/vx/Malware Analysis/2024/

139 directories 0 files
Name Size Modified
Go up
2024-01-01 - Russian Language Cybercriminal Forums - An Excursion Into The Core Of The Underground Ecosystem/
2024-01-02 - Open Source Stealers (OSS) – Python/
2024-01-03 - Security Copilot Promptbook - Threat Actor Profile/
2024-01-03 - Ukraine Targeted by UAC-0050 Using Remcos RAT Pipe Method for Evasion/
2024-01-04 - Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware/
2024-01-04 - Hunting for Cobalt Strike in PCAP/
2024-01-04 - Qakbot Returns/
2024-01-05 - AsyncRAT loader - Obfuscation, DGAs, decoys and Govno/
2024-01-05 - DarkGate from AutoIT to Shellcode Execution/
2024-01-05 - Turkish espionage campaigns in the Netherlands/
2024-01-06 - Technical Analysis of recent Pikabot Core Module/
2024-01-06 - Understanding Internals of SmokeLoader/
2024-01-07 - INC Linux Ransomware - Sandboxing with ELFEN and Analysis/
2024-01-08 - Deceptive Cracked Software Spreads Lumma Variant on YouTube/
2024-01-08 - Mastercard Data Leak, New Fully Undetectable Ransomware, Elusive Stealer Source Code Leak, and More/
2024-01-09 - Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police/
2024-01-09 - Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign/
2024-01-09 - Data Insights on AgentTesla and OriginLogger Victims/
2024-01-09 - IcedID – Technical Malware Analysis [Second Stage]/
2024-01-09 - New RE#TURGENCE Attack Campaign- Turkish Hackers Target MSSQL Servers to Deliver Domain-Wide MIMIC Ransomware/
2024-01-10 - Analysis of an Info Stealer — Chapter 2 - The iOS App/
2024-01-10 - Analyzing APT28’s OCEANMAP Backdoor & Exploring its C2 Server Artifacts/
2024-01-10 - Atomic Stealer rings in the new year with updated version/
2024-01-11 - Clearing the Fog of War – A critical analysis of recent energy sector cyberattacks in Denmark and Ukraine/
2024-01-12 - Cutting Edge - Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation/
2024-01-12 - CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign/
2024-01-12 - Sneaky Azorult Back in Action and Goes Undetected/
2024-01-15 - A Victim of Mallox Ransomware - How Truesec CSIRT Fought Back/
2024-01-15 - An Introduction to Reverse Engineering .NET AOT Applications/
2024-01-15 - From Russia With Code - Disarming Atomic Stealer/
2024-01-15 - Hunting AsyncRAT & QuasarRAT/
2024-01-16 - Detailed Analysis of DarkGate; Investigating new top-trend backdoor malware/
2024-01-16 - Keyhole Analysis/
2024-01-16 - P2PInfect Worm Evolves to Target a New Platform/
2024-01-17 - Enter The Gates - An Analysis of the DarkGate AutoIt Loader/
2024-01-17 - New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs/
2024-01-17 - Whispers of Atlantida - Safeguarding Your Digital Treasure/
2024-01-18 - Chae$ Chronicles - Version 4.1 Dedicated to Morphisec Researchers/
2024-01-18 - Detect Mortis Locker Ransomware with YARA/
2024-01-18 - Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware/
2024-01-19 - Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021/
2024-01-19 - npm Package Found Delivering Sophisticated RAT/
2024-01-19 - Parrot TDS - A Persistent and Evolving Malware Campaign/
2024-01-19 - Zloader - No Longer Silent in the Night/
2024-01-21 - A Look into PlugX Kernel driver/
2024-01-22 - Cactus Ransomware/
2024-01-22 - Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web/
2024-01-22 - Pikabot distirbution methods and capabilities/
2024-01-22 - ScarCruft - Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals/
2024-01-23 - CherryLoader - A New Go-based Loader Discovered in Recent Intrusions/
2024-01-23 - Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver/
2024-01-23 - NetSupport RAT hits again with new IOCs/
2024-01-23 - Stately Taurus Targets Myanmar Amidst Concerns over Military Junta’s Handling of Rebel Attacks/
2024-01-24 - Layers of Deception - Analyzing the Complex Stages of XLoader 4.3 Malware Evolution/
2024-01-24 - The Endless Struggle Against APT10- Insights from LODEINFO v0.6.6 - v0.7.3 Analysis/
2024-01-25 - Midnight Blizzard - Guidance for responders on nation-state attack/
2024-01-25 - NSPX30 - A sophisticated AitM-enabled implant evolving since 2005/
2024-01-26 - Russian APT Operation - Star Blizzard/
2024-01-29 - Blackwood APT Group Has a New DLL Loader/
2024-01-29 - HeadCrab 2.0 - Evolving Threat in Redis Malware Landscape/
2024-01-29 - KrustyLoader - Rust malware linked to Ivanti ConnectSecure compromises/
2024-01-29 - Technical analysis of WinRAR zero-day malware and C2 protocol emulation/
2024-01-30 - DarkGate malware delivered via Microsoft Teams - detection and response/
2024-01-30 - Evolution of UNC4990 - Uncovering USB Malware's Hidden Depths/
2024-01-30 - Python’s Byte - The Rise of Scripted Ransomware/
2024-01-30 - Reporting on Volt Typhoon’s “JDY” Botnet Administration Via Tor Sparks Questions/
2024-01-30 - The Bear and The Shell- New Campaign Against Russian Opposition/
2024-01-30 - Trigona Ransomware Threat Actor Uses Mimic Ransomware/
2024-01-31 - Pawn Storm Uses Brute Force and Stealth Against High-Value Targets/
2024-01-31 - Technical analysis - The silent torrent of VileRAT/
2024-01-31 - Tracking 15 Years of Qakbot Development/
2024-02-01 - Analysis and Detection of STEADY#URSA Attack Campaign Targeting Ukraine Military Dropping New Covert SUBTLE-PAWS PowerShell Backdoor/
2024-02-01 - ESET takes part in global operation to disrupt the Grandoreiro banking trojan/
2024-02-01 - From the Depths - Analyzing the Cthulhu Stealer Malware for macOS/
2024-02-01 - Installskey Rewind 2023/
2024-02-02 - CrackedCantil Dropper Delivers Numerous Malware/
2024-02-02 - FritzFrog Botnet Expands Attack Arsenal with Log4Shell Exploits/
2024-02-02 - Practical FOFA Asset Expansion - APT-C-23 Android Malware/
2024-02-02 - Proactive response - AnyDesk, any breach/
2024-02-04 - CrackedCantil- A Malware Symphony Breakdown/
2024-02-06 - APT-K-47 Organization Launches Espionage Attacks Using a New Trojan Tool/
2024-02-06 - Unfolding Agent Tesla - The Art of Credentials Harvesting/
2024-02-07 - HijackLoader Expands Techniques to Improve Defense Evasion/
2024-02-07 - Kimsuky disguised as a Korean company signed with a valid certificate to distribute Troll Stealer/
2024-02-07 - KV-Botnet - Don’t call it a Comeback/
2024-02-07 - MAR-10448362-1.v1 Volt Typhoon/
2024-02-07 - PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure/
2024-02-07 - Raspberry Robin Keeps Riding the Wave of Endless 1-Days/
2024-02-08 - New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization/
2024-02-08 - Unmasking-the-dot-stealer/
2024-02-09 - The Phoenix Rises Again/
2024-02-10 - KrustyLoader - About stripped Rust symbol recovery/
2024-02-11 - Analysing STOP Ransomware/
2024-02-12 - The (D)Evolution of Pikabot/
2024-02-13 - Bumblebee Buzzes Back in Black/
2024-02-13 - CharmingCypress - Innovating Persistence/
2024-02-13 - Unraveling the Many Stages and Techniques Used by RedCurl-EarthKapre APT/
2024-02-13 - Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day/
2024-02-13 - What is Lumma Stealer/
2024-02-14 - My-Game Retired - Latest Changes to Gootloader/
2024-02-14 - Zloader Strikes Back/
2024-02-15 - TinyTurla Next Generation - Turla APT spies on Polish NGOs/
2024-02-16 - Malware Analysis — AgentTesla/
2024-02-16 - VOLTZITE/
2024-02-16 - Writing a Qakbot 5.0 config extractor with Malcat/
2024-02-19 - A Technical Analysis of the BackMyData Ransomware Used to Attack Hospitals in Romania/
2024-02-19 - Analysis of Nood RAT Used in Attacks Against Linux (Gh0st RAT’s Variant)/
2024-02-19 - Anatsa Trojan Returns - Targeting Europe and Expanding Its Reach/
2024-02-19 - Pelmeni Wrapper - New Wrapper of Kazuar (Turla Backdoor)/
2024-02-20 - Earth Preta Campaign Uses DOPLUGS to Target Asia/
2024-02-20 - Understanding Macros in Malware - Types, Capabilities, Case Study/
2024-02-21 - A stealthy threat uncovered - TeaBot on Google Play Store/
2024-02-21 - Automating Qakbot Malware Analysis with Binary Ninja/
2024-02-21 - Brussels spyware bombshell - Surveillance software found on officials’ phones/
2024-02-21 - Malware Analysis — Remcos RAT/
2024-02-21 - To Russia With Love - Assessing a KONNI-Backdoored Suspected Russian Consular Software Installer/
2024-02-22 - 8220 Gang Cryptomining Campaign Targets Linux & Windows Platforms/
2024-02-22 - CloudRouter - 911 Proxy Resurrected/
2024-02-22 - Doppelgänger - Russia-Aligned Influence Operation Targets Germany/
2024-02-22 - Malware Analysis - XWorm/
2024-02-22 - Scattered Spider laying new eggs/
2024-02-23 - PIKABOT, I choose you!/
2024-02-23 - Xeno RAT - A New Remote Access Trojan with Advance Capabilities/
2024-02-26 - Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples/
2024-02-26 - SEO Poisoning to Domain Control - The Gootloader Saga Continues/
2024-02-26 - UAC-0149 Attack Detection - Hackers Launch a Targeted Attack Against the Armed Forces of Ukraine, as CERT-UA Reports/
2024-02-26 - “Pantsless Data”- Decoding Chinese Cybercrime TTPs/
2024-02-27 - European diplomats targeted by SPIKEDWINE with WINELOADER/
2024-02-27 - Hunting PrivateLoader - The malware behind InstallsKey PPI service/
2024-02-27 - Unveiling Phemedrone Stealer - Threat Analysis and Detections/
2024-02-27 - When Stealers Converge - New Variant of Atomic Stealer in the Wild/
2024-02-28 - Just Carry A Ladder - Why Your EDR Let Pikabot Jump Through/
2024-02-28 - XRed Backdoor - The Hidden Threat in Trojanized Programs/
2024-02-29 - Dissecting DarkGate - Modular Malware Delivery and Persistence as a Service/
2024-02-29 - Don't get BITTER about being targeted -- fight back with the help of the community/
2024-02-29 - Novel ELF64 Remote Access Tool Embedded in Malicious PyPI Uploads/
2024-02-29 - Same Same, but Different/
2024-02-29 - The Anatomy of an ALPHA SPIDER Ransomware Attack/
2024-03-01 - Agent Tesla Analysis [Part 2 - Deobfuscation]/