|
2024-02-16 - Malware Analysis — AgentTesla.pdf
|
|
|
|
|
2024-02-16 - Writing a Qakbot 5.0 config extractor with Malcat.pdf
|
|
|
|
|
2024-02-19 - A Technical Analysis of the BackMyData Ransomware Used to Attack Hospitals in Romania.pdf
|
|
|
|
|
2024-02-19 - Analysis of Nood RAT Used in Attacks Against Linux (Gh0st RAT’s Variant).pdf
|
|
|
|
|
2024-02-19 - Anatsa Trojan Returns- Targeting Europe and Expanding Its Reach.pdf
|
|
|
|
|
2024-02-19 - Pelmeni Wrapper- New Wrapper of Kazuar (Turla Backdoor).pdf
|
|
|
|
|
2024-02-20 - Earth Preta Campaign Uses DOPLUGS to Target Asia.pdf
|
|
|
|
|
2024-02-20 - International investigation disrupts the world’s most harmful cyber crime group.pdf
|
|
|
|
|
2024-02-20 - Understanding Macros in Malware- Types, Capabilities, Case Study.pdf
|
|
|
|
|
2024-02-21 - A stealthy threat uncovered- TeaBot on Google Play Store.pdf
|
|
|
|
|
2024-02-21 - Automating Qakbot Malware Analysis with Binary Ninja.pdf
|
|
|
|
|
2024-02-21 - Brussels spyware bombshell- Surveillance software found on officials’ phones.pdf
|
|
|
|
|
2024-02-21 - Malware Analysis — Remcos RAT.pdf
|
|
|
|
|
2024-02-21 - To Russia With Love- Assessing a KONNI-Backdoored Suspected Russian Consular Software Installer.pdf
|
|
|
|
|
2024-02-22 - 8220 Gang Cryptomining Campaign Targets Linux & Windows Platforms.pdf
|
|
|
|
|
2024-02-22 - CloudRouter- 911 Proxy Resurrected.pdf
|
|
|
|
|
2024-02-22 - Doppelgänger - Russia-Aligned Influence Operation Targets Germany.pdf
|
|
|
|
|
2024-02-22 - Malware Analysis - XWorm.pdf
|
|
|
|
|
2024-02-22 - Scattered Spider laying new eggs.pdf
|
|
|
|
|
2024-02-23 - PIKABOT, I choose you!.pdf
|
|
|
|
|
2024-02-26 - Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples.pdf
|
|
|
|
|
2024-02-26 - SEO Poisoning to Domain Control- The Gootloader Saga Continues.pdf
|
|
|
|
|
2024-02-26 - “Pantsless Data”- Decoding Chinese Cybercrime TTPs.pdf
|
|
|
|
|
2024-02-27 - European diplomats targeted by SPIKEDWINE with WINELOADER.pdf
|
|
|
|
|
2024-02-27 - Hunting PrivateLoader- The malware behind InstallsKey PPI service.pdf
|
|
|
|
|
2024-02-27 - Unveiling Phemedrone Stealer- Threat Analysis and Detections.pdf
|
|
|
|
|
2024-02-27 - When Stealers Converge- New Variant of Atomic Stealer in the Wild.pdf
|
|
|
|
|
2024-02-28 - Just Carry A Ladder- Why Your EDR Let Pikabot Jump Through.pdf
|
|
|
|
|
2024-02-29 - Dissecting DarkGate- Modular Malware Delivery and Persistence as a Service.pdf
|
|
|
|
|
2024-02-29 - Don't get BITTER about being targeted -- fight back with the help of the community..pdf
|
|
|
|
|
2024-02-29 - Same Same, but Different.pdf
|
|
|
|
|
2024-02-29 - The Anatomy of an ALPHA SPIDER Ransomware Attack.pdf
|
|
|
|
|
2024-03-01 - A Comprehensive Analysis of i-SOON’s Commercial Offering.pdf
|
|
|
|
|
2024-03-01 - APT37's ROKRAT HWP Object Linking and Embedding.pdf
|
|
|
|
|
2024-03-01 - Malware Analysis - Cobalt Strike.pdf
|
|
|
|
|
2024-03-01 - NoName057(16)’s DDoSia project- 2024 updates and behavioural shifts.pdf
|
|
|
|
|
2024-03-01 - Taking a deep dive into SmokeLoader.pdf
|
|
|
|
|
2024-03-04 - Inside DarkGate- Exploring the infection chain and capabilities.pdf
|
|
|
|
|
2024-03-04 - On-Device Fraud on the rise- exposing a recent Copybara fraud campaign.pdf
|
|
|
|
|
2024-03-04 - Shadow Hunting- Analysis of APT37’s attack activities against South Korea using North Korean political topics.pdf
|
|
|
|
|
2024-03-04 - TA577’s Unusual Attack Chain Leads to NTLM Data Theft.pdf
|
|
|
|
|
2024-03-05 - Anxun and Chinese APT Activity.pdf
|
|
|
|
|
2024-03-05 - Coper - Octo - A Conductor for Mobile Mayhem… With Eight Limbs-.pdf
|
|
|
|
|
2024-03-05 - TODDLERSHARK- ScreenConnect Vulnerability Exploited to Deploy BABYSHARK Variant.pdf
|
|
|
|
|
2024-03-05 - Unknown Nim Loader using PSBypassCLM.pdf
|
|
|
|
|
2024-03-06 - TA4903- Actor Spoofs U.S. Government, Small Businesses in Phishing, BEC Bids.pdf
|
|
|
|
|
2024-03-06 - Tracking Adversaries- UAC-0050, Cracking The DaVinci Code.pdf
|
|
|
|
|
2024-03-07 - 2024-03-07 (THURSDAY)- LATRODECTUS INFECTION LEADS TO LUMMA STEALER.pdf
|
|
|
|
|
2024-03-07 - Evasive Panda leverages Monlam Festival to target Tibetans.pdf
|
|
|
|
|
2024-03-09 - Kimsuky 2.pdf
|
|
|
|
|
2024-03-09 - New Backdoor Activity Socks5Systemz.pdf
|
|
|
|
|
2024-03-10 - SysWhispers2 analysis.pdf
|
|
|
|
|
2024-03-11 - Study of a targeted attack on a Russian enterprise in the mechanical-engineering sector.pdf
|
|
|
|
|
2024-03-12 - Donex ransomware.pdf
|
|
|
|
|
2024-03-12 - North Kimsuky organization's policy advisor camouflaged spear phishing beware.pdf
|
|
|
|
|
2024-03-12 - VCURMS- A Simple and Functional Weapon.pdf
|
|
|
|
|
2024-03-13 - CVE-2024-21412- DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign.pdf
|
|
|
|
|
2024-03-13 - NewBot Loader.pdf
|
|
|
|
|
2024-03-13 - RisePro stealer targets Github users in “gitgub” campaign.pdf
|
|
|
|
|
2024-03-14 - Unveiling the depths of Residential Proxies providers.pdf
|
|
|
|
|
2024-03-15 - Inside the Rabbit Hole- BunnyLoader 3.0 Unveiled.pdf
|
|
|
|
|
2024-03-17 - Carving the IcedId - Part 3.pdf
|
|
|
|
|
2024-03-18 - Analysis of New DEEP-GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware.pdf
|
|
|
|
|
2024-03-18 - APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme.pdf
|
|
|
|
|
2024-03-18 - FORCE (.FORCE) ransomware virus – removal and decryption options.pdf
|
|
|
|
|
2024-03-18 - Mirai Nomi- A Botnet Leveraging DGA.pdf
|
|
|
|
|
2024-03-18 - Operation PhantomBlu- New and Evasive Method Delivers NetSupport RAT.pdf
|
|
|
|
|
2024-03-18 - Planet Stealer Malware Analysis Report (Paywall).pdf
|
|
|
|
|
2024-03-19 - How Rogue ISPs Tamper With Geofeeds.pdf
|
|
|
|
|
2024-03-19 - Malware Analysis NjRat.pdf
|
|
|
|
|
2024-03-20 - Python Ciphering - Delving into Evil Ant’s Ransomware’s Tactics.pdf
|
|
|
|
|
2024-03-21 - Security Brief- TA450 Uses Embedded Links in PDF Attachments in Latest Campaign.pdf
|
|
|
|
|
2024-03-22 - APT29 Uses WINELOADER to Target German Political Parties.pdf
|
|
|
|
|
2024-03-22 - Large-Scale StrelaStealer Campaign in Early 2024.pdf
|
|
|
|
|
2024-03-24 - Analysis of DEVPOPPER- New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors.pdf
|
|
|
|
|
2024-03-24 - Understanding API Hashing and build a rainbow table for LummaStealer.pdf
|
|
|
|
|
2024-03-25 - Clipping Wings- Our Analysis of a Pegasus Spyware Sample.pdf
|
|
|
|
|
2024-03-25 - Reverse Engineering Snake Keylogger- Full .NET Malware Analysis Walkthrough.pdf
|
|
|
|
|
2024-03-26 - ASEAN Entities in the Spotlight- Chinese APT Group Targeting.pdf
|
|
|
|
|
2024-03-26 - Comprehensive Analysis of EMOTET Malware- Part 1.pdf
|
|
|
|
|
2024-03-26 - The Darkside Of TheMoon.pdf
|
|
|
|
|
2024-03-27 - Operation FlightNight- Indian Government Entities and Energy Sector Targeted by Cyber Espionage Campaign.pdf
|
|
|
|
|
2024-03-27 - Uncovering Malicious Infrastructure with DNS Pivoting.pdf
|
|
|
|
|
2024-03-28 - Android Malware Vultur Expands Its Wingspan.pdf
|
|
|
|
|
2024-04-01 - Passive DNS For Phishing Link Analysis - Identifying 36 Latrodectus Domains With Historical Records and 302 Redirects.pdf
|
|
|
|
|
2024-04-02 - APT and financial attacks on industrial organizations in H2 2023.pdf
|
|
|
|
|
2024-04-02 - Updated StrelaStealer Targeting European Countries.pdf
|
|
|
|
|
2024-04-04 - Cutting Edge, Part 4- Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies.pdf
|
|
|
|
|
2024-04-09 - BlueShell- Four Years On, Still A Formidable Threat.pdf
|
|
|
|
|
2024-04-09 - Havoc C2 Framework – A Defensive Operator’s Guide.pdf
|
|
|
|
|
2024-04-09 - Unpacking the Blackjack Group's Fuxnet Malware.pdf
|
|
|
|
|
2024-04-09 - Unraveling Not AZORult but Koi Loader- A Precursor to Koi Stealer.pdf
|
|
|
|
|
2024-04-13 - Analysis of malicious Microsoft office macros.pdf
|
|
|
|
|
2024-04-14 - Sysrv Infection (Linux Edition).pdf
|
|
|
|
|
2024-04-17 - Redline Stealer- A Novel Approach.pdf
|
|
|
|
|
2024-04-18 - From BYOVD to a 0-day - Unveiling Advanced Exploits in Cyber Recruiting Scams.pdf
|
|
|
|
|
2024-04-19 - Gold Pickaxe iOS Technical Analysis- IPA Overview and C2 Communication Start up.pdf
|
|
|
|
|
2024-04-22 - Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials.pdf
|
|
|
|
|
2024-04-24 - Analysis of Ongoing FROZENSHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover.pdf
|
|
|
|
|
2024-04-24 - Dissecting REMCOS RAT- An in- depth analysis of a widespread 2024 malware, Part One.pdf
|
|
|
|
|
2024-04-24 - Pakistani APTs Escalate Attacks on Indian Gov. Seqrite Labs Unveils Threats and Connections.pdf
|
|
|
|
|
2024-04-27 - Finding Malware- Detecting SOGU with Google Security Operations..pdf
|
|
|
|
|
2024-04-29 - How to unpack Death Ransomware.pdf
|
|
|
|
|
2024-04-29 - Zloader Learns Old Tricks.pdf
|
|
|
|
|
2024-04-30 - Dissecting REMCOS RAT- An in- depth analysis of a widespread 2024 malware, Part Two.pdf
|
|
|
|
|
2024-04-30 - Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement-.pdf
|
|
|
|
|
2024-04-30 - Pouring Acid Rain.pdf
|
|
|
|
|
2024-05-01 - Ransom-War- Russian Extortion Operations as Hybrid Warfare, Part One.pdf
|
|
|
|
|
2024-05-01 - Router Roulette- Cybercriminals and Nation-States Sharing Compromised Networks.pdf
|
|
|
|
|
2024-05-01 - “Dirty stream” attack- Discovering and mitigating a common vulnerability pattern in Android apps.pdf
|
|
|
|
|
2024-05-02 - Dissecting LOCKBIT v3 ransomware.pdf
|
|
|
|
|
2024-05-03 - Dissecting REMCOS RAT- An in- depth analysis of a widespread 2024 malware, Part Three.pdf
|
|
|
|
|
2024-05-04 - 191 Australian Organizations affected by ZircoDATA Breach Linked to Russian Ransomware Gang.pdf
|
|
|
|
|
2024-05-05 - Latrodectus -littlehw-.pdf
|
|
|
|
|
2024-05-06 - Agent Tesla Malware Analysis.pdf
|
|
|
|
|
2024-05-06 - HijackLoader Updates.pdf
|
|
|
|
|
2024-05-07 - Cybercrime's Anatomy Threats to the Healthcare World.pdf
|
|
|
|
|
2024-05-07 - LNK File Disguised as Certificate Distributing RokRAT Malware.pdf
|
|
|
|
|
2024-05-08 - APT28 campaign targeting Polish government institutions.pdf
|
|
|
|
|
2024-05-08 - From OSINT to Disk- Wave Stealer Analysis.pdf
|
|
|
|
|
2024-05-09 - [Case Study- Latrodectus] Analyzing and Implementing String Decryption Algorithms.pdf
|
|
|
|
|
2024-05-09 - Cybersecurity Firm Hacked- Sensitive Data on Sale.pdf
|
|
|
|
|
2024-05-10 - AA24-131A- StopRansomware- Black Basta.pdf
|
|
|
|
|
2024-05-10 - Dissecting REMCOS RAT- An in- depth analysis of a widespread 2024 malware, Part Four.pdf
|
|
|
|
|
2024-05-10 - Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators.pdf
|
|
|
|
|
2024-05-10 - Recruitment trap for blockchain practitioners- Analysis of suspected Lazarus (APT-Q-1) stealing operations.pdf
|
|
|
|
|
2024-05-11 - Russian APT deploys new 'Kapeka' backdoor in Eastern European attacks.pdf
|
|
|
|
|
2024-05-13 - Exploring the Depths of SolarMarker's Multi-tiered Infrastructure.pdf
|
|
|
|
|
2024-05-13 - Gootloader Isn’t Broken.pdf
|
|
|
|
|
2024-05-13 - Wavestealer Spotted In The Wild.pdf
|
|
|
|
|
2024-05-14 - Breaking new ground- Uncovering Akira's privilege escalation techniques.pdf
|
|
|
|
|
2024-05-14 - China-linked group uses malware to try to spy on commercial shipping, new report says.pdf
|
|
|
|
|
2024-05-14 - Ebury is alive but unseen- 400k Linux servers compromised for cryptocurrency theft and financial gain.pdf
|
|
|
|
|
2024-05-14 - QakBot attacks with Windows zero-day (CVE-2024-30051).pdf
|
|
|
|
|
2024-05-15 - Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia.pdf
|
|
|
|
|
2024-05-15 - Stairwell threat report- Black Basta overview and detection rules.pdf
|
|
|
|
|
2024-05-15 - Threat actors misusing Quick Assist in social engineering attacks leading to ransomware.pdf
|
|
|
|
|
2024-05-15 - To the Moon and back(doors)- Lunar landing in diplomatic missions.pdf
|
|
|
|
|
2024-05-16 - Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group).pdf
|
|
|
|
|
2024-05-16 - Grandoreiro banking trojan unleashed- X-Force observing emerging global campaigns.pdf
|
|
|
|
|
2024-05-16 - Spring Cleaning with LATRODECTUS- A Potential Replacement for ICEDID.pdf
|
|
|
|
|
2024-05-16 - Springtail- New Linux Backdoor Added to Toolkit.pdf
|
|
|
|
|
2024-05-20 - Tiny BackDoor Goes Undetected – Suspected Turla leveraging MSBuild to Evade detection.pdf
|
|
|
|
|
2024-05-21 - Master of Puppets- Uncovering the DoppelGänger pro-Russian influence campaign.pdf
|
|
|
|
|
2024-05-21 - Phobos ransomware launches new leak site and pivots towards double extortion.pdf
|
|
|
|
|
2024-05-21 - Uncovering an undetected KeyPlug implant attacking industries in Italy.pdf
|
|
|
|
|
2024-05-22 - Deep Dive Into Unfading Sea Haze- A New Threat Actor in the South China Sea.pdf
|
|
|
|
|
2024-05-22 - IOC Extinction - China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders.pdf
|
|
|
|
|
2024-05-22 - Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth.pdf
|
|
|
|
|
2024-05-22 - Stealers, stealers and more stealers.pdf
|
|
|
|
|
2024-05-23 - Chinese Espionage Campaign Expands to Target Africa and The Caribbean.pdf
|
|
|
|
|
2024-05-23 - Operation Diplomatic Specter- An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia.pdf
|
|
|
|
|
2024-05-23 - Sharp dragon expands towards africa and the caribbean.pdf
|
|
|
|
|
2024-05-23 - String Decryptor for WarmCookie.pdf
|
|
|
|
|
2024-05-23 - Tracking APT SideWinder With DNS Records.pdf
|
|
|
|
|
2024-05-24 - Stark Industries Solutions- An Iron Hammer in the Cloud.pdf
|
|
|
|
|
2024-05-26 - QakBOT v5 Deep Malware Analysis.pdf
|
|
|
|
|
2024-05-28 - BlackSuit Attack Analysis.pdf
|
|
|
|
|
2024-05-28 - Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks.pdf
|
|
|
|
|
2024-05-28 - Threats Claimimg Breach of Decathlon May 2024 Database.pdf
|
|
|
|
|
2024-05-29 - Fake Browser Updates delivering BitRAT and Lumma Stealer.pdf
|
|
|
|
|
2024-05-30 - A DNS Investigation of the Phobos Ransomware 8Base Attack.pdf
|
|
|
|
|
2024-05-30 - Decoding Water Sigbin's Latest Obfuscation Tricks.pdf
|
|
|
|
|
2024-05-30 - LilacSquid - The stealthy trilogy of PurpleInk, InkBox and InkLoader.pdf
|
|
|
|
|
2024-05-30 - SolarMarker- Hunt Insights and Findings.pdf
|
|
|
|
|
2024-05-30 - The Pumpkin Eclipse.pdf
|
|
|
|
|
2024-06-01 - Malware and cryptography 28- RC4 payload encryption. Simple Nim example..pdf
|
|
|
|
|
2024-06-02 - How Russia is trying to disrupt the 2024 Paris Olympic Games.pdf
|
|
|
|
|
2024-06-03 - PikaBot- a Guide to its Deep Secrets and Operations.pdf
|
|
|
|
|
2024-06-03 - Reversing Atomic macOS Stealer- Binaries, Backdoors & Browser Theft.pdf
|
|
|
|
|
2024-06-03 - Wineloader – Analysis of the Infection Chain.pdf
|
|
|
|
|
2024-06-04 - Muhstik Malware Targets Message Queuing Services Applications.pdf
|
|
|
|
|
2024-06-05 - DarkGate switches up its tactics with new payload, email templates.pdf
|
|
|
|
|
2024-06-05 - European Election Security At Risk- A Detailed Analysis of State-Sponsored, eCrime, and Hacktivist Threats.pdf
|
|
|
|
|
2024-06-05 - Exmatter malware levels up- S-RM observes new variant with simultaneous remote code execution and data targeting.pdf
|
|
|
|
|
2024-06-05 - RansomHub- New Ransomware has Origins in Older Knight.pdf
|
|
|
|
|
2024-06-06 - Agent Tesla Analysis.pdf
|
|
|
|
|
2024-06-06 - DarkGate – Make AutoIt Great Again.pdf
|
|
|
|
|
2024-06-06 - EMBERSim- A Large-Scale Databank for Boosting Similarity Search in Malware Analysis.pdf
|
|
|
|
|
2024-06-06 - Remcos RAT Analysis.pdf
|
|
|
|
|
2024-06-06 - Tracking LightSpy- Certificates as Windows into Adversary Behavior.pdf
|
|
|
|
|
2024-06-07 - Grandoreiro Malware Campaign - A Global Threat to Banking Security.pdf
|
|
|
|
|
2024-06-07 - Pandabuy was extorted twice by the same Threat Actor.pdf
|
|
|
|
|
2024-06-09 - New Threat- A Deep Dive Into the Zergeca Botnet.pdf
|
|
|
|
|
2024-06-10 - More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack.pdf
|
|
|
|
|
2024-06-10 - Technical Analysis of the Latest Variant of ValleyRAT.pdf
|
|
|
|
|
2024-06-11 - A Brief History of SmokeLoader, Part 1.pdf
|
|
|
|
|
2024-06-12 - Dipping into Danger- The WARMCOOKIE backdoor.pdf
|
|
|
|
|
2024-06-12 - Malware development trick 39- Run payload via EnumDesktopsA. Simple Nim example..pdf
|
|
|
|
|
2024-06-12 - New backdoor BadSpace delivered by high-ranking infected websites.pdf
|
|
|
|
|
2024-06-12 - Nova Stealer, le malware made in France.pdf
|
|
|
|
|
2024-06-12 - Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day.pdf
|
|
|
|
|
2024-06-12 - SN Blackmeta Claims Cyberattack on Snapchat Over Explicit Content and Alleged Political Bias!.pdf
|
|
|
|
|
2024-06-13 - DISGOMOJI Malware Used to Target Indian Government.pdf
|
|
|
|
|
2024-06-13 - Inside LATRODECTUS- A Dive into Malware Tactics and Mitigation.pdf
|
|
|
|
|
2024-06-13 - Operation Celestial Force employs mobile and desktop malware to target Indian entities.pdf
|
|
|
|
|
2024-06-15 - Malware Analysis FormBook.pdf
|
|
|
|
|
2024-06-17 - From Clipboard to Compromise- A PowerShell Self-Pwn.pdf
|
|
|
|
|
2024-06-17 - Latrodectus are you coming back.pdf
|
|
|
|
|
2024-06-17 - Malvertising Campaign Leads to Execution of Oyster Backdoor.pdf
|
|
|
|
|
2024-06-18 - Cloaked and Covert- Uncovering UNC3886 Espionage Operations.pdf
|
|
|
|
|
2024-06-19 - LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations.pdf
|
|
|
|
|
2024-06-19 - New North Korean based backdoor packs a punch.pdf
|
|
|
|
|
2024-06-19 - Spectre (SPC) v9 Campaigns and Updates.pdf
|
|
|
|
|
2024-06-20 - Caught in the Act- Uncovering SpyNote in Unexpected Places.pdf
|
|
|
|
|
2024-06-20 - Linux malware development 1- Intro to kernel hacking. Simple C example..pdf
|
|
|
|
|
2024-06-20 - Medusa Reborn- A New Compact Variant Discovered.pdf
|
|
|
|
|
2024-06-21 - [0001] AmberAmethystDaisy -- QuartzBegonia -- LummaStealer.pdf
|
|
|
|
|
2024-06-21 - AmberAmethystDaisy -- QuartzBegonia -- LummaStealer.pdf
|
|
|
|
|
2024-06-21 - GrimResource - Microsoft Management Console for initial access and evasion.pdf
|
|
|
|
|
2024-06-21 - Was T-Mobile compromised by a zero-day in Jira-.pdf
|
|
|
|
|
2024-06-24 - Gootloader’s New Hideout Revealed- The Malware Hunt in WordPress’ Shadows.pdf
|
|
|
|
|
2024-06-24 - Latrodectus Affiliate Resumes Operations Using Brute Ratel C4 Post Operation Endgame.pdf
|
|
|
|
|
2024-06-24 - Novel Technique Combination Used In IDATLOADER Distribution.pdf
|
|
|
|
|
2024-06-24 - StrelaStealer Resurgence- Tracking a JavaScript-Driven Credential Stealer Targeting Europe.pdf
|
|
|
|
|
2024-06-24 - ‘Poseidon’ Mac stealer distributed via Google ads.pdf
|
|
|
|
|
2024-06-25 - From Dormant to Dangerous- P2Pinfect Evolves to Deploy New Ransomware and Cryptominer.pdf
|
|
|
|
|
2024-06-25 - Good Game, Gone Bad- Xeno RAT Spread Via .gg Domains and GitHub.pdf
|
|
|
|
|
2024-06-25 - How to detect the modular RAT CSHARP-STREAMER.pdf
|
|
|
|
|
2024-06-25 - Malware development trick 41- Stealing data via legit VirusTotal API. Simple C example..pdf
|
|
|
|
|
2024-06-26 - ChamelGang & Friends - Cyberespionage Groups Attacking Critical Infrastructure with Ransomware.pdf
|
|
|
|
|
2024-06-27 - AzzaSec, NoName Cyberattackers Join Hands to Potentially Target Pro-Ukriane Allies.pdf
|
|
|
|
|
2024-06-27 - Poseidon Stealer malspam campaign targeting Swiss macOS users.pdf
|
|
|
|
|
2024-06-28 - Examining Water Sigbin's Infection Routine Leading to an XMRig Cryptominer.pdf
|
|
|
|
|
2024-06-28 - Malware development trick 42- Stealing data via legit Discord Bot API. Simple C example..pdf
|
|
|
|
|
2024-06-30 - Deep Analysis of Snake (404 keylogger).pdf
|
|
|
|
|
2024-07-02 - Exposing FakeBat loader- distribution methods and adversary infrastructure.pdf
|
|
|
|
|
2024-07-02 - Kematian Stealer forked from PowerShell Token Grabber.pdf
|
|
|
|
|
2024-07-02 - The LandUpdate808 Fake Update Variant.pdf
|
|
|
|
|
2024-07-05 - CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code.pdf
|
|
|
|
|
2024-07-08 - CloudSorcerer – A new APT targeting Russian government entities.pdf
|
|
|
|
|
2024-07-09 - Italian government agencies and companies in the target of a Chinese APT.pdf
|
|
|
|
|
2024-07-10 - DodgeBox- A deep dive into the updated arsenal of APT41 - Part 1.pdf
|
|
|
|
|
2024-07-10 - Risky Biz News- US takes down RT's Twitter bot farm.pdf
|
|
|
|
|
2024-07-11 - Brief technical analysis of the -Poseidon Stealer- malware.pdf
|
|
|
|
|
2024-07-11 - CRYSTALRAY- Inside the Operations of a Rising Threat Actor Exploiting OSS Tools.pdf
|
|
|
|
|
2024-07-11 - MoonWalk- A deep dive into the updated arsenal of APT41 - Part 2.pdf
|
|
|
|
|
2024-07-11 - R0BL0CH0N TDS- A deep dive into the infrastructure of an affiliate marketing scam.pdf
|
|
|
|
|
2024-07-13 - Malware development- persistence - part 25. Create symlink from legit to evil. Simple C example..pdf
|
|
|
|
|
2024-07-14 - Fake AWS Packages Ship Command and Control Malware In JPEG Files.pdf
|
|
|
|
|
2024-07-14 - Malware Analysis - Rhadamanthys.pdf
|
|
|
|
|
2024-07-15 - CVE-2024-38112- Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks.pdf
|
|
|
|
|
2024-07-15 - Kematian Stealer Technical Malware Analysis.pdf
|
|
|
|
|
2024-07-15 - MuddyWater replaces Atera by custom MuddyRot implant in a recent campaign.pdf
|
|
|
|
|
2024-07-15 - New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns.pdf
|
|
|
|
|
2024-07-16 - MirrorFace Attack against Japanese Organisations.pdf
|
|
|
|
|
2024-07-16 - NullBulge - Threat Actor Masquerades as Hacktivist Group Rebelling Against AI.pdf
|
|
|
|
|
2024-07-17 - The Return of Ghost Emperor’s Demodex.pdf
|
|
|
|
|
2024-07-18 - APT41 Has Arisen From the DUST.pdf
|
|
|
|
|
2024-07-18 - Emerging IoT Wiper Malware- Kaden and New LOLFME Botnet Variants.pdf
|
|
|
|
|
2024-07-22 - A Beginner’s Guide to Hunting Malicious Open Directories.pdf
|
|
|
|
|
2024-07-23 - A Simple Approach to Discovering Oyster Backdoor Infrastructure.pdf
|
|
|
|
|
2024-07-23 - Daggerfly- Espionage Group Makes Major Update to Toolset.pdf
|
|
|
|
|
2024-07-23 - Exploiting CVE-2024-21412- A Stealer Campaign Unleashed.pdf
|
|
|
|
|
2024-07-24 - APT45- North Korea’s Digital Military Machine.pdf
|
|
|
|
|
2024-07-24 - Malware Campaign Lures Users With Fake W2 Form.pdf
|
|
|
|
|
2024-07-24 - Rhysida using Oyster Backdoor to deliver ransomware.pdf
|
|
|
|
|
2024-07-24 - Six-day, 14.7 Million RPS Web DDoS Attack Campaign Attributed to SN_BLACKMETA.pdf
|
|
|
|
|
2024-07-24 - Stargazers Ghost Network.pdf
|
|
|
|
|
2024-07-24 - UAC-0063 Attack Detection- Hackers Target Ukrainian Research Institutions Using HATVIBE, CHERRYSPY, and CVE-2024-23692.pdf
|
|
|
|
|
2024-07-25 - Daolpu Infostealer- Full analysis of the latest malware exploited post CrowdStrike outage.pdf
|
|
|
|
|
2024-07-25 - Growing Number of Threats Leveraging AI.pdf
|
|
|
|
|
2024-07-25 - Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List.pdf
|
|
|
|
|
2024-07-25 - SideWinder Utilizes New Infrastructure to Target Ports and Maritime Facilities in the Mediterranean Sea.pdf
|
|
|
|
|
2024-07-25 - UAC-0057 Attack Detection- A Surge in Adversary Activity Distributing PICASSOLOADER and Cobalt Strike Beacon.pdf
|
|
|
|
|
2024-07-25 - Umbrella of Pakistani Threats - Converging Tactics of Cyber-operations Targeting India.pdf
|
|
|
|
|
2024-07-26 - Hive0137 and AI-supplemented malware distribution.pdf
|
|
|
|
|
2024-07-26 - UAC-0102 Phishing Attack Detection- Hackers Steal Authentication Data Impersonating the UKR.NET Web Service.pdf
|
|
|
|
|
2024-07-28 - CyberGate Technical Analysis.pdf
|
|
|
|
|
2024-07-29 - Blue Screen Mayhem - When CrowdStrike's Glitch Became Threat Actor's Playground.pdf
|
|
|
|
|
2024-07-29 - Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption.pdf
|
|
|
|
|
2024-07-29 - UNC4393 Goes Gently into the SILENTNIGHT.pdf
|
|
|
|
|
2024-07-30 - Hacker Scrapes and Publishes 100,000-Line CrowdStrike IoC List.pdf
|
|
|
|
|
2024-07-30 - Too big to care- - Our disappointment with Cloudflare’s anti-abuse posture.pdf
|
|
|
|
|
2024-07-31 - BingoMod - The new android RAT that steals money and wipes data.pdf
|
|
|
|
|
2024-07-31 - BingoMod- The new android RAT that steals money and wipes data.pdf
|
|
|
|
|
2024-07-31 - Research Update- Threat Actors Behind the DEVPOPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering.pdf
|
|
|
|
|
2024-08-01 - BITS and Bytes- Analyzing BITSLOTH, a newly identified backdoor.pdf
|
|
|
|
|
2024-08-01 - BlankBot - a new Android banking trojan with screen recording, keylogging and remote control capabilities.pdf
|
|
|
|
|
2024-08-01 - Latrodectus dropped by BR4.pdf
|
|
|
|
|
2024-08-02 - Panamorfi - A New Discord DDoS Campaign.pdf
|
|
|
|
|
2024-08-02 - StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms.pdf
|
|
|
|
|
2024-08-04 - Decoding a Cobalt Strike Downloader Script With CyberChef.pdf
|
|
|
|
|
2024-08-05 - Chameleon is now targeting employees- Masquerading as a CRM app.pdf
|
|
|
|
|
2024-08-05 - How attacker achive Email Spoofing, Message Spoofing, IP and UserAgent Spoofing.pdf
|
|
|
|
|
2024-08-07 - AzzaSec Ransomware Technical Malware Analysis.pdf
|
|
|
|
|
2024-08-07 - How Malicious Actors Are Leveraging Cloud Services.pdf
|
|
|
|
|
2024-08-08 - Double Trouble- Latrodectus and ACR Stealer observed spreading via Google Authenticator Phishing Site.pdf
|
|
|
|
|
2024-08-08 - New APT Group Actor240524 - A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel.pdf
|
|
|
|
|
2024-08-09 - A Dive into Earth Baku’s Latest Campaign.pdf
|
|
|
|
|
2024-08-09 - Full analysis on NJRAT.pdf
|
|
|
|
|
2024-08-10 - Retrieve unknown python stealer from PyInstaller.pdf
|
|
|
|
|
2024-08-13 - Finding Malware- Unveiling NUMOZYLOD with Google Security Operations.pdf
|
|
|
|
|
2024-08-13 - Sensitive Israeli Ministry Data Allegedly Leaked on Dark Web.pdf
|
|
|
|
|
2024-08-14 - Cryptocurrency Lures and Pupy RAT- Analysing the UTG-Q-010 Campaign.pdf
|
|
|
|
|
2024-08-14 - Emmenhtal- a little-known loader distributing commodity infostealers worldwide.pdf
|
|
|
|
|
2024-08-14 - Gafgyt Malware Variant Exploits GPU Power and Cloud Native Environments.pdf
|
|
|
|
|
2024-08-15 - Beyond the wail- deconstructing the BANSHEE infostealer.pdf
|
|
|
|
|
2024-08-15 - Tusk campaign uses infostealers and clippers for financial gain.pdf
|
|
|
|
|
2024-08-16 - Malicious code disguised as an msc file created by Kimsuky - Skibidi Boilet Master.msc (2024.8.16).pdf
|
|
|
|
|
2024-08-18 - Reversing DISGOMOJI with Malcat like a BOSS.pdf
|
|
|
|
|
2024-08-19 - MegaMedusa, RipperSec’s Public Web DDoS Attack Tool.pdf
|
|
|
|
|
2024-08-19 - PG_MEM- A Malware Hidden in the Postgres Processes.pdf
|
|
|
|
|
2024-08-19 - Unveiling -sedexp-- A Stealthy Linux Malware Exploiting udev Rules.pdf
|
|
|
|
|
2024-08-20 - CyberVolk Ransomware Technical Malware Analysis Report.pdf
|
|
|
|
|
2024-08-20 - New Backdoor Targeting Taiwan Employs Stealthy Communications.pdf
|
|
|
|
|
2024-08-20 - Threat Actor Claims Breach of Siam Cement Group Database.pdf
|
|
|
|
|
2024-08-20 - Threat Hunting Case Study- Tracking Down GootLoader.pdf
|
|
|
|
|
2024-08-20 - Toyota alleges stolen customer data published on hacking site came from outside supplier.pdf
|
|
|
|
|
2024-08-21 - Chinese APT abuses MSC files with GrimResource vulnerability.pdf
|
|
|
|
|
2024-08-21 - MoonPeak malware from North Korean actors unveils new details on attacker infrastructure.pdf
|
|
|
|
|
2024-08-21 - Technical Analysis of Copybara.pdf
|
|
|
|
|
2024-08-21 - Toyota Customer, Employee Data Leaked in Confirmed Data Breach.pdf
|
|
|
|
|
2024-08-22 - AppDomainManager Injection.pdf
|
|
|
|
|
2024-08-22 - Attacks by malware abusing AppDomainManager Injection.pdf
|
|
|
|
|
2024-08-22 - Botnet Fenix.pdf
|
|
|
|
|
2024-08-22 - PEAKLIGHT- Decoding the Stealthy Memory-Only Malware.pdf
|
|
|
|
|
2024-08-26 - BlackSuit Ransomware.pdf
|
|
|
|
|
2024-08-26 - Static Unpacker for Latrodectus.pdf
|
|
|
|
|
2024-08-27 - AutoIT Bot Targets Gmail Accounts First.pdf
|
|
|
|
|
2024-08-27 - Taking the Crossroads- The Versa Director Zero-Day Exploitation.pdf
|
|
|
|
|
2024-08-27 - Threat Actor Claimed to Breach Database of DimeCuba.pdf
|
|
|
|
|
2024-08-28 - APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262).pdf
|
|
|
|
|
2024-08-28 - BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks.pdf
|
|
|
|
|
2024-08-29 - From Cobalt Strike to Mimikatz- A Deep Dive into the SLOWTEMPEST Campaign Targeting Chinese Users.pdf
|
|
|
|
|
2024-08-29 - Latrodectus Malware Masquerades as AhnLab Security Software to Infect Victims.pdf
|
|
|
|
|
2024-08-29 - Latrodectus Rapid Evolution Continues With Latest New Payload Features.pdf
|
|
|
|
|
2024-08-29 - State-backed attackers and commercial surveillance vendors repeatedly use the same exploits.pdf
|
|
|
|
|
2024-08-29 - The Malware That Must Not Be Named- Suspected Espionage Campaign Delivers “Voldemort”.pdf
|
|
|
|
|
2024-08-30 - Anatomy of a Lumma Stealer Attack via Fake CAPTCHA Pages - Part 1.pdf
|
|
|
|
|
2024-08-30 - Latrodectus Rapid Evolution Continues With Latest New Payload Features.pdf
|
|
|
|
|
2024-08-30 - North Korean threat actor Citrine Sleet exploiting Chromium zero-day.pdf
|
|
|
|
|
2024-09-03 - Advanced Cyberchef Techniques - Defeating Nanocore Obfuscation With Math and Flow Control.pdf
|
|
|
|
|
2024-09-03 - Emansrepo Stealer - Multi-Vector Attack Chains.pdf
|
|
|
|
|
2024-09-03 - Hacker Leaks Data of 390 Million Users from VK, a Russian Social Network.pdf
|
|
|
|
|
2024-09-03 - LulzSec Black Claims Cyberattacks on Emirati Government and Other Sector Targets.pdf
|
|
|
|
|
2024-09-03 - ToneShell Backdoor Used to Target Attendees of the IISS Defence Summit.pdf
|
|
|
|
|
2024-09-04 - AZORult Malware - Technical Analysis.pdf
|
|
|
|
|
2024-09-04 - Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion.pdf
|
|
|
|
|
2024-09-04 - Hacktivists Call for Release of Telegram Founder with FreeDurov DDoS Campaign.pdf
|
|
|
|
|
2024-09-04 - Major IR leaks.pdf
|
|
|
|
|
2024-09-04 - The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government.pdf
|
|
|
|
|
2024-09-04 - Uncovering DarkCracks- How a Stealthy Payload Delivery Framework Exploits GLPI and WordPress.pdf
|
|
|
|
|
2024-09-05 - New macOS malware HZ RAT gives attackers backdoor access to Macs.pdf
|
|
|
|
|
2024-09-05 - Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401.pdf
|
|
|
|
|
2024-09-05 - Tropic Trooper spies on government entities in the Middle East.pdf
|
|
|
|
|
2024-09-06 - Handala’s Wiper - Threat Analysis and Detections.pdf
|
|
|
|
|
2024-09-06 - Risky Biz News- Doppelganger gets a kick in the butt from Uncle Sam.pdf
|
|
|
|
|
2024-09-06 - The Curious Case of an Open Source Stealer- Phemedrone.pdf
|
|
|
|
|
2024-09-06 - TIDRONE Targets Military and Satellite Industries in Taiwan.pdf
|
|
|
|
|
2024-09-08 - A (Strange) Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities.pdf
|
|
|
|
|
2024-09-09 - APT CoralRaider Expands Arsenal- AmadeyBot, FTP Innovations, and Complex Domain Strategy.pdf
|
|
|
|
|
2024-09-09 - Dissecting Lumma Malware - Analyzing the Fake CAPTCHA and Obfuscation Techniques - Part 2.pdf
|
|
|
|
|
2024-09-09 - Significant ransom payment by major Iranian IT firm underway.pdf
|
|
|
|
|
2024-09-10 - A new TrickMo saga- from Banking Trojan to Victim's Data Leak.pdf
|
|
|
|
|
2024-09-10 - Ailurophile Stealer Technical Malware Analysis Report.pdf
|
|
|
|
|
2024-09-10 - CosmicBeetle steps up - Probation period at RansomHub.pdf
|
|
|
|
|
2024-09-10 - Dependency hijacking - Dissecting North Korea’s new wave of DeFi-themed open source attacks targeting developers.pdf
|
|
|
|
|
2024-09-10 - DragonRank, a Chinese-speaking SEO manipulator service provider.pdf
|
|
|
|
|
2024-09-10 - Fake recruiter coding tests target devs with malicious Python packages.pdf
|
|
|
|
|
2024-09-11 - Akira Ransomware- The Evolution of a Major Threat.pdf
|
|
|
|
|
2024-09-11 - Targeted Iranian Attacks Against Iraqi Government Infrastructure.pdf
|
|
|
|
|
2024-09-12 - From Automation to Exploitation - The Growing Misuse of Selenium Grid for Cryptomining and Proxyjacking.pdf
|
|
|
|
|
2024-09-12 - The Xworm malware is being spread through a phishing email.pdf
|
|
|
|
|
2024-09-13 - Hadooken Malware Targets Weblogic Applications.pdf
|
|
|
|
|
2024-09-13 - New Linux malware Hadooken targets Oracle WebLogic servers.pdf
|
|
|
|
|
2024-09-18 - Derailing The Raptor Train.pdf
|
|
|
|
|
2024-09-18 - Medusa Ransomware- Evolving Tactics in Modern Cyber Extortion.pdf
|
|
|
|
|
2024-09-19 - Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC (IoCs).pdf
|
|
|
|
|
2024-09-19 - Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC.pdf
|
|
|
|
|
2024-09-19 - Evolution of Lazarus ‘FudModule - no longer (stand)alone’.pdf
|
|
|
|
|
2024-09-19 - UNC1860 and the Temple of Oats - Iran’s Hidden Hand in Middle Eastern Networks.pdf
|
|
|
|
|
2024-09-20 - Behind the CAPTCHA- A Clever Gateway of Malware.pdf
|
|
|
|
|
2024-09-21 - Malware Analysis - PXRECVOWEIWOEI.pdf
|
|
|
|
|
2024-09-23 - Inside SnipBot- The Latest RomCom Malware Variant.pdf
|
|
|
|
|
2024-09-24 - Earth Preta Evolves its Attacks with New Malware and Strategies.pdf
|
|
|
|
|
2024-09-24 - Octo2- European Banks Already Under Attack by New Malware Variant.pdf
|
|
|
|
|
2024-09-25 - Austria subjected to pro-Russian DDoS intrusions.pdf
|
|
|
|
|
2024-09-25 - China claims Taiwan, not civilians, behind web vandalism.pdf
|
|
|
|
|
2024-09-25 - Lumma Stealer - Malware Analysis.pdf
|
|
|
|
|
2024-09-26 - BBTok Targeting Brazil- Deobfuscating the .NET Loader with dnlib and PowerShell.pdf
|
|
|
|
|
2024-09-26 - Cyberespionage the Gamaredon way - Analysis of toolset used to spy on Ukraine in 2022 and 2023.pdf
|
|
|
|
|
2024-09-26 - Storm-0501 - Ransomware attacks expanding to hybrid cloud environments.pdf
|
|
|
|
|
2024-09-26 - Unraveling Sparkling Pisces’s Tool Set - KLogEXE and FPSpy.pdf
|
|
|
|
|
2024-09-27 - Betting on Bots - Investigating Linux malware, crypto mining, and gambling API abuse.pdf
|
|
|
|
|
2024-09-29 - Process Injection in BugSleep Loader.pdf
|
|
|
|
|
2024-09-30 - Latrodectus Extracting new AES encrypted strings from this RAT.pdf
|
|
|
|
|
2024-09-30 - Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware.pdf
|
|
|
|
|
2024-10-02 - Amnesia Stealer Technical Malware Analysis Report.pdf
|
|
|
|
|
2024-10-02 - Separating the bee from the panda - CeranaKeeper making a beeline for Thailand.pdf
|
|
|
|
|
2024-10-03 - perfctl - A Stealthy Malware Targeting Millions of Linux Servers.pdf
|
|
|
|
|
2024-10-03 - SHROUDED-SLEEP- A Deep Dive into North Korea’s Ongoing Campaign Against Southeast Asia.pdf
|
|
|
|
|
2024-10-04 - Emansrepo Infostealer - PyInstaller, Deobfuscation and LLM.pdf
|
|
|
|
|
2024-10-04 - VILSA STEALER.pdf
|
|
|
|
|
2024-10-05 - Malware Analysis - Lumma Stealer.pdf
|
|
|
|
|
2024-10-07 - Awaken Likho is awake - new techniques of an APT group.pdf
|
|
|
|
|
2024-10-08 - Inside a Cybercriminal’s Server- DDoS Tools, Spyware APKs, and Phishing Pages.pdf
|
|
|
|
|
2024-10-08 - Pronsis Loader - A JPHP-Driven Malware Diverging from D3F@ck Loader.pdf
|
|
|
|
|
2024-10-09 - Contagious Interview - DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware.pdf
|
|
|
|
|
2024-10-10 - Technical Analysis of DarkVision RAT.pdf
|
|
|
|
|
2024-10-10 - Uncovering Domains Created by Octo2’s Domain Generation Algorithm.pdf
|
|
|
|
|
2024-10-10 - Unmasking Adversary Infrastructure- How Certificates and Redirects Exposed Earth Baxia and PlugX Activity.pdf
|
|
|
|
|
2024-10-11 - Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East.pdf
|
|
|
|
|
2024-10-11 - Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions.pdf
|
|
|
|
|
2024-10-11 - Expanding the Investigation - Deep Dive into Latest TrickMo Samples.pdf
|
|
|
|
|
2024-10-14 - Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware.pdf
|
|
|
|
|
2024-10-15 - Analysis of the attack activities of APT-C-35 (belly brain worm) against a manufacturing company in South Asia.pdf
|
|
|
|
|
2024-10-15 - Silent Threat - Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions.pdf
|
|
|
|
|
2024-10-16 - AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178).pdf
|
|
|
|
|
2024-10-16 - An Lab and the National Cyber Security Center (NCSC), joint report distribution and Microsoft browser 0-DAY discovery (CVE-2024-38178).pdf
|
|
|
|
|
2024-10-16 - Exfiltration over Telegram Bots - Skidding Infostealer Logs.pdf
|
|
|
|
|
2024-10-16 - Fake LockBit, Real Damage- Ransomware Samples Abuse AWS S3 to Steal Data.pdf
|
|
|
|
|
2024-10-16 - IcePeony with the '996' work culture.pdf
|
|
|
|
|
2024-10-16 - X-ZIGZAG Technical Malware Analysis Report.pdf
|
|
|
|
|
2024-10-17 - Correlating Vidar Stealer Build IDs Based on Loader Tasks.pdf
|
|
|
|
|
2024-10-17 - From Warm to Burned - Shedding Light on Updated WarmCookie Infrastructure.pdf
|
|
|
|
|
2024-10-17 - New macOS vulnerability, “HM Surf”, could lead to unauthorized data access.pdf
|
|
|
|
|
2024-10-17 - UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants.pdf
|
|
|
|
|
2024-10-18 - A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem.pdf
|
|
|
|
|
2024-10-18 - Inside the Latrodectus Malware Campaign Old School Phishing Meets Innovative Payload Delivery.pdf
|
|
|
|
|
2024-10-18 - New Bumblebee Loader Infection Chain Signals Possible Resurgence.pdf
|
|
|
|
|
2024-10-19 - Tricks and Treats - GHOSTPULSE’s new pixel- level deception.pdf
|
|
|
|
|
2024-10-21 - Biggest Education Industry Attacks in 2024.pdf
|
|
|
|
|
2024-10-21 - Latrodectus - A year in the making.pdf
|
|
|
|
|
2024-10-22 - Grandoreiro, the global trojan with grandiose ambitions.pdf
|
|
|
|
|
2024-10-22 - Incident Response - Analysis of recent version of BRC4.pdf
|
|
|
|
|
2024-10-22 - Latrodectus - The Wrath of Black Widow.pdf
|
|
|
|
|
2024-10-23 - DarkComet RAT - Technical Analysis of Attack Chain.pdf
|
|
|
|
|
2024-10-23 - DarkRaaS ransomware Group Allegedly Selling Global Intelligence Data.pdf
|
|
|
|
|
2024-10-23 - Highlighting TA866-Asylum Ambuscade Activity Since 2021.pdf
|
|
|
|
|
2024-10-23 - Lazarus' Espionage-related Cryptocurrency Activities Remain Active, With A Significant Amount of Assets Still in Circulation.pdf
|
|
|
|
|
2024-10-23 - The Crypto Game of Lazarus APT- Investors vs. Zero-days.pdf
|
|
|
|
|
2024-10-23 - Threat Spotlight- WarmCookie-BadSpace.pdf
|
|
|
|
|
2024-10-23 - Unmasking Prometei- A Deep Dive Into Our MXDR Findings.pdf
|
|
|
|
|
2024-10-24 - Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN.pdf
|
|
|
|
|
2024-10-24 - Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575).pdf
|
|
|
|
|
2024-10-24 - MintsLoader.pdf
|
|
|
|
|
2024-10-24 - Operation Cobalt Whisper- Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan.pdf
|
|
|
|
|
2024-10-24 - Rekoobe Backdoor Discovered in Open Directory, Possibly Targeting TradingView Users.pdf
|
|
|
|
|
2024-10-24 - Tenacious Pungsan- A DPRK threat actor linked to Contagious Interview.pdf
|
|
|
|
|
2024-10-25 - US offers $10 million bounty for members of Iranian hacking gang.pdf
|
|
|
|
|
2024-10-27 - Shahid Hemmat Hackers- $10M Reward Offered by US.pdf
|
|
|
|
|
2024-10-28 - CloudScout- Evasive Panda scouting cloud services.pdf
|
|
|
|
|
2024-10-28 - Emotet Malware Analysis.pdf
|
|
|
|
|
2024-10-28 - Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives.pdf
|
|
|
|
|
2024-10-29 - Job Offer from the North- Contagious Interview for Software Developers.pdf
|
|
|
|
|
2024-10-29 - Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files.pdf
|
|
|
|
|
2024-10-29 - The Job Offer That Wasn’t- How We Stopped an Espionage Plot.pdf
|
|
|
|
|
2024-10-30 - Jumpy Pisces Engages in Play Ransomware.pdf
|
|
|
|
|
2024-10-31 - Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network.pdf
|
|
|
|
|
2024-10-31 - Deobfuscating JavaScript Malware Using Abstract Syntax Trees.pdf
|
|
|
|
|
2024-10-31 - Pacific Rim timeline- Information for defenders from a braid of interlocking attack campaigns.pdf
|
|
|
|
|
2024-10-31 - Pacific Rim- Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats.pdf
|
|
|
|
|
2024-10-31 - Tricks, Treats, and Threats- Cobalt Strike & the Goblin Lurking in Plain Sight.pdf
|
|
|
|
|
2024-11-01 - Finding Malware- Detecting GOOTLOADER with Google Security Operations..pdf
|
|
|
|
|
2024-11-04 - CRON-TRAP- Emulated Linux Environments as the Latest Tactic in Malware Staging.pdf
|
|
|
|
|
2024-11-04 - From Pyongyang to Your Payroll- The Rise of North Korean Remote Workers in the West.pdf
|
|
|
|
|
2024-11-04 - ToxicPanda- a new banking trojan from Asia hit Europe and LATAM.pdf
|
|
|
|
|
2024-11-04 - Unransomware- From Zero to Full Recovery in a Blink.pdf
|
|
|
|
|
2024-11-06 - CopyRh(ight)adamantys Campaign- Rhadamantys Exploits Intellectual Property Infringement Baits.pdf
|
|
|
|
|
2024-11-06 - Mozi Resurfaces as Androxgh0st Botnet- Unraveling The Latest Exploitation Wave.pdf
|
|
|
|
|
2024-11-06 - New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency.pdf
|
|
|
|
|
2024-11-07 - Evasive ZIP Concatenation- Trojan Targets Windows Users.pdf
|
|
|
|
|
2024-11-07 - Hiding in Plain Sight- The Subtle Art of Loki Malware’s Obfuscation.pdf
|
|
|
|
|
2024-11-07 - SideWinder’s ( T-APT-04 ) Sri Lanka Adventure.pdf
|
|
|
|
|
2024-11-10 - Reptile's Custom Kernel-Module Launcher.pdf
|
|
|
|