|
Up
|
|
|
|
|
2020-01-01 - New Destructive Wiper “ZeroCleare” Targets Energy Sector in the Middle East.pdf
|
|
|
|
|
2020-01-01 - Repository for Python Server for PoshC2.pdf
|
|
|
|
|
2020-01-01 - The Mac Malware of 2019.pdf
|
|
|
|
|
2020-01-02 - -Nice decorating. Let me guess, Satan-- - Dot - MZP Ransomware.pdf
|
|
|
|
|
2020-01-02 - DeathRansom Part II- Attribution.pdf
|
|
|
|
|
2020-01-02 - Nice decorating. Let me guess, Satan-- - Dot - MZP Ransomware.pdf
|
|
|
|
|
2020-01-02 - The Curious Case of DeathRansom- Part I.pdf
|
|
|
|
|
2020-01-03 - Nice One, Dad- Dissecting A Rare Malware Used By Leviathan.pdf
|
|
|
|
|
2020-01-03 - Waterbear, a cyber espionage virus, has a new variant with its own anti-virus function.pdf
|
|
|
|
|
2020-01-06 - First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group.pdf
|
|
|
|
|
2020-01-06 - Pyrogenic Infostealer static analysis – Part 0x1.pdf
|
|
|
|
|
2020-01-06 - Sodinokibi Ransomware Hits Travelex, Demands $3 Million.pdf
|
|
|
|
|
2020-01-07 - Clop ransomware Notes.pdf
|
|
|
|
|
2020-01-07 - DarkRat v2.2.0.pdf
|
|
|
|
|
2020-01-07 - Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining.pdf
|
|
|
|
|
2020-01-07 - Powershell Static Analysis & Emotet results.pdf
|
|
|
|
|
2020-01-08 - Leonardo S.p.A. Data Breach Analysis.pdf
|
|
|
|
|
2020-01-08 - Naive IoT botnet wastes its time mining cryptocurrency.pdf
|
|
|
|
|
2020-01-08 - Operation AppleJeus Sequel.pdf
|
|
|
|
|
2020-01-08 - SNAKE Ransomware Is the Next Threat Targeting Business Networks.pdf
|
|
|
|
|
2020-01-08 - Threat Spotlight- Amadey Bot Targets Non-Russian Users.pdf
|
|
|
|
|
2020-01-09 - Ako, MedusaReborn.pdf
|
|
|
|
|
2020-01-09 - Man jailed for using webcam RAT to spy on women in their bedrooms.pdf
|
|
|
|
|
2020-01-09 - Not so nice after all - Afrodita Ransomware.pdf
|
|
|
|
|
2020-01-09 - PARISITE.pdf
|
|
|
|
|
2020-01-09 - PHA Family Highlights- Bread (and Friends).pdf
|
|
|
|
|
2020-01-09 - SAIGON, the Mysterious Ursnif Fork.pdf
|
|
|
|
|
2020-01-09 - ServHelper 2.0- Enriched with bot capabilities and allow remote desktop access.pdf
|
|
|
|
|
2020-01-09 - Sodinokibi Ransomware Says Travelex Will Pay, One Way or Another.pdf
|
|
|
|
|
2020-01-09 - TA428 Group abusing recent conflict between Iran and USA.pdf
|
|
|
|
|
2020-01-09 - Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets.pdf
|
|
|
|
|
2020-01-09 - What is the Hainan Xiandun Technology Development Company-.pdf
|
|
|
|
|
2020-01-10 - Sodinokibi Ransomware Hits New York Airport Systems.pdf
|
|
|
|
|
2020-01-10 - Threat spotlight- Phobos ransomware lives up to its name.pdf
|
|
|
|
|
2020-01-10 - Who is Mr Gu-.pdf
|
|
|
|
|
2020-01-11 - Sodinokibi Ransomware Publishes Stolen Data for the First Time.pdf
|
|
|
|
|
2020-01-12 - Zeus Museum Entry for Unnamed 2.pdf
|
|
|
|
|
2020-01-13 - APT27 ZxShell RootKit module updates.pdf
|
|
|
|
|
2020-01-13 - TAFOF Unpacker.pdf
|
|
|
|
|
2020-01-13 - Who else works for this cover company network-.pdf
|
|
|
|
|
2020-01-14 - Family Page for FastLoader.pdf
|
|
|
|
|
2020-01-14 - Inside of CL0P’s ransomware operation.pdf
|
|
|
|
|
2020-01-14 - Ryuk Ransomware Uses Wake-on-Lan To Encrypt Offline Devices.pdf
|
|
|
|
|
2020-01-14 - Satan ransomware rebrands as 5ss5c ransomware.pdf
|
|
|
|
|
2020-01-14 - United Nations Targeted With Emotet Malware Phishing Attack.pdf
|
|
|
|
|
2020-01-14 - Who is Mr Ding-.pdf
|
|
|
|
|
2020-01-15 - Alien Labs 2019 Analysis of Threat Groups Molerats and APT-C-37.pdf
|
|
|
|
|
2020-01-15 - Analyzing Magecart Malware – From Zero to Hero.pdf
|
|
|
|
|
2020-01-15 - APT-C-36 recent activity analysis.pdf
|
|
|
|
|
2020-01-15 - Deep Dive into the Lyceum Danbot Malware.pdf
|
|
|
|
|
2020-01-15 - Hainan Xiandun Technology Company is APT40.pdf
|
|
|
|
|
2020-01-15 - Iranian Threat Actors- Preliminary Analysis.pdf
|
|
|
|
|
2020-01-15 - MMD-0065-2020 - Linux-Mirai-Fbot's new encryption explained.pdf
|
|
|
|
|
2020-01-16 - A Curious Case of CVE-2019-19781 Palware- remove_bds.pdf
|
|
|
|
|
2020-01-16 - APT40 is run by the Hainan department of the Chinese Ministry of State Security.pdf
|
|
|
|
|
2020-01-16 - FTCODE Ransomware - New Version Includes Stealing Capabilities.pdf
|
|
|
|
|
2020-01-16 - JhoneRAT- Cloud based python RAT targeting Middle Eastern countries.pdf
|
|
|
|
|
2020-01-16 - New Outbreak of h2Miner Worms Exploiting Redis RCE Detected.pdf
|
|
|
|
|
2020-01-16 - Paradise Ransomware decryption tool.pdf
|
|
|
|
|
2020-01-16 - TrickBot Now Uses a Windows 10 UAC Bypass to Evade Detection.pdf
|
|
|
|
|
2020-01-17 - 'Friendly' hackers are seemingly fixing the Citrix server hole – and leaving a nasty present behind.pdf
|
|
|
|
|
2020-01-17 - 404 Exploit Not Found- Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor.pdf
|
|
|
|
|
2020-01-17 - Unpacking Pyrogenic-Qealler using Java agent -Part 0x2.pdf
|
|
|
|
|
2020-01-18 - New Jersey Synagogue Suffers Sodinokibi Ransomware Attack.pdf
|
|
|
|
|
2020-01-19 - Analyzing Modern Malware Techniques - Part 1.pdf
|
|
|
|
|
2020-01-19 - BayWorld event, Cyber Attack Against Foreign Trade Industry.pdf
|
|
|
|
|
2020-01-19 - VK post on PIRAT RAT.pdf
|
|
|
|
|
2020-01-20 - Behind the scenes of GandCrab’s operation.pdf
|
|
|
|
|
2020-01-20 - Dustman APT- Art of Copy-Paste.pdf
|
|
|
|
|
2020-01-20 - Linux Rekoobe Operating with New, Undetected Malware Samples.pdf
|
|
|
|
|
2020-01-20 - Ticket resellers infected with a credit card skimmer.pdf
|
|
|
|
|
2020-01-21 - BitPyLock Ransomware Now Threatens to Publish Stolen Data.pdf
|
|
|
|
|
2020-01-21 - FTCODE- taking over (a portion of) the botnet.pdf
|
|
|
|
|
2020-01-21 - Herpaderping- Security Risk or Unintended Behavior-.pdf
|
|
|
|
|
2020-01-21 - Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices.pdf
|
|
|
|
|
2020-01-21 - sLoad launches version 2.0, Starslord.pdf
|
|
|
|
|
2020-01-22 - The malware analyst’s guide to PE timestamps.pdf
|
|
|
|
|
2020-01-22 - WannaMine - Même les cybercriminels veulent avoir leur mot à dire sur le Brexit !.pdf
|
|
|
|
|
2020-01-23 - German language malspam pushes Ursnif.pdf
|
|
|
|
|
2020-01-23 - New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware.pdf
|
|
|
|
|
2020-01-23 - Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia.pdf
|
|
|
|
|
2020-01-23 - Sodinokibi Ransomware Threatens to Publish Data of Automotive Group.pdf
|
|
|
|
|
2020-01-23 - Someone is uninstalling the Phorpiex malware from infected PCs and telling users to install an antivirus.pdf
|
|
|
|
|
2020-01-23 - The DGA of a Monero Miner Downloader.pdf
|
|
|
|
|
2020-01-23 - The Fractured Statue Campaign- U.S. Government Targeted in Spear-Phishing Attacks.pdf
|
|
|
|
|
2020-01-23 - The Opposite of Fileless Malware - NodeJS Ransomware.pdf
|
|
|
|
|
2020-01-23 - TrickBot Now Steals Windows Active Directory Credentials.pdf
|
|
|
|
|
2020-01-24 - Hunting for Ransomware.pdf
|
|
|
|
|
2020-01-24 - New Ryuk Info Stealer Targets Government and Military Secrets.pdf
|
|
|
|
|
2020-01-24 - Project TajMahal IOCs and Registry Data Decrypter.pdf
|
|
|
|
|
2020-01-25 - cryptopatronum ransomware.pdf
|
|
|
|
|
2020-01-25 - Extracted Config for Ragnarok Ransomware.pdf
|
|
|
|
|
2020-01-25 - Indonesian Magecart hackers arrested.pdf
|
|
|
|
|
2020-01-25 - Olympic Ticket Reseller Magecart Infection.pdf
|
|
|
|
|
2020-01-27 - Aggah- How to run a botnet without renting a Server (for more than a year).pdf
|
|
|
|
|
2020-01-27 - Exclusive- Hackers acting in Turkey's interests believed to be behind recent cyberattacks - sources.pdf
|
|
|
|
|
2020-01-27 - Operation Night Fury- Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world.pdf
|
|
|
|
|
2020-01-27 - Phorpiex Arsenal- Part I.pdf
|
|
|
|
|
2020-01-27 - xHunt Campaign- New Watering Hole Identified for Credential Harvesting.pdf
|
|
|
|
|
2020-01-28 - Ragnarok Ransomware Targets Citrix ADC, Disables Windows Defender.pdf
|
|
|
|
|
2020-01-28 - Stopping the Press- New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator.pdf
|
|
|
|
|
2020-01-28 - Tick Group Aiming at Japanese Manufacturing.pdf
|
|
|
|
|
2020-01-28 - Tracking REvil.pdf
|
|
|
|
|
2020-01-29 - An Overhead View of the Royal Road.pdf
|
|
|
|
|
2020-01-29 - DOD contractor suffers ransomware infection.pdf
|
|
|
|
|
2020-01-29 - Malware Tries to Trump Security Software With POTUS Impeachment.pdf
|
|
|
|
|
2020-01-30 - Competitions on Russian-language cybercriminal forums- Sharing expertise or threat actor showboating-.pdf
|
|
|
|
|
2020-01-30 - Coronavirus Goes Cyber With Emotet.pdf
|
|
|
|
|
2020-01-30 - Cyber attaque à l’encontre des serveurs de Bouygues Construction.pdf
|
|
|
|
|
2020-01-30 - Emotet Technical Analysis - Part 1 Reveal the Evil Code.pdf
|
|
|
|
|
2020-01-30 - Fake Interview- The New Activity of Charming Kitten.pdf
|
|
|
|
|
2020-01-30 - New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset.pdf
|
|
|
|
|
2020-01-30 - TheCursedMurderer Ransomware.pdf
|
|
|
|
|
2020-01-30 - Trickbot Trojan Leveraging a New Windows 10 UAC Bypass.pdf
|
|
|
|
|
2020-01-30 - TrickBot Uses a New Windows 10 UAC Bypass to Launch Quietly.pdf
|
|
|
|
|
2020-01-31 - Deutsches Chemieunternehmen gehackt.pdf
|
|
|
|
|
2020-01-31 - Emutet.pdf
|
|
|
|
|
2020-01-31 - New wave of PlugX targets Hong Kong.pdf
|
|
|
|
|
2020-01-31 - RATs in the Library- Remote Access Trojans Hide in Plain -Public- Site.pdf
|
|
|
|
|
2020-01-31 - Rich Headers- leveraging this mysterious artifact of the PE format.pdf
|
|
|
|
|
2020-01-31 - Winnti Group targeting universities in Hong Kong.pdf
|
|
|
|
|
2020-02-01 - 2020 - Year of the RAT.pdf
|
|
|
|
|
2020-02-01 - FCT Ransomware.pdf
|
|
|
|
|
2020-02-02 - Agent Tesla amps up information stealing attacks.pdf
|
|
|
|
|
2020-02-02 - Defeating Sodinokibi-REvil String-Obfuscation in Ghidra.pdf
|
|
|
|
|
2020-02-03 - Analysis of a triple-encrypted AZORult downloader.pdf
|
|
|
|
|
2020-02-03 - Dissecting Emotet – Part 1.pdf
|
|
|
|
|
2020-02-03 - EKANS Ransomware and ICS Operations.pdf
|
|
|
|
|
2020-02-03 - PassLock Ransomware.pdf
|
|
|
|
|
2020-02-03 - Warzone- Behind the enemy lines.pdf
|
|
|
|
|
2020-02-04 - Analyzing Modern Malware Techniques - Part 3- A case of Powershell, Excel 4 Macros and VB6.pdf
|
|
|
|
|
2020-02-04 - Borr Malware.pdf
|
|
|
|
|
2020-02-04 - RagnarLocker Ransomware.pdf
|
|
|
|
|
2020-02-04 - Similarity between Qealler-Pyrogenic variants -Part 0x3.pdf
|
|
|
|
|
2020-02-05 - Mailto (NetWalker) Ransomware Targets Enterprise Networks.pdf
|
|
|
|
|
2020-02-05 - Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting.pdf
|
|
|
|
|
2020-02-05 - STOMP 2 DIS- Brilliance in the (Visual) Basics.pdf
|
|
|
|
|
2020-02-05 - The Hole in the Bucket- Attackers Abuse Bitbucket to Deliver an Arsenal of Malware.pdf
|
|
|
|
|
2020-02-06 - 40,000 CryptBot Downloads per Day- Bitbucket Abused as Malware Slinger.pdf
|
|
|
|
|
2020-02-06 - DNS Tunneling Series, Part 3- The Siren Song of RogueRobin.pdf
|
|
|
|
|
2020-02-06 - Finding Additional Indicators With a SeaTurtle Deep Dive in Passive DNS Within DomainTools Iris.pdf
|
|
|
|
|
2020-02-06 - Living off another land- Ransomware borrows vulnerable driver to remove security software.pdf
|
|
|
|
|
2020-02-06 - Ransomware Exploits GIGABYTE Driver to Kill AV Processes.pdf
|
|
|
|
|
2020-02-06 - Sfile Ransomware.pdf
|
|
|
|
|
2020-02-07 - APT 40 in Malaysia.pdf
|
|
|
|
|
2020-02-07 - Emotet Evolves With New Wi-Fi Spreader.pdf
|
|
|
|
|
2020-02-07 - Magecart Group 12’s Latest- Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign.pdf
|
|
|
|
|
2020-02-07 - TA505 Hackers Behind Maastricht University Ransomware Attack.pdf
|
|
|
|
|
2020-02-08 - Emotet Technical Analysis - Part 2 PowerShell Unveiled.pdf
|
|
|
|
|
2020-02-08 - MA-774.022020- MyCERT Advisory - Espionage Campaign Based On Technical Indicators.pdf
|
|
|
|
|
2020-02-08 - Reversing the Gophe SPambot- Confronting COM Code and Surmounting STL Snags.pdf
|
|
|
|
|
2020-02-10 - FBI warns about ongoing attacks against software supply chain companies.pdf
|
|
|
|
|
2020-02-10 - Hypervisor Introspection Thwarts Web Memory Corruption Attack in the Wild.pdf
|
|
|
|
|
2020-02-10 - KBOT- sometimes they come back.pdf
|
|
|
|
|
2020-02-10 - Suspected Sapphire Mushroom (APT-C-12) malicious LNK files.pdf
|
|
|
|
|
2020-02-11 - Metamorfo (aka Casbaneiro).pdf
|
|
|
|
|
2020-02-12 - CSI- Evidence Indicators for Targeted Ransomware Attacks – Part I.pdf
|
|
|
|
|
2020-02-12 - Goblin Panda APT- Recent infrastructure and RAT analysis.pdf
|
|
|
|
|
2020-02-12 - Loda RAT Grows Up.pdf
|
|
|
|
|
2020-02-13 - A Deep Dive Into Wakeup On Lan (WoL) Implementation of Ryuk.pdf
|
|
|
|
|
2020-02-13 - New Cyber Espionage Campaigns Targeting Palestinians - Part 1- The Spark Campaign.pdf
|
|
|
|
|
2020-02-13 - New Cyber Espionage Campaigns Targeting Palestinians - Part 2- The Discovery of the New, Mysterious Pierogi Backdoor.pdf
|
|
|
|
|
2020-02-13 - Playing defense against Gamaredon Group.pdf
|
|
|
|
|
2020-02-13 - Threat actors attempt to capitalize on coronavirus outbreak.pdf
|
|
|
|
|
2020-02-13 - Wireshark Tutorial- Examining Qakbot Infections.pdf
|
|
|
|
|
2020-02-14 - LokiBot- dissecting the C&C panel deployments.pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20-045A)- MAR-10265965-1.v1 - North Korean Trojan- BISTROMATH.pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20-045C).pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20-045D)- MAR-10271944-1.v1 - North Korean Trojan- HOTCROISSANT.pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20-045E)- MAR-10271944-2.v1 - North Korean Trojan- ARTFULPIE.pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20-045F)- MAR-10271944-3.v1 - North Korean Trojan- BUFFETLINE.pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20-045G)- MAR-10135536-8.v4 - North Korean Trojan- HOPLIGHT.pdf
|
|
|
|
|
2020-02-14 - Malware Analysis Report (AR20–045B)- MAR-10265965-2.v1 - North Korean Trojan- SLICKSHOES.pdf
|
|
|
|
|
2020-02-15 - Python Remote Administration Tool (RAT).pdf
|
|
|
|
|
2020-02-16 - Hamas Android Malware On IDF Soldiers-This is How it Happened.pdf
|
|
|
|
|
2020-02-17 - CLAMBLING - A New Backdoor Base On Dropbox.pdf
|
|
|
|
|
2020-02-17 - Cyberwarfare- A deep dive into the latest Gamaredon Espionage Campaign.pdf
|
|
|
|
|
2020-02-17 - Following the tracks of MageCart 12.pdf
|
|
|
|
|
2020-02-17 - Gibberish Ransomware.pdf
|
|
|
|
|
2020-02-18 - Building a bypass with MSBuild.pdf
|
|
|
|
|
2020-02-18 - Hidden in PEB Sight- Hiding Windows API Imports With a Custom Loader.pdf
|
|
|
|
|
2020-02-18 - Nearly a quarter of malware now communicates using TLS.pdf
|
|
|
|
|
2020-02-18 - Nemty Ransomware Scaling UP- APAC Mailboxes Swarmed by Dual Downloaders.pdf
|
|
|
|
|
2020-02-18 - Tracking ‘Kimsuky’, the North Korea-based cyber espionage group- Part 1.pdf
|
|
|
|
|
2020-02-18 - Uncovering DRBControl- Inside the Cyberespionage Campaign Targeting Gambling Operations.pdf
|
|
|
|
|
2020-02-18 - What’s up Emotet-.pdf
|
|
|
|
|
2020-02-19 - Azorult – what we see using our own tools.pdf
|
|
|
|
|
2020-02-19 - Uncovering New Magecart Implant Attacking eCommerce.pdf
|
|
|
|
|
2020-02-19 - Uncovering the Anonymity Cloak.pdf
|
|
|
|
|
2020-02-20 - Analysis of an Unusual HawkEye Sample.pdf
|
|
|
|
|
2020-02-20 - Croatia's largest petrol station chain impacted by cyber-attack.pdf
|
|
|
|
|
2020-02-20 - CSI- Evidence Indicators for Targeted Ransomware Attacks – Part II.pdf
|
|
|
|
|
2020-02-20 - ObliqueRAT- New RAT hits victims' endpoints via malicious documents.pdf
|
|
|
|
|
2020-02-20 - UK condemns Russia's GRU over Georgia cyber-attacks.pdf
|
|
|
|
|
2020-02-20 - 日本国内の組織を狙ったマルウエアLODEINFO.pdf
|
|
|
|
|
2020-02-21 - Exploring the Genesis Supply Chain for Fun and Profit- Part 1 – Misadventures in GUIDology.pdf
|
|
|
|
|
2020-02-21 - Transparent Tribe- Four Years Later.pdf
|
|
|
|
|
2020-02-22 - Nexus - Just another stealer.pdf
|
|
|
|
|
2020-02-22 - Weaponizing a Lazarus Group Implant- repurposing a 1st-stage loader, to execute custom 'fileless' payloads.pdf
|
|
|
|
|
2020-02-24 - Closing in on MageCart 12.pdf
|
|
|
|
|
2020-02-24 - MMD-0066-2020 - Linux-Mirai-Fbot - A re-emerged IoT threat.pdf
|
|
|
|
|
2020-02-25 - BlackKingdom Ransomware.pdf
|
|
|
|
|
2020-02-25 - DoppelPaymer Ransomware Launches Site to Post Victim's Data.pdf
|
|
|
|
|
2020-02-25 - DPRK Hidden Cobra Update- North Korean Malicious Cyber Activity.pdf
|
|
|
|
|
2020-02-25 - Mobile malware evolution 2019.pdf
|
|
|
|
|
2020-02-25 - On Sea Turtle campaign targeting Greek governmental organisations.pdf
|
|
|
|
|
2020-02-26 - (Ab)using bash-fu to analyze recent Aggah sample.pdf
|
|
|
|
|
2020-02-26 - Business as Usual For Iranian Operations Despite Increased Tensions.pdf
|
|
|
|
|
2020-02-26 - Lazarus group's Brambul worm of the former Wannacry - 1.pdf
|
|
|
|
|
2020-02-26 - Lazarus group's Brambul worm of the former Wannacry - 2.pdf
|
|
|
|
|
2020-02-26 - Revealing the Trick - A Deep Dive into TrickLoader Obfuscation.pdf
|
|
|
|
|
2020-02-26 - Sodinokibi Ransomware May Tip NASDAQ on Attacks to Hurt Stock Prices.pdf
|
|
|
|
|
2020-02-26 - What’s Dead May Never Die- AZORult Infostealer Decommissioned Again.pdf
|
|
|
|
|
2020-02-27 - Let’s Learn- Inside Parallax RAT Malware- Process Hollowing Injection & Process Doppelgänging API Mix- Part I.pdf
|
|
|
|
|
2020-02-27 - Malware “LODEINFO” Targeting Japan.pdf
|
|
|
|
|
2020-02-27 - Roaming Mantis, part V- Distributed in 2019 using SMiShing and enhanced anti-researcher techniques.pdf
|
|
|
|
|
2020-02-28 - Golang wrapper on an old obscene malware.pdf
|
|
|
|
|
2020-02-28 - Mysterious spam campaign- A security analysis.pdf
|
|
|
|
|
2020-02-28 - Trickbot Delivery Method Gets a New Upgrade Focusing on Windows 10.pdf
|
|
|
|
|
2020-02-29 - Meet the white-hat group fighting Emotet, the world's most dangerous malware.pdf
|
|
|
|
|
2020-02-29 - Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm.pdf
|
|
|
|
|
2020-03-01 - BackDoor.Spyder.1.pdf
|
|
|
|
|
2020-03-01 - CryptoDarkRubix Ransomware.pdf
|
|
|
|
|
2020-03-02 - Karkoff 2020- a new APT34 espionage operation involves Lebanon Government.pdf
|
|
|
|
|
2020-03-02 - New PwndLocker Ransomware Targeting U.S. Cities, Enterprises.pdf
|
|
|
|
|
2020-03-02 - Pažnja- Novi opasni ransomware pwndLocker i u Srbiji!.pdf
|
|
|
|
|
2020-03-02 - Pulling the PKPLUG- the adversary playbook for the long-standing espionage activity of a Chinese nation-state adversary.pdf
|
|
|
|
|
2020-03-02 - Visser, a parts manufacturer for Tesla and SpaceX, confirms data breach.pdf
|
|
|
|
|
2020-03-02 - Was Emotet anrichtet – und welche Lehren die Opfer daraus ziehen.pdf
|
|
|
|
|
2020-03-03 - GitHub Repository- winnti-sniff.pdf
|
|
|
|
|
2020-03-03 - Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations.pdf
|
|
|
|
|
2020-03-03 - Ransomware Attackers Use Your Cloud Backups Against You.pdf
|
|
|
|
|
2020-03-04 - Breaking TA505’s Crypter with an SMT Solver.pdf
|
|
|
|
|
2020-03-04 - Cobalt Strike joins Core Impact at HelpSystems, LLC.pdf
|
|
|
|
|
2020-03-04 - Ryuk Ransomware Attacked Epiq Global Via TrickBot Infection.pdf
|
|
|
|
|
2020-03-05 - [RE011] Unpack crypter của malware Netwire bằng x64dbg.pdf
|
|
|
|
|
2020-03-05 - Bisonal- 10 years of play.pdf
|
|
|
|
|
2020-03-05 - Defense contractor CPI knocked offline by ransomware attack.pdf
|
|
|
|
|
2020-03-05 - ELF_TSCookie - Linux Malware Used by BlackTech.pdf
|
|
|
|
|
2020-03-05 - Guildma- The Devil drives electric.pdf
|
|
|
|
|
2020-03-05 - GuLoader- A Popular New VB6 Downloader that Abuses Cloud Services.pdf
|
|
|
|
|
2020-03-05 - Human-operated ransomware attacks- A preventable disaster.pdf
|
|
|
|
|
2020-03-05 - MARRACRYPT RANSOMWARE ACTIVELY SPREADING IN THE WILD.pdf
|
|
|
|
|
2020-03-05 - Mokes and Buerak distributed under the guise of security certificates.pdf
|
|
|
|
|
2020-03-05 - 신천지 비상연락처 위장한 Bisonal 악성코드 유포 중.pdf
|
|
|
|
|
2020-03-06 - Dissecting Emotet - Part 2.pdf
|
|
|
|
|
2020-03-06 - Emotet Wi-Fi Spreader Upgraded.pdf
|
|
|
|
|
2020-03-07 - JavaLocker Ransomware.pdf
|
|
|
|
|
2020-03-07 - Ransomware Threatens to Reveal Company's 'Dirty' Secrets.pdf
|
|
|
|
|
2020-03-09 - New Variant of TrickBot Being Spread by Word Document.pdf
|
|
|
|
|
2020-03-09 - py.unidentified_002.pdf
|
|
|
|
|
2020-03-09 - py.unidentified_003.pdf
|
|
|
|
|
2020-03-09 - Tracking ‘Kimsuky’, the North Korea-based cyber espionage group- Part 1.pdf
|
|
|
|
|
2020-03-09 - Tracking ‘Kimsuky’, the North Korea-based cyber espionage group- Part 2.pdf
|
|
|
|
|
2020-03-10 - [RE012] Analysis of malware taking advantage of the Covid-19 epidemic to spread fake -Directive of Prime Minister Nguyen Xuan Phuc- - Part 1.pdf
|
|
|
|
|
2020-03-10 - [RE012] Phân tích mã độc lợi dụng dịch Covid-19 để phát tán giả mạo “Chỉ thị của thủ tướng Nguyễn Xuân Phúc” - Phần 1.pdf
|
|
|
|
|
2020-03-10 - APT40 goes from Template Injections to OLE-Linkings for payload delivery.pdf
|
|
|
|
|
2020-03-10 - IQY files and Paradise Ransomware.pdf
|
|
|
|
|
2020-03-10 - Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs.pdf
|
|
|
|
|
2020-03-10 - Kimsuky group- tracking the king of the spear phishing.pdf
|
|
|
|
|
2020-03-10 - New action to disrupt world’s largest online criminal network.pdf
|
|
|
|
|
2020-03-11 - Attribution is in the object- using RTF object dimensions to track APT phishing weaponizers.pdf
|
|
|
|
|
2020-03-11 - CoronaVirus Ransomware.pdf
|
|
|
|
|
2020-03-11 - RHOMBUS an ELF bot installer-dropper.pdf
|
|
|
|
|
2020-03-12 - Adamantium-Thief.pdf
|
|
|
|
|
2020-03-12 - How cybercriminals are taking advantage of COVID-19- Scams, fraud, and misinformation.pdf
|
|
|
|
|
2020-03-12 - Targeted Surveillance Attacks in Uzbekistan- An Old Threat with New Techniques.pdf
|
|
|
|
|
2020-03-12 - Teslarvng Ransomware Yakuza Ransomware.pdf
|
|
|
|
|
2020-03-12 - Tracking Turla- New backdoor delivered via Armenian watering holes.pdf
|
|
|
|
|
2020-03-12 - Vicious Panda- The COVID Campaign.pdf
|
|
|
|
|
2020-03-13 - Yet Another Active Email Campaign With Malicious Excel Files Identified.pdf
|
|
|
|
|
2020-03-14 - Nefilim Ransomware.pdf
|
|
|
|
|
2020-03-14 - RekenSom Ransomware.pdf
|
|
|
|
|
2020-03-15 - Dad! There’s A Rat In Here!.pdf
|
|
|
|
|
2020-03-15 - Has The Sun Set On The Necurs Botnet-.pdf
|
|
|
|
|
2020-03-16 - New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign.pdf
|
|
|
|
|
2020-03-16 - Shadows in the Rain.pdf
|
|
|
|
|
2020-03-16 - TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years.pdf
|
|
|
|
|
2020-03-16 - They Come in the Night- Ransomware Deployment Trends.pdf
|
|
|
|
|
2020-03-17 - New Nefilim Ransomware Threatens to Release Victims' Data.pdf
|
|
|
|
|
2020-03-17 - ProLock Ransomware.pdf
|
|
|
|
|
2020-03-18 - Coronavirus Threat Landscape Update.pdf
|
|
|
|
|
2020-03-18 - Parallax- The new RAT on the block.pdf
|
|
|
|
|
2020-03-18 - Rapport Menaces et Incidents du CERT-FR- Attaques par le rançongiciel Mespinoza-Pysa.pdf
|
|
|
|
|
2020-03-18 - Sekhmet Ransomware.pdf
|
|
|
|
|
2020-03-18 - Why would you even bother-! - JavaLocker.pdf
|
|
|
|
|
2020-03-19 - Analysis of malware taking advantage of the Covid-19 epidemic to spread fake -Directive of Prime Minister Nguyen Xuan Phuc- - Part 2.pdf
|
|
|
|
|
2020-03-19 - France warns of new ransomware gang targeting local governments.pdf
|
|
|
|
|
2020-03-19 - Is APT 27 Abusing COVID-19 To Attack People -!.pdf
|
|
|
|
|
2020-03-19 - New Android App Offers Coronavirus Safety Mask But Delivers SMS Trojan.pdf
|
|
|
|
|
2020-03-19 - New Mirai Variant Targets Zyxel Network-Attached Storage Devices.pdf
|
|
|
|
|
2020-03-19 - Phân tích mã độc lợi dụng dịch Covid-19 để phát tán giả mạo “Chỉ thị của thủ tướng Nguyễn Xuân Phúc” - Phần 2.pdf
|
|
|
|
|
2020-03-19 - RedLine Info-Stealing Malware Spread by Folding@home Phishing.pdf
|
|
|
|
|
2020-03-19 - Stantinko’s new cryptominer features unique obfuscation techniques.pdf
|
|
|
|
|
2020-03-20 - 5 Times More Coronavirus-themed Malware Reports during March.pdf
|
|
|
|
|
2020-03-20 - Analysis Of Exploitation- CVE-2020-10189 ( exploited by APT41).pdf
|
|
|
|
|
2020-03-20 - Jamba Superdeal- Helo Sir, you want to buy mask- - Corona Safety Mask SMS Scam.pdf
|
|
|
|
|
2020-03-20 - New version of chinoxy backdoor using COVID19 alerts document lure.pdf
|
|
|
|
|
2020-03-20 - The Case for Limiting Your Browser Extensions.pdf
|
|
|
|
|
2020-03-21 - Netwalker Ransomware Infecting Users via Coronavirus Phishing.pdf
|
|
|
|
|
2020-03-21 - On the Royal Road.pdf
|
|
|
|
|
2020-03-22 - COVID-19 Themes Are Being Utilized by Threat Actors of Varying Sophistication.pdf
|
|
|
|
|
2020-03-22 - Mustang Panda joins the COVID-19 bandwagon.pdf
|
|
|
|
|
2020-03-23 - Exclusive- Elite hackers target WHO as coronavirus cyberattacks spike.pdf
|
|
|
|
|
2020-03-23 - Fake “Corona Antivirus” distributes BlackNET remote administration tool.pdf
|
|
|
|
|
2020-03-23 - Fin7 APT- how billion dollar crime ring remains active after leaders’ arrest.pdf
|
|
|
|
|
2020-03-23 - Icnanker, a Linux Trojan-Downloader Protected by SHC.pdf
|
|
|
|
|
2020-03-23 - KPOT Deployed via AutoIt Script.pdf
|
|
|
|
|
2020-03-23 - Latest Astaroth living-off-the-land attacks are even more invisible but not less observable.pdf
|
|
|
|
|
2020-03-23 - Nefilim Ransomware Threatens to Expose Stolen Data.pdf
|
|
|
|
|
2020-03-23 - Snake Ransomware Analysis Updates.pdf
|
|
|
|
|
2020-03-24 - A new technique to analyze FormBook malware infections.pdf
|
|
|
|
|
2020-03-24 - Exchange Exploit Case Study – CVE-2020-0688.pdf
|
|
|
|
|
2020-03-24 - KEKW Ransomware KEKW-Locker Ransomware.pdf
|
|
|
|
|
2020-03-24 - Operation Poisoned News- Hong Kong Users Targeted With Mobile Malware via Local News Links.pdf
|
|
|
|
|
2020-03-24 - People infected with coronavirus are all around you, says Ginp Trojan.pdf
|
|
|
|
|
2020-03-24 - Three More Ransomware Families Create Sites to Leak Stolen Data.pdf
|
|
|
|
|
2020-03-24 - TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany.pdf
|
|
|
|
|
2020-03-24 - WildPressure targets industrial-related entities in the Middle East.pdf
|
|
|
|
|
2020-03-25 - How the Iranian Cyber Security Agency Detects Emissary Panda Malware.pdf
|
|
|
|
|
2020-03-25 - New Router DNS Hijacking Attacks Abuse Bitbucket to Host Infostealer.pdf
|
|
|
|
|
2020-03-25 - This Is Not a Test- APT41 Initiates Global Intrusion Campaign Using Multiple Exploits.pdf
|
|
|
|
|
2020-03-25 - Unpacking the Kwampirs RAT.pdf
|
|
|
|
|
2020-03-26 - Android Apps and Malware Capitalize on Coronavirus.pdf
|
|
|
|
|
2020-03-26 - Azorult loader stages.pdf
|
|
|
|
|
2020-03-26 - Cyber insurer Chubb had data stolen in Maze ransomware attack.pdf
|
|
|
|
|
2020-03-26 - Discover Malware Android.pdf
|
|
|
|
|
2020-03-26 - iOS exploit chain deploys LightSpy feature-rich malware.pdf
|
|
|
|
|
2020-03-26 - Ransomware Maze.pdf
|
|
|
|
|
2020-03-26 - TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer.pdf
|
|
|
|
|
2020-03-26 - Would You Exchange Your Security for a Gift Card-.pdf
|
|
|
|
|
2020-03-27 - Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics.pdf
|
|
|
|
|
2020-03-27 - Booz Allen analyzed over 200 Russian hacking operations to better understand their tactics.pdf
|
|
|
|
|
2020-03-27 - The First Stage of ShadowHammer.pdf
|
|
|
|
|
2020-03-28 - In-depth analysis of a Cerberus trojan variant.pdf
|
|
|
|
|
2020-03-30 - A New Look at Old Dragonfly Malware (Goodor).pdf
|
|
|
|
|
2020-03-30 - An old enemy – Diving into QBot part 1.pdf
|
|
|
|
|
2020-03-30 - Banking Malware Spreading via COVID-19 Relief Payment Phishing.pdf
|
|
|
|
|
2020-03-30 - Fantastic payloads and where we find them.pdf
|
|
|
|
|
2020-03-30 - The 'Spy Cloud' Operation Geumseong121 group carries out the APT attack disguising the evidence of North Korean defection.pdf
|
|
|
|
|
2020-03-30 - Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy.pdf
|
|
|
|
|
2020-03-31 - An In-depth Look at MailTo Ransomware, Part One of Three.pdf
|
|
|
|
|
2020-03-31 - FBI re-sends alert about supply chain attacks for the third time in three months.pdf
|
|
|
|
|
2020-03-31 - Holy water- ongoing targeted water-holing attack in Asia.pdf
|
|
|
|
|
2020-03-31 - Infected Zoom Apps for Android Target Work-From-Home Users.pdf
|
|
|
|
|
2020-03-31 - It’s Your Money and They Want It Now - The Cycle of Adversary Pursuit.pdf
|
|
|
|
|
2020-03-31 - LokiBot- Getting Equation Editor Shellcode.pdf
|
|
|
|
|
2020-03-31 - Storm Cloud Unleashed- Tibetan Focus of Highly Targeted Fake Flash Campaign.pdf
|
|
|
|
|
2020-03-31 - Trickbot- A primer.pdf
|
|
|
|
|
2020-03-31 - Viasat Hit with Russia’s Wiper Malware called ‘AcidRain,’ Affecting European Services.pdf
|
|
|
|
|
2020-03-31 - WannaRen Ransomware.pdf
|
|
|
|
|
2020-04-01 - Jeno Ransomware.pdf
|
|
|
|
|
2020-04-01 - Navigating Cybersecurity During a Pandemic- Latest Malware and Threat Actors.pdf
|
|
|
|
|
2020-04-01 - REvil Ransomware-as-a-Service An analysis of a ransomware affiliate operation.pdf
|
|
|
|
|
2020-04-01 - THE VOLLGAR CAMPAIGN- MS-SQL SERVERS UNDER ATTACK.pdf
|
|
|
|
|
2020-04-02 - AZORult brings friends to the party.pdf
|
|
|
|
|
2020-04-02 - Catching APT41 exploiting a zero-day vulnerability.pdf
|
|
|
|
|
2020-04-02 - CoViper locking down computers during lockdown.pdf
|
|
|
|
|
2020-04-02 - Dangerous Password.pdf
|
|
|
|
|
2020-04-02 - GuLoader- The RAT Downloader.pdf
|
|
|
|
|
2020-04-02 - Nemty Ransomware – Learning by Doing.pdf
|
|
|
|
|
2020-04-02 - Pekraut - German RAT starts gnawing.pdf
|
|
|
|
|
2020-04-03 - Grandstream and DrayTek Devices Exploited to Power New Hoaxcalls DDoS Botnet.pdf
|
|
|
|
|
2020-04-03 - GuLoader- Malspam Campaign Installing NetWire RAT.pdf
|
|
|
|
|
2020-04-03 - Kinsing Malware Attacks Targeting Container Environments.pdf
|
|
|
|
|
2020-04-03 - Microsoft- Emotet Took Down a Network by Overheating All Computers.pdf
|
|
|
|
|
2020-04-04 - Nanocore & CypherIT.pdf
|
|
|
|
|
2020-04-05 - Trojan Agent Tesla – Malware Analysis.pdf
|
|
|
|
|
2020-04-06 - [RE015] “Heaven’s Gate” An old but effective technique.pdf
|
|
|
|
|
2020-04-06 - McAfee Insights- Vicious Panda- The COVID Campaign.pdf
|
|
|
|
|
2020-04-07 - 2020-04-06 Qealler RAT Malspam.pdf
|
|
|
|
|
2020-04-07 - Decade of the RATS- Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android.pdf
|
|
|
|
|
2020-04-07 - ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework.pdf
|
|
|
|
|
2020-04-07 - Thinking Outside the Bochs- Code Grafting to Unpack Malware in Emulation.pdf
|
|
|
|
|
2020-04-07 - Unkillable xHelper and a Trojan matryoshka.pdf
|
|
|
|
|
2020-04-08 - An In-depth Look at MailTo Ransomware, Part Two of Three.pdf
|
|
|
|
|
2020-04-08 - DDG botnet, round X, is there an ending-.pdf
|
|
|
|
|
2020-04-08 - Deep Dive Into TrickBot Executor Module “mexec”- Hidden “Anchor” Bot Nexus Operations.pdf
|
|
|
|
|
2020-04-08 - Donot team organization (APT-C-35) mobile terminal attack activity analysis.pdf
|
|
|
|
|
2020-04-08 - How Cyber Adversaries are Adapting to Exploit the Global Pandemic.pdf
|
|
|
|
|
2020-04-08 - Ransomware NetWalker- análisis y medidas preventivas.pdf
|
|
|
|
|
2020-04-09 - Malware analysis (Emergency inquiry for Coronavirus response in Jeollanam-do.hwp).pdf
|
|
|
|
|
2020-04-09 - SDBbot Unpacker.pdf
|
|
|
|
|
2020-04-09 - Travelex paid hackers $2.3 million worth of Bitcoin after ransomware attack.pdf
|
|
|
|
|
2020-04-09 - TrickBot Emerges with a Few New Tricks.pdf
|
|
|
|
|
2020-04-10 - An In-depth Look at MailTo Ransomware, Part Three of Three.pdf
|
|
|
|
|
2020-04-10 - Threat Actors Migrating to the Cloud.pdf
|
|
|
|
|
2020-04-10 - Void Ransomware.pdf
|
|
|
|
|
2020-04-11 - Sodinokibi Ransomware to stop taking Bitcoin to hide money trail.pdf
|
|
|
|
|
2020-04-12 - Dynamic analysis technique to get decrypted KPOT Malware.pdf
|
|
|
|
|
2020-04-13 - APT41 Using New Speculoos Backdoor to Target Organizations Globally.pdf
|
|
|
|
|
2020-04-13 - GuLoader delivers RATs and Spies in Disguise.pdf
|
|
|
|
|
2020-04-13 - How Analysing an AgentTesla Could Lead To Attackers Inbox - Part I.pdf
|
|
|
|
|
2020-04-13 - New Mozi Malware Family Quietly Amasses IoT Bots.pdf
|
|
|
|
|
2020-04-13 - The Blame Game - About False Flags and overwritten MBRs.pdf
|
|
|
|
|
2020-04-13 - Threat Spotlight- Gootkit Banking Trojan.pdf
|
|
|
|
|
2020-04-14 - Deobfuscating and hunting for OSTAP, Trickbot’s dropper and best friend.pdf
|
|
|
|
|
2020-04-14 - Emotet JavaScript downloader.pdf
|
|
|
|
|
2020-04-14 - Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns.pdf
|
|
|
|
|
2020-04-14 - RagnarLocker ransomware hits EDP energy giant, asks for €10M.pdf
|
|
|
|
|
2020-04-14 - TA505 Continues to Infect Networks With SDBbot RAT.pdf
|
|
|
|
|
2020-04-14 - Understanding the relationship between Emotet Ryuk and TrickBot.pdf
|
|
|
|
|
2020-04-15 - Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker.pdf
|
|
|
|
|
2020-04-15 - How Analysing an AgentTesla Could Lead To Attackers Inbox - Part II.pdf
|
|
|
|
|
2020-04-15 - Multistage FreeDom loader used in Aggah Campaign to spread Nanocore and AZORult.pdf
|
|
|
|
|
2020-04-15 - Nation-state Mobile Malware Targets Syrians with COVID-19 Lures.pdf
|
|
|
|
|
2020-04-15 - 中國駭客 HUAPI 的惡意後門程式 BiFrost 分析.pdf
|
|
|
|
|
2020-04-16 - New AgentTesla variant steals WiFi credentials.pdf
|
|
|
|
|
2020-04-16 - PoetRAT- Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors.pdf
|
|
|
|
|
2020-04-16 - Taiwan High-Tech Ecosystem Targeted by Foreign APT Group- Digital Skeleton Key Bypasses Security Measures.pdf
|
|
|
|
|
2020-04-18 - IT services giant Cognizant suffers Maze Ransomware cyber attack.pdf
|
|
|
|
|
2020-04-19 - Reversing Ryuk- A Technical Analysis of Ryuk Ransomware.pdf
|
|
|
|
|
2020-04-19 - Sadogo Ransomware.pdf
|
|
|
|
|
2020-04-20 - WINNTI GROUP- Insights From the Past.pdf
|
|
|
|
|
2020-04-21 - Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant.pdf
|
|
|
|
|
2020-04-22 - Gomorrah stealer (.NET binary).pdf
|
|
|
|
|
2020-04-22 - Nazar- A Lost Amulet.pdf
|
|
|
|
|
2020-04-22 - Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage.pdf
|
|
|
|
|
2020-04-23 - A look at the ATM-PoS malware landscape from 2017-2019.pdf
|
|
|
|
|
2020-04-23 - ESET researchers disrupt cryptomining botnet VictoryGate.pdf
|
|
|
|
|
2020-04-23 - Quick look at Nazar backdoor - Capabilities.pdf
|
|
|
|
|
2020-04-23 - Threat Actors Repurpose Hupigon in Adult Dating Attacks Targeting US Universities.pdf
|
|
|
|
|
2020-04-23 - Threat Spotlight- MedusaLocker.pdf
|
|
|
|
|
2020-04-24 - Inside -Phobos- Ransomware- -Dharma- Past & Underground.pdf
|
|
|
|
|
2020-04-24 - LockBit ransomware borrows tricks to keep up with REvil and Maze.pdf
|
|
|
|
|
2020-04-24 - LockBit ransomware IoCs.pdf
|
|
|
|
|
2020-04-24 - TrickBot -BazarBackdoor- Process Hollowing Injection Primer.pdf
|
|
|
|
|
2020-04-24 - Ursnif via LOLbins.pdf
|
|
|
|
|
2020-04-26 - 35 mil computadores foram infectados na América Latina por malware que minerava Monero.pdf
|
|
|
|
|
2020-04-26 - goCryptoLocker.pdf
|
|
|
|
|
2020-04-26 - The DGA of Zloader.pdf
|
|
|
|
|
2020-04-26 - use Ghidra to Decrypt Strings of KPOTstealer Malware.pdf
|
|
|
|
|
2020-04-27 - Group Behind TrickBot Spreads Fileless BazarBackdoor.pdf
|
|
|
|
|
2020-04-27 - Master of RATs - How to create your own Tracker.pdf
|
|
|
|
|
2020-04-27 - Quick look at Nazar's backdoor - Network Communication.pdf
|
|
|
|
|
2020-04-27 - Shade (Troldesh) ransomware shuts down and releases decryption keys.pdf
|
|
|
|
|
2020-04-27 - The LeetHozer botnet.pdf
|
|
|
|
|
2020-04-28 - Grandoreiro- How engorged can an EXE get-.pdf
|
|
|
|
|
2020-04-28 - Hiding in plain sight- PhantomLance walks into a market.pdf
|
|
|
|
|
2020-04-28 - IcedID PhotoLoader evolution.pdf
|
|
|
|
|
2020-04-28 - Loki Info Stealer Propagates through LZH Files.pdf
|
|
|
|
|
2020-04-28 - Outlaw is Back, a New Crypto-Botnet Targets European Organizations.pdf
|
|
|
|
|
2020-04-28 - Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk.pdf
|
|
|
|
|
2020-04-29 - Compromised Wordpress sites used to distribute Adwind RAT.pdf
|
|
|
|
|
2020-04-29 - Gazorp - Thieving from thieves.pdf
|
|
|
|
|
2020-04-29 - More IOCs related to PhantomLance.pdf
|
|
|
|
|
2020-04-30 - Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center.pdf
|
|
|
|
|
2020-04-30 - APT trends report Q1 2020.pdf
|
|
|
|
|
2020-04-30 - EVENTBOT- A NEW MOBILE BANKING TROJAN IS BORN.pdf
|
|
|
|
|
2020-04-30 - Lazarus APT organization uses information such as recruitment of a Western aviation giant to analyze targeted attack incidents in specific countries.pdf
|
|
|
|
|
2020-05-01 - The Many Paths Through Maze.pdf
|
|
|
|
|
2020-05-02 - Shade - Troldesh Ransomware decryption tool.pdf
|
|
|
|
|
2020-05-04 - Android SLocker Variant Uses Coronavirus Scare to Take Android Hostage.pdf
|
|
|
|
|
2020-05-04 - ATM malware targets Wincor and Diebold ATMs.pdf
|
|
|
|
|
2020-05-04 - Changes in REvil ransomware version 2.2.pdf
|
|
|
|
|
2020-05-04 - Escape from the Maze.pdf
|
|
|
|
|
2020-05-04 - Kaiji- New Chinese Linux malware turning to Golang.pdf
|
|
|
|
|
2020-05-04 - Meet NEMTY Successor, Nefilim-Nephilim Ransomware.pdf
|
|
|
|
|
2020-05-04 - Ragnarok Stopper- development of a vaccine.pdf
|
|
|
|
|
2020-05-05 - An old enemy – Diving into QBot part 3.pdf
|
|
|
|
|
2020-05-05 - APT-C-36.pdf
|
|
|
|
|
2020-05-05 - Awaiting the Inevitable Return of Emotet.pdf
|
|
|
|
|
2020-05-05 - Bärenjagd.pdf
|
|
|
|
|
2020-05-05 - Deep Analysis of Ryuk Ransomware.pdf
|
|
|
|
|
2020-05-05 - GuLoader AntiVM Techniques.pdf
|
|
|
|
|
2020-05-05 - Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks.pdf
|
|
|
|
|
2020-05-05 - Kupidon Ransomware.pdf
|
|
|
|
|
2020-05-05 - Nazar- Spirits of the Past.pdf
|
|
|
|
|
2020-05-05 - Operation Flash Cobra.pdf
|
|
|
|
|
2020-05-05 - The Dacls RAT ...now on macOS! deconstructing the mac variant of a lazarus group implant.pdf
|
|
|
|
|
2020-05-05 - Tinker Telco Soldier Spy.pdf
|
|
|
|
|
2020-05-05 - Who Is Dmitry Badin, The GRU Hacker Indicted By Germany Over The Bundestag Hacks-.pdf
|
|
|
|
|
2020-05-06 - 039- Deconstructing the Dukes- A Researcher’s Retrospective of APT29.pdf
|
|
|
|
|
2020-05-06 - Brazilian trojan banker is targeting Portuguese users using browser overlay.pdf
|
|
|
|
|
2020-05-06 - Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware.pdf
|
|
|
|
|
2020-05-06 - New Cyber Operation Targets Italy- Digging Into the Netwire Attack Chain.pdf
|
|
|
|
|
2020-05-06 - New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app.pdf
|
|
|
|
|
2020-05-06 - Shadows with a chance of BlackNix.pdf
|
|
|
|
|
2020-05-07 - Detecting COR_PROFILER manipulation for persistence.pdf
|
|
|
|
|
2020-05-07 - GoGoogle Decryption Tool.pdf
|
|
|
|
|
2020-05-07 - How to stop MortiAgent Malware using the snort rule-.pdf
|
|
|
|
|
2020-05-07 - Introducing Blue Mockingbird.pdf
|
|
|
|
|
2020-05-07 - Naikon APT- Cyber Espionage Reloaded.pdf
|
|
|
|
|
2020-05-07 - Navigating the MAZE- Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents.pdf
|
|
|
|
|
2020-05-07 - Ruhr-Universität Bochum meldet Computerangriff.pdf
|
|
|
|
|
2020-05-07 - Sodinokibi - REvil ransomware.pdf
|
|
|
|
|
2020-05-07 - The North Korean AV Anthology- a unique look on DPRK’s Anti-Virus market.pdf
|
|
|
|
|
2020-05-07 - Ursnif beacon decryptor.pdf
|
|
|
|
|
2020-05-07 - We Chat, They Watch- How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus.pdf
|
|
|
|
|
2020-05-08 - Inception.pdf
|
|
|
|
|
2020-05-08 - Naikon’s Aria.pdf
|
|
|
|
|
2020-05-09 - ClodCore- A malware family that delivers mining modules through cloud control.pdf
|
|
|
|
|
2020-05-09 - Turkey targeted by Cerberus and Anubis Android banking Trojan campaigns.pdf
|
|
|
|
|
2020-05-10 - The Duties Beyond Assisting the Public- Darknet Threats Against Canadian Health & Support Organizations.pdf
|
|
|
|
|
2020-05-11 - Astaroth - Maze of obfuscation and evasion reveals dark stealer.pdf
|
|
|
|
|
2020-05-11 - New MacOS Dacls RAT Backdoor Show Lazarus’ Multi-Platform Attack Capability.pdf
|
|
|
|
|
2020-05-11 - New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability.pdf
|
|
|
|
|
2020-05-11 - ProLock malware analysis.pdf
|
|
|
|
|
2020-05-11 - Ransomware Hit ATM Giant Diebold Nixdorf.pdf
|
|
|
|
|
2020-05-11 - Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT.pdf
|
|
|
|
|
2020-05-11 - The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration.pdf
|
|
|
|
|
2020-05-11 - Trojan Lampion is back after 3 months.pdf
|
|
|
|
|
2020-05-11 - Updated BackConfig Malware Targeting Government and Military Organizations in South Asia.pdf
|
|
|
|
|
2020-05-11 - Zeus Sphinx Back in Business- Some Core Modifications Arise.pdf
|
|
|
|
|
2020-05-12 - Analyzing Dark Crystal RAT, a C# backdoor.pdf
|
|
|
|
|
2020-05-12 - Analyzing Dark Crystal RAT, a CSharp backdoor.pdf
|
|
|
|
|
2020-05-12 - Evading Detection with Excel 4.0 Macros and the BIFF8 XLS Format.pdf
|
|
|
|
|
2020-05-12 - Java RAT Campaign Targets Co-Operative Banks in India.pdf
|
|
|
|
|
2020-05-12 - MAR-10288834-1.v1 – North Korean Remote Access Tool- COPPERHEDGE.pdf
|
|
|
|
|
2020-05-12 - MAR-10288834-2.v1 – North Korean Trojan- TAINTEDSCRIBE.pdf
|
|
|
|
|
2020-05-12 - MAR-10288834-3.v1 – North Korean Trojan- PEBBLEDASH.pdf
|
|
|
|
|
2020-05-12 - Maze ransomware- extorting victims for 1 year and counting.pdf
|
|
|
|
|
2020-05-12 - Tropic Trooper’s Back- USBferry Attack Targets Air-gapped Environments.pdf
|
|
|
|
|
2020-05-13 - Access-as-a-Service – Remote Access Markets in the Cybercrime Underground.pdf
|
|
|
|
|
2020-05-13 - Global Ransomware and Cyberattacks on Healthcare Spike during Pandemic.pdf
|
|
|
|
|
2020-05-13 - Malware Analysis Spotlight- Rhino Ransomware.pdf
|
|
|
|
|
2020-05-13 - Ramsay- A cyber‑espionage toolkit tailored for air‑gapped networks.pdf
|
|
|
|
|
2020-05-14 - APT Group Planted Backdoors Targeting High Profile Networks in Central Asia.pdf
|
|
|
|
|
2020-05-14 - ATT&CKing ProLock Ransomware.pdf
|
|
|
|
|
2020-05-14 - COMpfun authors spoof visa application with HTTP status-based Trojan.pdf
|
|
|
|
|
2020-05-14 - Deep Dive Into TrickBot Executor Module “mexec”- Reversing the Dropper Variant.pdf
|
|
|
|
|
2020-05-14 - LOLSnif – Tracking Another Ursnif-Based Targeted Campaign.pdf
|
|
|
|
|
2020-05-14 - Mikroceen- Spying backdoor leveraged in high‑profile networks in Central Asia.pdf
|
|
|
|
|
2020-05-14 - Mirai and Hoaxcalls Botnets Target Legacy Symantec Web Gateways.pdf
|
|
|
|
|
2020-05-14 - Netwalker Ransomware- [API Call Obfuscation (using Structure) and Evading Memory Forensic].pdf
|
|
|
|
|
2020-05-14 - QNodeService- Node.js Trojan Spread via Covid-19 Lure.pdf
|
|
|
|
|
2020-05-14 - RATicate- an attacker’s waves of information-stealing malware.pdf
|
|
|
|
|
2020-05-14 - The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey.pdf
|
|
|
|
|
2020-05-14 - Vendetta - new threat actor from Europe.pdf
|
|
|
|
|
2020-05-15 - A Guide to macOS Threat Hunting and Incident Response.pdf
|
|
|
|
|
2020-05-15 - DBatLoader.pdf
|
|
|
|
|
2020-05-15 - In depth analysis of Lazarus validator.pdf
|
|
|
|
|
2020-05-16 - High Performance Hackers.pdf
|
|
|
|
|
2020-05-17 - CrowdStrike Falcon Detects Kernel Attacks Exploiting Vulnerable Dell Driver (CVE-2021-21551).pdf
|
|
|
|
|
2020-05-18 - DarkSide Goes Dark- How CrowdStrike Falcon Customers Were Protected.pdf
|
|
|
|
|
2020-05-18 - Eleethub- A Cryptocurrency Mining Botnet with Rootkit for Self-Hiding.pdf
|
|
|
|
|
2020-05-18 - FBI- ProLock ransomware gains access to victim networks via Qakbot infections.pdf
|
|
|
|
|
2020-05-18 - Looking Back at LiteDuke.pdf
|
|
|
|
|
2020-05-18 - Microcin Decryptor.pdf
|
|
|
|
|
2020-05-18 - Netwalker Fileless Ransomware Injected via Reflective Loading.pdf
|
|
|
|
|
2020-05-18 - Ransomware Gang Arrested for Spreading Locky to Hospitals.pdf
|
|
|
|
|
2020-05-19 - Information Stealer Campaign Targeting German HR Contacts.pdf
|
|
|
|
|
2020-05-19 - Netwalker Ransomware - From Static Reverse Engineering to Automatic Extraction.pdf
|
|
|
|
|
2020-05-19 - NetWalker Ransomware Group Enters Advanced Targeting “Game”.pdf
|
|
|
|
|
2020-05-19 - Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia.pdf
|
|
|
|
|
2020-05-19 - The wolf is back....pdf
|
|
|
|
|
2020-05-19 - TrickBot BazarLoader In-Depth.pdf
|
|
|
|
|
2020-05-20 - GhostDNS Source Code Leaked.pdf
|
|
|
|
|
2020-05-20 - Latest Version of Amadey Introduces Screen Capturing and Pushes the Remcos RAT.pdf
|
|
|
|
|
2020-05-20 - Operation TA505- how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet.pdf
|
|
|
|
|
2020-05-20 - The Gocgle Malicious Campaign.pdf
|
|
|
|
|
2020-05-20 - Unloading the GuLoader.pdf
|
|
|
|
|
2020-05-20 - What happened between the BigBadWolf and the Tiger-.pdf
|
|
|
|
|
2020-05-20 - Why On-Device Detection Matters- New Ramsay Trojan Targets Air-Gapped Networks.pdf
|
|
|
|
|
2020-05-20 - ZLoader Loads Again- New ZLoader Variant Returns.pdf
|
|
|
|
|
2020-05-21 - A brief history of TA505.pdf
|
|
|
|
|
2020-05-21 - Asnarök attackers twice modified attack midstream.pdf
|
|
|
|
|
2020-05-21 - Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers.pdf
|
|
|
|
|
2020-05-21 - Blox Tales #6- Subpoena-Themed Phishing With CAPTCHA Redirect.pdf
|
|
|
|
|
2020-05-21 - Blox Tales 6 - Subpoena-Themed Phishing With CAPTCHA Redirect.pdf
|
|
|
|
|
2020-05-21 - Navigating MAZE- Analysis of a Rising Ransomware Threat.pdf
|
|
|
|
|
2020-05-21 - No “Game over” for the Winnti Group.pdf
|
|
|
|
|
2020-05-21 - Ragnar Locker ransomware deploys virtual machine to dodge security.pdf
|
|
|
|
|
2020-05-21 - T1055 Process Injection.pdf
|
|
|
|
|
2020-05-21 - The Evolution of APT15’s Codebase 2020.pdf
|
|
|
|
|
2020-05-22 - Analysis of Ramsay components of Darkhotel's infiltration and isolation network.pdf
|
|
|
|
|
2020-05-22 - Cyber-Criminal espionage Operation insists on Italian Manufacturing.pdf
|
|
|
|
|
2020-05-22 - Insidious Android malware gives up all malicious features but one to gain stealth.pdf
|
|
|
|
|
2020-05-22 - Operation TA505- investigating the ServHelper backdoor with NetSupport RAT. Part 2..pdf
|
|
|
|
|
2020-05-22 - ThreatConnect Research Roundup- Possible APT33 Infrastructure.pdf
|
|
|
|
|
2020-05-23 - AgentTesla Delivered via a Malicious PowerPoint Add-In.pdf
|
|
|
|
|
2020-05-24 - Examining Smokeloader’s Anti Hooking technique.pdf
|
|
|
|
|
2020-05-24 - Operation TA505- network infrastructure. Part 3..pdf
|
|
|
|
|
2020-05-24 - Reverse Engineering the Mustang Panda PlugX Loader.pdf
|
|
|
|
|
2020-05-24 - Using AI to Detect Malicious C2 Traffic.pdf
|
|
|
|
|
2020-05-24 - Zloader String Obfuscation.pdf
|
|
|
|
|
2020-05-25 - Hangul malware distributed in real estate investment related emails (using EPS).pdf
|
|
|
|
|
2020-05-26 - A former DarkSide listing shows up on REvil’s leak site.pdf
|
|
|
|
|
2020-05-26 - ACIDBOX Clustering.pdf
|
|
|
|
|
2020-05-26 - Alert (AA21-116A)- Russian Foreign Intelligence Service (SVR) Cyber Operations- Trends and Best Practices for Network Defenders.pdf
|
|
|
|
|
2020-05-26 - Falcon Complete Disrupts Malvertising Campaign Targeting AnyDesk.pdf
|
|
|
|
|
2020-05-26 - From Agent.BTZ to ComRAT v4- A ten‑year journey.pdf
|
|
|
|
|
2020-05-26 - Know Your Enemy- Exploiting the Dell BIOS Driver Vulnerability to Defend Against It.pdf
|
|
|
|
|
2020-05-26 - New [F]Unicorn ransomware hits Italy via fake COVID-19 infection map.pdf
|
|
|
|
|
2020-05-26 - The EU’s Response to SolarWinds.pdf
|
|
|
|
|
2020-05-26 - The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks.pdf
|
|
|
|
|
2020-05-26 - Weaponized Disk Image Files- Analysis, Trends and Remediation.pdf
|
|
|
|
|
2020-05-27 - Detecting Rclone – An Effective Tool for Exfiltration.pdf
|
|
|
|
|
2020-05-27 - Netwalker ransomware tools give insight into threat actor.pdf
|
|
|
|
|
2020-05-28 - Analysis of recent rattlesnake APT attacks against surrounding countries and regions.pdf
|
|
|
|
|
2020-05-28 - Berlin seeks sanctions against Russian hackers over Bundestag cyberattack.pdf
|
|
|
|
|
2020-05-28 - CSA Sandworm Actors Exploiting Vulnerability in Exim Transfer Agent.pdf
|
|
|
|
|
2020-05-28 - DarkSide Pipeline Attack Shakes Up the Ransomware-as-a-Service Landscape.pdf
|
|
|
|
|
2020-05-28 - German intelligence agencies warn of Russian hacking threats to critical infrastructure.pdf
|
|
|
|
|
2020-05-28 - Goodbye Mworm, Hello Nworm- TrickBot Updates Propagation Module.pdf
|
|
|
|
|
2020-05-28 - Israeli official confirms attempted cyberattack on water systems.pdf
|
|
|
|
|
2020-05-28 - Michigan State University network breached in ransomware attack.pdf
|
|
|
|
|
2020-05-28 - Microsoft IIS servers hacked by Blue Mockingbird to mine Monero.pdf
|
|
|
|
|
2020-05-28 - NSA- Russia's Sandworm Hackers Have Hijacked Mail Servers.pdf
|
|
|
|
|
2020-05-28 - Russische Bären unter Hackerverdacht.pdf
|
|
|
|
|
2020-05-28 - Self-described “king of fraud” is convicted for role in Methbot scam.pdf
|
|
|
|
|
2020-05-28 - Silos of Excellence.pdf
|
|
|
|
|
2020-05-28 - Suspected Naikon DGA Domains.pdf
|
|
|
|
|
2020-05-28 - SysInTURLA.pdf
|
|
|
|
|
2020-05-28 - The Masked SYNger- Investigating a Traffic Phenomenon.pdf
|
|
|
|
|
2020-05-28 - The Octopus Scanner Malware- Attacking the open source supply chain.pdf
|
|
|
|
|
2020-05-28 - The zero-day exploits of Operation WizardOpium.pdf
|
|
|
|
|
2020-05-28 - Valak- More than Meets the Eye.pdf
|
|
|
|
|
2020-05-29 - Phishers Cast a Wider Net in the African Banking Sector.pdf
|
|
|
|
|
2020-05-29 - Secret Chats Show How Cybergang Became a Ransomware Powerhouse.pdf
|
|
|
|
|
2020-05-29 - ShellReset RAT Spread Through Macro-Based Documents Using AppLocker Bypass.pdf
|
|
|
|
|
2020-05-30 - Exposing the UAE’s Underground Digital Dangers- The Attack Surface of One of the Most Digitally Advanced Countries in the Arab World.pdf
|
|
|
|
|
2020-05-31 - Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses.pdf
|
|
|
|
|
2020-05-31 - Hacker Lexicon- What Is a Supply Chain Attack-.pdf
|
|
|
|
|
2020-05-31 - IT threat evolution Q1 2021.pdf
|
|
|
|
|
2020-05-31 - Ransomware Avaddon- principales características.pdf
|
|
|
|
|
2020-05-31 - Revisiting the NSIS-based crypter.pdf
|
|
|
|
|
2020-05-31 - Russian hacker Pavel Sitnikov arrested for sharing malware source code.pdf
|
|
|
|
|
2020-05-31 - String Obfuscation in the Hamweq IRC-bot.pdf
|
|
|
|
|
2020-05-31 - WastedLoader or DridexLoader-.pdf
|
|
|
|
|
2020-06-01 - In-depth analysis of a trojan banker impacting Portugal and Brazil.pdf
|
|
|
|
|
2020-06-02 - Evolution of Excel 4.0 Macro Weaponization.pdf
|
|
|
|
|
2020-06-02 - Hunting Malicious Macros.pdf
|
|
|
|
|
2020-06-02 - In-depth analysis of the new Team9 malware family.pdf
|
|
|
|
|
2020-06-02 - Mustang Panda Recent Activity- Dll-Sideloading trojans with temporal C2 servers.pdf
|
|
|
|
|
2020-06-02 - PebbleDash - Lazarus - HiddenCobra RAT.pdf
|
|
|
|
|
2020-06-02 - REvil ransomware gang launches auction site to sell stolen data.pdf
|
|
|
|
|
2020-06-02 - Ursnif-Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass.pdf
|
|
|
|
|
2020-06-03 - Cycldek- Bridging the (air) gap.pdf
|
|
|
|
|
2020-06-03 - New LNK attack tied to Higaisa APT discovered.pdf
|
|
|
|
|
2020-06-03 - Ransomware gang says it breached one of NASA's IT contractors.pdf
|
|
|
|
|
2020-06-03 - The WizardOpium LPE- Exploiting CVE-2019-1458.pdf
|
|
|
|
|
2020-06-03 - Threat Assessment- Hangover Threat Group.pdf
|
|
|
|
|
2020-06-04 - COVID-19 and New Year greetings- an investigation into the tools and methods used by the Higaisa group.pdf
|
|
|
|
|
2020-06-04 - Nuclear missile contractor hacked in Maze ransomware attack.pdf
|
|
|
|
|
2020-06-04 - Threat Spotlight- Tycoon Ransomware Targets Education and Software Sectors.pdf
|
|
|
|
|
2020-06-05 - Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19.pdf
|
|
|
|
|
2020-06-05 - Avaddon- From seeking affiliates to in-the-wild in 2 days.pdf
|
|
|
|
|
2020-06-05 - Evasion Tactics in Hybrid Credit Card Skimmers.pdf
|
|
|
|
|
2020-06-05 - New Campaign Abusing StackBlitz Tool to Host Phishing Pages.pdf
|
|
|
|
|
2020-06-05 - New Tekya Ad Fraud Found on Google Play.pdf
|
|
|
|
|
2020-06-05 - Retread Ransomware- Identifying Satana to Understand -CoronaVirus-.pdf
|
|
|
|
|
2020-06-05 - The Gh0st Remains the Same.pdf
|
|
|
|
|
2020-06-07 - Dealing with Obfuscated Macros Statically - NanoCore.pdf
|
|
|
|
|
2020-06-08 - A Guide to macOS Threat Hunting and Incident Response.pdf
|
|
|
|
|
2020-06-08 - Analysis of Valak Maldoc.pdf
|
|
|
|
|
2020-06-08 - Dark Nexus- the old, the new and the ugly.pdf
|
|
|
|
|
2020-06-08 - eCh0raix Ransomware.pdf
|
|
|
|
|
2020-06-08 - German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign.pdf
|
|
|
|
|
2020-06-08 - GuLoader- No, CloudEyE..pdf
|
|
|
|
|
2020-06-08 - Honda investigates possible ransomware attack, networks impacted.pdf
|
|
|
|
|
2020-06-08 - New Avaddon Ransomware launches in massive smiley spam campaign.pdf
|
|
|
|
|
2020-06-08 - TA410- The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware.pdf
|
|
|
|
|
2020-06-08 - The A1 Telekom Austria Hack.pdf
|
|
|
|
|
2020-06-09 - CobaltStrikeParser.pdf
|
|
|
|
|
2020-06-09 - Dark Basin Indicators of Compromise.pdf
|
|
|
|
|
2020-06-09 - Dark Basin Uncovering a Massive Hack-For-Hire Operation.pdf
|
|
|
|
|
2020-06-09 - Honda and Enel impacted by cyber attack suspected to be ransomware.pdf
|
|
|
|
|
2020-06-09 - Kingminer escalates attack complexity for cryptomining.pdf
|
|
|
|
|
2020-06-09 - Looking at Big Threats Using Code Similarity. Part 1.pdf
|
|
|
|
|
2020-06-09 - Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code.pdf
|
|
|
|
|
2020-06-09 - RagnarLocker Ransomware Threatens to Release Confidential Information.pdf
|
|
|
|
|
2020-06-09 - Recent FK_Undead rootkit samples found in the wild.pdf
|
|
|
|
|
2020-06-09 - Valak Malware and the Connection to Gozi Loader ConfCrew.pdf
|
|
|
|
|
2020-06-09 - Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection.pdf
|
|
|
|
|
2020-06-10 - FlowCloud Version 4.1.3 Malware Analysis.pdf
|
|
|
|
|
2020-06-10 - FRat Reporting, YARA, and IoCs.pdf
|
|
|
|
|
2020-06-10 - Harmful Logging - Diving into MassLogger.pdf
|
|
|
|
|
2020-06-10 - MassLogger - Frankenstein's Creation.pdf
|
|
|
|
|
2020-06-10 - Misconfigured Kubeflow workloads are a security risk.pdf
|
|
|
|
|
2020-06-10 - Unpacking Smokeloader and Reconstructing PE Programatically using LIEF.pdf
|
|
|
|
|
2020-06-11 - #ThreatThursday - Buhtrap.pdf
|
|
|
|
|
2020-06-11 - All You Need Is Text- Second Wave.pdf
|
|
|
|
|
2020-06-11 - API Hashing in the Zloader malware.pdf
|
|
|
|
|
2020-06-11 - Gamaredon group grows its game.pdf
|
|
|
|
|
2020-06-11 - New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa.pdf
|
|
|
|
|
2020-06-11 - Phishing Attacks from Earth Empusa Reveal ActionSpy.pdf
|
|
|
|
|
2020-06-11 - Qbot Banking Trojan Still Up to Its Old Tricks.pdf
|
|
|
|
|
2020-06-11 - SNOWSTORM- Hacker-for-hire and physical surveillance targeted financial analyst.pdf
|
|
|
|
|
2020-06-11 - The Return of the Higaisa APT.pdf
|
|
|
|
|
2020-06-11 - ThreatThursday - Buhtrap.pdf
|
|
|
|
|
2020-06-11 - Tor2Mine is up to their old tricks — and adds a few new ones.pdf
|
|
|
|
|
2020-06-11 - マルウエアLODEINFOの進化 (Evolution of Malware LODEINFO).pdf
|
|
|
|
|
2020-06-12 - Probable Sandworm Infrastructure.pdf
|
|
|
|
|
2020-06-12 - Trickbot Malspam Leveraging Black Lives Matter as Lure.pdf
|
|
|
|
|
2020-06-12 - What is the Gibberish Hack-.pdf
|
|
|
|
|
2020-06-13 - Black Kingdom ransomware (TTPs & IOC).pdf
|
|
|
|
|
2020-06-13 - Black Kingdom ransomware hacks networks with Pulse VPN flaws.pdf
|
|
|
|
|
2020-06-13 - TroyStealer – A new info stealer targeting Portuguese Internet users.pdf
|
|
|
|
|
2020-06-14 - CTI is Better Served with Context- Getting better value from IOCs.pdf
|
|
|
|
|
2020-06-14 - Deep-dive- The DarkHotel APT.pdf
|
|
|
|
|
2020-06-15 - Global Malicious Spam Campaign Using Black Lives Matter as a Lure.pdf
|
|
|
|
|
2020-06-15 - India- Human Rights Defenders Targeted by a Coordinated Spyware Operation.pdf
|
|
|
|
|
2020-06-15 - Magecart strikes amid Corona lockdown.pdf
|
|
|
|
|
2020-06-15 - Quarterly report- Incident Response trends in Summer 2020.pdf
|
|
|
|
|
2020-06-15 - Striking Back at Retired Cobalt Strike- A look at a legacy vulnerability.pdf
|
|
|
|
|
2020-06-15 - Web skimmers found on the websites of Intersport, Claire's, and Icing.pdf
|
|
|
|
|
2020-06-16 - Chipmaker MaxLinear reports data breach after Maze Ransomware attack.pdf
|
|
|
|
|
2020-06-16 - Cloud Threat Landscape Report 2020,pdf.pdf
|
|
|
|
|
2020-06-16 - Cobalt- tactics and tools update.pdf
|
|
|
|
|
2020-06-16 - CrystalBit - Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign.pdf
|
|
|
|
|
2020-06-16 - ELF Malware Analysis 101- Linux Threats No Longer an Afterthought.pdf
|
|
|
|
|
2020-06-16 - Exploiting a crisis- How cybercriminals behaved during the outbreak.pdf
|
|
|
|
|
2020-06-16 - New Java STRRAT ships with .crimson ransomware module.pdf
|
|
|
|
|
2020-06-16 - QakBot malspam leading to ProLock- Nothing personal just business.pdf
|
|
|
|
|
2020-06-16 - TA505 returns with a new bag of tricks.pdf
|
|
|
|
|
2020-06-16 - The Little Ransomware That Couldn’t (Dharma).pdf
|
|
|
|
|
2020-06-17 - A Click from the Backyard - Analysis of CVE-2020-9332, a Vulnerable USB Redirection Software.pdf
|
|
|
|
|
2020-06-17 - AcidBox- Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations.pdf
|
|
|
|
|
2020-06-17 - ATT&CK® Deep Dive- Process Injection.pdf
|
|
|
|
|
2020-06-17 - deICEr- A Go tool for extracting config from IcedID second stage Loaders.pdf
|
|
|
|
|
2020-06-17 - Detecting PoshC2 – Indicators of Compromise.pdf
|
|
|
|
|
2020-06-17 - Die erste Cyberwaffe und ihre Folgen.pdf
|
|
|
|
|
2020-06-17 - Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature.pdf
|
|
|
|
|
2020-06-17 - RansomEXX Ransomware.pdf
|
|
|
|
|
2020-06-17 - Targeted attacks on industrial companies using Snake ransomware.pdf
|
|
|
|
|
2020-06-18 - #ThreatThursday - APT33.pdf
|
|
|
|
|
2020-06-18 - Behind the scenes of the Emotet Infrastructure.pdf
|
|
|
|
|
2020-06-18 - COVID-19 and FMLA Campaigns used to install new IcedID banking malware.pdf
|
|
|
|
|
2020-06-18 - Digging up InvisiMole’s hidden arsenal.pdf
|
|
|
|
|
2020-06-18 - EKANS Ransomware Misconceptions and Misunderstandings.pdf
|
|
|
|
|
2020-06-18 - Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey.pdf
|
|
|
|
|
2020-06-18 - Hiding In Plain Sight.pdf
|
|
|
|
|
2020-06-18 - Inside Microsoft Threat Protection- Mapping attack chains from cloud to endpoint (APT33-HOLMIUM).pdf
|
|
|
|
|
2020-06-18 - Maze ransomware continues to be a threat to the consumers.pdf
|
|
|
|
|
2020-06-18 - Office 365 Phishing Campaign Exploits Samsung, Adobe and Oxford Servers.pdf
|
|
|
|
|
2020-06-18 - ThreatThursday - APT33.pdf
|
|
|
|
|
2020-06-19 - Copy-paste compromises.pdf
|
|
|
|
|
2020-06-19 - Dridex- the secret in a PostMessage().pdf
|
|
|
|
|
2020-06-19 - Further Evasion in the Forgotten Corners of MS-XLS.pdf
|
|
|
|
|
2020-06-19 - Microcin is here With asynchronous sockets, steganography, GitLab ban and a sock.pdf
|
|
|
|
|
2020-06-19 - Microcin is here.pdf
|
|
|
|
|
2020-06-19 - Targeted Attack Leverages India-China Border Dispute to Lure Victims.pdf
|
|
|
|
|
2020-06-19 - The eagle eye is back- old and new backdoors from APT30.pdf
|
|
|
|
|
2020-06-19 - zloader- VBA, R1C1 References, and Other Tomfoolery.pdf
|
|
|
|
|
2020-06-21 - Deep Analysis of SmokeLoader.pdf
|
|
|
|
|
2020-06-21 - Investigating Threats in HP Sure Controller 4.2- TVRAT.pdf
|
|
|
|
|
2020-06-21 - Snatch Ransomware.pdf
|
|
|
|
|
2020-06-21 - UpnP – Messing up Security since years.pdf
|
|
|
|
|
2020-06-22 - Comparative analysis between Bindiff and Diaphora - Patched Smokeloader Study Case.pdf
|
|
|
|
|
2020-06-22 - Dynamic Correlation, ML and Hunting.pdf
|
|
|
|
|
2020-06-22 - FTcode targets European countries.pdf
|
|
|
|
|
2020-06-22 - Hakbit Ransomware Campaign Against Germany, Austria, Switzerland.pdf
|
|
|
|
|
2020-06-22 - Hijacking DLLs in Windows.pdf
|
|
|
|
|
2020-06-22 - Indiabulls Group hit by CLOP Ransomware, gets 24h leak deadline.pdf
|
|
|
|
|
2020-06-22 - IndigoDrop spreads via military-themed lures to deliver Cobalt Strike.pdf
|
|
|
|
|
2020-06-22 - Inside a TrickBot Cobalt Strike Attack Server.pdf
|
|
|
|
|
2020-06-22 - njRat Malware Analysis.pdf
|
|
|
|
|
2020-06-22 - Pillowmint- FIN7’s Monkey Thief.pdf
|
|
|
|
|
2020-06-22 - Unpacking Visual Basic Packers – IcedID.pdf
|
|
|
|
|
2020-06-22 - VenomRAT - new, hackforums grade, reincarnation of QuassarRAT.pdf
|
|
|
|
|
2020-06-22 - Web skimming with Google Analytics.pdf
|
|
|
|
|
2020-06-22 - XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers.pdf
|
|
|
|
|
2020-06-23 - Hidden Cobra - from a shed skin to the viper’s nest.pdf
|
|
|
|
|
2020-06-23 - New Mirai variant Aisuru detects Cowrie opensource honeypots.pdf
|
|
|
|
|
2020-06-23 - Oh, what a boot-iful mornin’ Rovnix bootkit back in business.pdf
|
|
|
|
|
2020-06-23 - Ryuk ransomware deployed two weeks after Trickbot infection.pdf
|
|
|
|
|
2020-06-23 - Sodinokibi- Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike.pdf
|
|
|
|
|
2020-06-23 - WastedLocker- A New Ransomware Variant Developed By The Evil Corp Group.pdf
|
|
|
|
|
2020-06-24 - BRONZE VINEWOOD Targets Supply Chains.pdf
|
|
|
|
|
2020-06-24 - DropboxAES Remote Access Trojan.pdf
|
|
|
|
|
2020-06-24 - Glupteba - the malware that gets secret messages from the Bitcoin blockchain.pdf
|
|
|
|
|
2020-06-24 - Glupteba malware hides in plain sight.pdf
|
|
|
|
|
2020-06-24 - Hackers are still running coronavirus-related campaigns, CrowdStrike warns.pdf
|
|
|
|
|
2020-06-24 - Is upatre downloader coming back -.pdf
|
|
|
|
|
2020-06-24 - Lucifer- New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices.pdf
|
|
|
|
|
2020-06-24 - Magnitude exploit kit - evolution.pdf
|
|
|
|
|
2020-06-24 - New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor.pdf
|
|
|
|
|
2020-06-24 - Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex.pdf
|
|
|
|
|
2020-06-25 - A close look at the advanced techniques used in a Malaysian-focused APT campaign.pdf
|
|
|
|
|
2020-06-25 - BackDoor.ShadowPad.1.pdf
|
|
|
|
|
2020-06-25 - DarkCrewBot – The Return of the Bot Shop Crew.pdf
|
|
|
|
|
2020-06-25 - Github Repository of PYBACK.pdf
|
|
|
|
|
2020-06-25 - GuLoader- Peering Into a Shellcode-based Downloader.pdf
|
|
|
|
|
2020-06-25 - The Golden Tax Department and the Emergence of GoldenSpy Malware.pdf
|
|
|
|
|
2020-06-25 - Unknown China-Based APT Targeting Myanmarese Entities.pdf
|
|
|
|
|
2020-06-25 - Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files.pdf
|
|
|
|
|
2020-06-25 - Zoom In- Emulating 'Exploit Purchase' in Simulated Targeted Attacks.pdf
|
|
|
|
|
2020-06-26 - Admin of carding portal behind $568M in losses pleads guilty.pdf
|
|
|
|
|
2020-06-26 - CryptoCore – Cryptocurrency Exchanges Under Attack.pdf
|
|
|
|
|
2020-06-26 - New Ransom X Ransomware used in Texas TxDOT cyberattack.pdf
|
|
|
|
|
2020-06-26 - Ransom .exx notes.pdf
|
|
|
|
|
2020-06-26 - Russian hacker group Evil Corp targets US workers at home.pdf
|
|
|
|
|
2020-06-26 - Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities.pdf
|
|
|
|
|
2020-06-26 - Taurus- The New Stealer in Town.pdf
|
|
|
|
|
2020-06-26 - Update on IT Security Incident at UCSF.pdf
|
|
|
|
|
2020-06-26 - US Local Government Services Targeted by New Magecart Credit Card Skimming Attack.pdf
|
|
|
|
|
2020-06-26 - WastedLocker- Symantec Identifies Wave of Attacks Against U.S. Organizations.pdf
|
|
|
|
|
2020-06-27 - Quick analysis note about GuLoader (or CloudEyE).pdf
|
|
|
|
|
2020-06-28 - Interesting tactic by Ratty & Adwind for distribution of JAR appended to signed MSI.pdf
|
|
|
|
|
2020-06-29 - OSX.EvilQuest Uncovered.pdf
|
|
|
|
|
2020-06-29 - PROMETHIUM extends global reach with StrongPity3 APT.pdf
|
|
|
|
|
2020-06-30 - Botnet Encyclopedia.pdf
|
|
|
|
|
2020-06-30 - Detection Rules by Elastic.pdf
|
|
|
|
|
2020-06-30 - Electric Company Ransomware Attack Calls for $14 Million in Ransom.pdf
|
|
|
|
|
2020-06-30 - EvilQuest wiper uses ransomware cover to steal files from Macs.pdf
|
|
|
|
|
2020-06-30 - GoldenSpy- Chapter Two - The Uninstaller.pdf
|
|
|
|
|
2020-06-30 - M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis.pdf
|
|
|
|
|
2020-06-30 - Ransomware on the Rise- Buran’s transformation into Zeppelin.pdf
|
|
|
|
|
2020-07-01 - Alina Point of Sale Malware Still Lurking in DNS.pdf
|
|
|
|
|
2020-07-01 - BlackRock - The Trojan That Wanted to Get Them All.pdf
|
|
|
|
|
2020-07-01 - DLL Search Order Hijacking.pdf
|
|
|
|
|
2020-07-01 - EKANS Ransomware Targeting OT ICS Systems.pdf
|
|
|
|
|
2020-07-01 - Multiyear Surveillance Campaigns Discovered Targeting Uyghurs.pdf
|
|
|
|
|
2020-07-01 - Threat Bulletin- Cutting-off the Command-and-Control Infrastructure of CollectorGoomba.pdf
|
|
|
|
|
2020-07-01 - Threat Spotlight- Valak Slithers Its Way Into Manufacturing and Transportation Networks.pdf
|
|
|
|
|
2020-07-01 - 游走在东欧和中亚的奇幻熊.pdf
|
|
|
|
|
2020-07-02 - CyberGate RAT and RedLine Stealer Delivered in Ongoing AutoIt Malware Campaigns.pdf
|
|
|
|
|
2020-07-02 - GoldenSpy Chapter 3- New and Improved Uninstaller.pdf
|
|
|
|
|
2020-07-03 - Attack Detection Fundamentals- Code Execution and Persistence - Lab #1.pdf
|
|
|
|
|
2020-07-03 - Attack Detection Fundamentals- Code Execution and Persistence - Lab 1.pdf
|
|
|
|
|
2020-07-04 - Deep Analysis of Anubis Banking Malware.pdf
|
|
|
|
|
2020-07-05 - How to stop MortiAgent Malware using the snort rule-.pdf
|
|
|
|
|
2020-07-05 - Reverse Engineering the Mustang Panda PlugX RAT – Extracting the Config.pdf
|
|
|
|
|
2020-07-05 - RIFT- F5 Networks K52145254- TMUI RCE vulnerability CVE-2020-5902 Intelligence.pdf
|
|
|
|
|
2020-07-06 - New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader.pdf
|
|
|
|
|
2020-07-06 - North Korean hackers implicated in stealing from US and European shoppers.pdf
|
|
|
|
|
2020-07-06 - Pig in a poke- smartphone adware.pdf
|
|
|
|
|
2020-07-06 - The Gafgyt variant vbot seen in its 31 campaigns.pdf
|
|
|
|
|
2020-07-06 - TrickBot variant “Anchor_DNS” communicating over DNS.pdf
|
|
|
|
|
2020-07-06 - WastedLocker Goes Big-Game Hunting in 2020.pdf
|
|
|
|
|
2020-07-07 - -Keeper- Magecart Group Infects 570 Sites.pdf
|
|
|
|
|
2020-07-07 - Breaking EvilQuest - Reversing A Custom macOS Ransomware File Encryption Routine.pdf
|
|
|
|
|
2020-07-07 - Clop, Clop! It’s a TA505 HTML malspam analysis.pdf
|
|
|
|
|
2020-07-07 - Microsoft takes legal action against COVID-19-related cybercrime.pdf
|
|
|
|
|
2020-07-07 - SilentDeath Ransomware.pdf
|
|
|
|
|
2020-07-08 - How to unpack Chinoxy backdoor and decipher the configuration of the backdoor.pdf
|
|
|
|
|
2020-07-08 - Irans domestic espionage Lessons from recent data leaks.pdf
|
|
|
|
|
2020-07-08 - New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173.pdf
|
|
|
|
|
2020-07-08 - Operation ‘Honey Trap’- APT36 Targets Defense Organizations in India.pdf
|
|
|
|
|
2020-07-08 - Ransomware Report- Avaddon and New Techniques Emerge, Industrial Sector Targeted.pdf
|
|
|
|
|
2020-07-08 - Restricting SMB-based lateral movement in a Windows environment.pdf
|
|
|
|
|
2020-07-08 - “EvilQuest” Rolls Ransomware, Spyware & Data Theft Into One.pdf
|
|
|
|
|
2020-07-09 - An Update for a Very Active DDos Botnet- Moobot.pdf
|
|
|
|
|
2020-07-09 - Gist with observed grelos skimmer.pdf
|
|
|
|
|
2020-07-09 - More evil- A deep look at Evilnum and its toolset.pdf
|
|
|
|
|
2020-07-09 - New Joker variant hits Google Play with an old trick.pdf
|
|
|
|
|
2020-07-09 - ServHelper- Hidden Miners.pdf
|
|
|
|
|
2020-07-09 - Threat Bulletin- Dissecting GuLoader’s Evasion Techniques.pdf
|
|
|
|
|
2020-07-10 - Deep Dive Into the M00nD3V Logger.pdf
|
|
|
|
|
2020-07-10 - Evilnum — Indicators of Compromise.pdf
|
|
|
|
|
2020-07-10 - Knowledge Fragment- Casting Sandbox Necromancy on DADSTACHE.pdf
|
|
|
|
|
2020-07-10 - The Dark Web of Intrigue- How REvil Used the Underground Ecosystem to Form an Extortion Cartel.pdf
|
|
|
|
|
2020-07-10 - The new Bigviktor Botnet is Targeting DrayTek Vigor Router.pdf
|
|
|
|
|
2020-07-10 - The Secret Service Tried to Catch a Hacker With a Malware Booby-Trap.pdf
|
|
|
|
|
2020-07-10 - Threat spotlight- WastedLocker, customized ransomware.pdf
|
|
|
|
|
2020-07-10 - YARA Rules talks and presentation of REVERSING 2020.pdf
|
|
|
|
|
2020-07-11 - Injecting Magecart into Magento Global Config.pdf
|
|
|
|
|
2020-07-11 - TrickBot Group Launches Test Module Alerting on Fraud Activity.pdf
|
|
|
|
|
2020-07-11 - TrickBot malware mistakenly warns victims that they are infected.pdf
|
|
|
|
|
2020-07-12 - Deobfuscating DanaBot’s API Hashing.pdf
|
|
|
|
|
2020-07-13 - Anchor dns malware goes cross platform.pdf
|
|
|
|
|
2020-07-13 - Become a Microsoft Defender ATP Ninja.pdf
|
|
|
|
|
2020-07-13 - Campagna sLoad v.2.9.3 veicolata via PEC.pdf
|
|
|
|
|
2020-07-13 - Fell Deeds Awake.pdf
|
|
|
|
|
2020-07-13 - Internet Explorer CVE-2019–1367 In the wild Exploitation - prelude.pdf
|
|
|
|
|
2020-07-13 - New AgeLocker Ransomware uses Googler's utility to encrypt files.pdf
|
|
|
|
|
2020-07-13 - Remcos RAT Macro Dropper Doc.pdf
|
|
|
|
|
2020-07-13 - SCANdalous! (External Detection Using Network Scan Data and Automation).pdf
|
|
|
|
|
2020-07-13 - TrickBot's new API-Hammering explained.pdf
|
|
|
|
|
2020-07-14 - GoldenSpy Chapter 4- GoldenHelper Malware Embedded in Official Golden Tax Software.pdf
|
|
|
|
|
2020-07-14 - Manufacturing Industry in the Adversaries’ Crosshairs.pdf
|
|
|
|
|
2020-07-14 - PYTHON MALWARE ON THE RISE.pdf
|
|
|
|
|
2020-07-14 - RATicate upgrades “RATs as a Service” attacks with commercial “crypter”.pdf
|
|
|
|
|
2020-07-14 - Simple DGA Spotted in a Malicious PowerShell.pdf
|
|
|
|
|
2020-07-14 - The Domain Generation Algorithm of BazarBackdoor.pdf
|
|
|
|
|
2020-07-14 - The Tetrade- Brazilian banking malware goes global.pdf
|
|
|
|
|
2020-07-14 - Turla - Venomous Bear updates its arsenal- “NewPass” appears on the APT threat scene.pdf
|
|
|
|
|
2020-07-14 - Welcome Chat as a secure messaging app- Nothing could be further from the truth.pdf
|
|
|
|
|
2020-07-15 - An in-depth analysis of SpyNote remote access trojan.pdf
|
|
|
|
|
2020-07-15 - Chinese state hackers target Hong Kong Catholic Church.pdf
|
|
|
|
|
2020-07-15 - Deep Analysis of QBot Banking Trojan.pdf
|
|
|
|
|
2020-07-15 - Exclusive- Secret Trump order gives CIA more powers to launch cyberattacks.pdf
|
|
|
|
|
2020-07-15 - Financially Motivated Actors Are Expanding Access Into OT- Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families.pdf
|
|
|
|
|
2020-07-15 - Flowspec - TA505s bulletproof hoster of choice.pdf
|
|
|
|
|
2020-07-15 - Inside REvil Extortionist “Machine”- Predictive Insights.pdf
|
|
|
|
|
2020-07-15 - The Defective Domain Generation Algorithm of BazarBackdoor.pdf
|
|
|
|
|
2020-07-16 - A Bazar of Tricks- Following Team9’s Development Cycles.pdf
|
|
|
|
|
2020-07-16 - FastWind Ransomware.pdf
|
|
|
|
|
2020-07-16 - High‑profile Twitter accounts hacked to promote Bitcoin scam.pdf
|
|
|
|
|
2020-07-16 - How WellMess malware has been used to target Covid-19 vaccines.pdf
|
|
|
|
|
2020-07-16 - Iranian Spies Accidentally Leaked Videos of Themselves Hacking.pdf
|
|
|
|
|
2020-07-16 - Mac cryptocurrency trading application rebranded, bundled with malware.pdf
|
|
|
|
|
2020-07-16 - Malware Analysis Report (AR20-198A).pdf
|
|
|
|
|
2020-07-16 - Malware Analysis Report (AR20-198B).pdf
|
|
|
|
|
2020-07-16 - Malware Analysis Report (AR20-198C).pdf
|
|
|
|
|
2020-07-16 - New Research Exposes Iranian Threat Group (APT35-ITG18) Operations.pdf
|
|
|
|
|
2020-07-16 - US, UK, and Canada’s COVID-19 research targeted by APT29.pdf
|
|
|
|
|
2020-07-17 - New Voicemail-Themed Phishing Attacks Use Evasion Techniques and Steal Credentials.pdf
|
|
|
|
|
2020-07-17 - TA547 Pivots from Ursnif Banking Trojan to Ransomware in Australian Campaign.pdf
|
|
|
|
|
2020-07-18 - Firefox Send sends Ursnif malware.pdf
|
|
|
|
|
2020-07-20 - Emotet is back.pdf
|
|
|
|
|
2020-07-20 - Emotet-TrickBot malware duo is back infecting Windows machines.pdf
|
|
|
|
|
2020-07-20 - Golden Chickens- Evolution Oof the MaaS.pdf
|
|
|
|
|
2020-07-20 - Reverse Engineering the New Mustang Panda PlugX Downloader.pdf
|
|
|
|
|
2020-07-20 - Shellbot victim overlap with Emotet network infrastructure.pdf
|
|
|
|
|
2020-07-20 - What even is Winnti-.pdf
|
|
|
|
|
2020-07-21 - 'World's Most Wanted Man' Involved in Bizarre Attempt to Buy Hacking Tools.pdf
|
|
|
|
|
2020-07-21 - Chinese APT group targets India and Hong Kong using new variant of MgBot malware.pdf
|
|
|
|
|
2020-07-21 - How scammers are hiding their phishing trips in public clouds.pdf
|
|
|
|
|
2020-07-21 - Two Chinese Hackers Working with the Ministry of State Security Charged with Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information, Including COVID-19 Research.pdf
|
|
|
|
|
2020-07-22 - 'FormBook Tracker' unveiled on the Dark Web.pdf
|
|
|
|
|
2020-07-22 - Analysing Fileless Malware- Cobalt Strike Beacon.pdf
|
|
|
|
|
2020-07-22 - Connecting Kinsing malware to Citrix and SaltStack campaigns.pdf
|
|
|
|
|
2020-07-22 - Enter the Maze- Demystifying an Affiliate Involved in Maze (SNOW).pdf
|
|
|
|
|
2020-07-22 - Github Repository for PowerZure.pdf
|
|
|
|
|
2020-07-22 - Lockscreen Ransomware Phishing Leads To Google Play Card Scam.pdf
|
|
|
|
|
2020-07-22 - MATA- Multi-platform targeted malware framework.pdf
|
|
|
|
|
2020-07-22 - OilRig APT Drills into Malware Innovation with Unique Backdoor.pdf
|
|
|
|
|
2020-07-22 - OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory.pdf
|
|
|
|
|
2020-07-22 - Peut-on neutraliser un ransomware lancé en tant que SYSTEM sur des milliers de machines en même temps-.pdf
|
|
|
|
|
2020-07-22 - Prometei botnet and its quest for Monero.pdf
|
|
|
|
|
2020-07-22 - Skimmers in Images & GitHub Repos.pdf
|
|
|
|
|
2020-07-22 - Slacking Off – Slack and the Corporate Attack Surface Landscape.pdf
|
|
|
|
|
2020-07-23 - Attacking MS Exchange Web Interfaces.pdf
|
|
|
|
|
2020-07-23 - The resurgence of the Ursnif banking trojan.pdf
|
|
|
|
|
2020-07-23 - WastedLocker Ransomware- Abusing ADS and NTFS File Attributes.pdf
|
|
|
|
|
2020-07-23 - Who is behind APT29- What we know about this nation-state cybercrime group.pdf
|
|
|
|
|
2020-07-24 - Evolution of Valak, from Its Beginnings to Mass Distribution.pdf
|
|
|
|
|
2020-07-24 - Exorcist Ransomware - From triaging to deep dive.pdf
|
|
|
|
|
2020-07-24 - Fifty Shades of Malware Strings.pdf
|
|
|
|
|
2020-07-24 - Garmin outage caused by confirmed WastedLocker ransomware attack.pdf
|
|
|
|
|
2020-07-24 - Russia's GRU Hackers Hit US Government and Energy Targets.pdf
|
|
|
|
|
2020-07-25 - Zen- A Complex Campaign of Harmful Android Apps.pdf
|
|
|
|
|
2020-07-26 - In-Memory shellcode decoding to evade AVs-EDRs.pdf
|
|
|
|
|
2020-07-27 - Alert (AA20-209A)- Potential Legacy Risk from Malware Targeting QNAP NAS Devices.pdf
|
|
|
|
|
2020-07-27 - Ensiko- A Webshell With Ransomware Capabilities.pdf
|
|
|
|
|
2020-07-27 - Four Distinct Families of Lazarus Malware Target Apple’s macOS Platform.pdf
|
|
|
|
|
2020-07-27 - ProLock ransomware gives you the first 8 kilobytes of decryption for free.pdf
|
|
|
|
|
2020-07-28 - Emotet malware now steals your email attachments to attack contacts.pdf
|
|
|
|
|
2020-07-28 - Lazarus on the hunt for big game.pdf
|
|
|
|
|
2020-07-28 - LOLSnif Malware.pdf
|
|
|
|
|
2020-07-28 - Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902.pdf
|
|
|
|
|
2020-07-28 - Watch Your Containers- Doki Infecting Docker Servers in the Cloud.pdf
|
|
|
|
|
2020-07-29 - 'Ghostwriter' Influence Campaign- Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests.pdf
|
|
|
|
|
2020-07-29 - Android Spyware Targeting Tanzania Premier League.pdf
|
|
|
|
|
2020-07-29 - APT trends report Q2 2020.pdf
|
|
|
|
|
2020-07-29 - Emotet’s return is the canary in the coal mine.pdf
|
|
|
|
|
2020-07-29 - Kaspersky- New hacker-for-hire mercenary group is targeting European law firms.pdf
|
|
|
|
|
2020-07-29 - Operation (노스 스타) North Star A Job Offer That’s Too Good to be True-.pdf
|
|
|
|
|
2020-07-29 - Operation North Star A Job Offer That’s Too Good to be True-.pdf
|
|
|
|
|
2020-07-29 - Sodinokibi - REvil Malware Analysis.pdf
|
|
|
|
|
2020-07-30 - Dissecting Ragnar Locker- The Case Of EDP.pdf
|
|
|
|
|
2020-07-30 - Obscured by Clouds- Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates.pdf
|
|
|
|
|
2020-07-30 - Threat Assessment- WastedLocker Ransomware.pdf
|
|
|
|
|
2020-07-31 - GandCrab ransomware operator arrested in Belarus.pdf
|
|
|
|
|
2020-07-31 - Malware Author Pleads Guilty for Role in Transnational Cybercrime Organization Responsible for more than $568 Million in Losses.pdf
|
|
|
|
|
2020-07-31 - MassLogger- An Emerging Spyware and Keylogger.pdf
|
|
|
|
|
2020-07-31 - OpBlueRaven- Unveiling Fin7-Carbanak - Part 1 - Tirion.pdf
|
|
|
|
|
2020-07-31 - The webshells powering Emotet.pdf
|
|
|
|
|
2020-07-31 - WastedLocker- technical analysis.pdf
|
|
|
|
|
2020-08-01 - Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware.PDF
|
|
|
|
|
2020-08-03 - Back to school-.pdf
|
|
|
|
|
2020-08-03 - Belarus Authorities Arrest GandCrab Ransomware Operator.pdf
|
|
|
|
|
2020-08-03 - Dridex – From Word to Domain Dominance.pdf
|
|
|
|
|
2020-08-03 - InfectedNight - Mirai Variant With Massive Attacks On Our Honeypots.pdf
|
|
|
|
|
2020-08-03 - MAR-10292089-1.v1 – Chinese Remote Access Trojan- TAIDOOR.pdf
|
|
|
|
|
2020-08-03 - Take a “NetWalk” on the Wild Side.pdf
|
|
|
|
|
2020-08-04 - CrimeOps- The Operational Art of Cyber Crime.pdf
|
|
|
|
|
2020-08-04 - Part 1- analysing MedusaLocker ransomware.pdf
|
|
|
|
|
2020-08-04 - Ransomware gang publishes tens of GBs of internal data from LG and Xerox.pdf
|
|
|
|
|
2020-08-04 - WastedLocker’s techniques point to a familiar heritage.pdf
|
|
|
|
|
2020-08-05 - Emotet API string deobfuscator (v0.1).pdf
|
|
|
|
|
2020-08-05 - Emotet API+string deobfuscator (v0.1).pdf
|
|
|
|
|
2020-08-05 - Part 2- Analysing MedusaLocker ransomware.pdf
|
|
|
|
|
2020-08-05 - Playing with GuLoader Anti-VM techniques.pdf
|
|
|
|
|
2020-08-06 - Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach.pdf
|
|
|
|
|
2020-08-06 - Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry.pdf
|
|
|
|
|
2020-08-06 - FinSpy Android Technical Analysi.pdf
|
|
|
|
|
2020-08-06 - Part 3- analysing MedusaLocker ransomware.pdf
|
|
|
|
|
2020-08-06 - The Secret Life of an Initial Access Broker.pdf
|
|
|
|
|
2020-08-06 - Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts.pdf
|
|
|
|
|
2020-08-07 - BlackWater Malware Leveraging Beirut Tragedy in New Targeted Campaign.pdf
|
|
|
|
|
2020-08-07 - Stadeo- Deobfuscating Stantinko and more.pdf
|
|
|
|
|
2020-08-08 - Phirautee - DEFCON28 - Writing Ransomware using Living off the Land (LotL) Tactics.pdf
|
|
|
|
|
2020-08-09 - Banking Trojans- A Reference Guide to the Malware Family Tree.pdf
|
|
|
|
|
2020-08-10 - Agent Tesla - Old RAT Uses New Tricks to Stay on Top.pdf
|
|
|
|
|
2020-08-10 - Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service.pdf
|
|
|
|
|
2020-08-10 - ClipBanker Trojan - A 13-Second Attack.pdf
|
|
|
|
|
2020-08-10 - DarkSide Ransomware.pdf
|
|
|
|
|
2020-08-10 - DiamondFox - Bank Robbers will be replaced.pdf
|
|
|
|
|
2020-08-10 - FBI says an Iranian hacking group is attacking F5 networking devices.pdf
|
|
|
|
|
2020-08-10 - Gorgon APT targeting MSME sector in India.pdf
|
|
|
|
|
2020-08-10 - SBA phishing scams- from malware to advanced social engineering.pdf
|
|
|
|
|
2020-08-12 - Antiy's analysis report on the recent APT attacks against the Green Spot organization.pdf
|
|
|
|
|
2020-08-12 - Color by numbers- inside a Dharma ransomware-as-a-service attack.pdf
|
|
|
|
|
2020-08-12 - IcedID Campaign Strikes Back.pdf
|
|
|
|
|
2020-08-12 - Internet Explorer and Windows zero-day exploits used in Operation PowerFall.pdf
|
|
|
|
|
2020-08-12 - Prioritizing critical vulnerabilities A threat intelligence perspective.pdf
|
|
|
|
|
2020-08-12 - Retour d’expérience suite à une attaque par rançongiciel contre une structure de santé.pdf
|
|
|
|
|
2020-08-12 - Why Emotet’s Latest Wave is Harder to Catch than Ever Before.pdf
|
|
|
|
|
2020-08-13 - Attribution- A Puzzle.pdf
|
|
|
|
|
2020-08-13 - CactusPete APT group’s updated Bisonal backdoor.pdf
|
|
|
|
|
2020-08-13 - Case Study- Catching a Human-Operated Maze Ransomware Attack In Action.pdf
|
|
|
|
|
2020-08-13 - Chrome extensions that lie about their permissions.pdf
|
|
|
|
|
2020-08-13 - Global Disruption of Three Terror Finance Cyber-Enabled Campaigns.pdf
|
|
|
|
|
2020-08-13 - Lemon Duck Cryptocurrency-mining Malware Information.pdf
|
|
|
|
|
2020-08-13 - Matiex on Sale Underground.pdf
|
|
|
|
|
2020-08-13 - Mekotio- These aren’t the security updates you’re looking for….pdf
|
|
|
|
|
2020-08-13 - XCSSET Mac Malware- Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits.pdf
|
|
|
|
|
2020-08-14 - Alert (AA20-227A)- Phishing Emails Used to Deploy KONNI Malware.pdf
|
|
|
|
|
2020-08-14 - EmoCrash- Exploiting a Vulnerability in Emotet Malware for Defense.pdf
|
|
|
|
|
2020-08-14 - PurpleWave - A New Infostealer from Russia.pdf
|
|
|
|
|
2020-08-16 - Manual Unpacking IcedID Write-up.pdf
|
|
|
|
|
2020-08-17 - Team TNT - The First Crypto-Mining Worm to Steal AWS Credentials.pdf
|
|
|
|
|
2020-08-17 - Team TNT – The First Crypto-Mining Worm to Steal AWS Credentials.pdf
|
|
|
|
|
2020-08-17 - WellMess malware- analysis of its Command and Control (C2) server.pdf
|
|
|
|
|
2020-08-18 - Lazarus Group- Campaign Targeting the Cryptocurrency Vertical.pdf
|
|
|
|
|
2020-08-18 - New Attack Alert- Duri.pdf
|
|
|
|
|
2020-08-18 - ThunderX Ransomware.pdf
|
|
|
|
|
2020-08-18 - UPX Anti-Unpacking Techniques in IoT Malware.pdf
|
|
|
|
|
2020-08-19 - Chantay’s Resume- Investigating a CV-Themed ZLoader Malware.pdf
|
|
|
|
|
2020-08-19 - ELF Malware Analysis 101 Part 2- Initial Analysis.pdf
|
|
|
|
|
2020-08-19 - FritzFrog- A New Generation Of Peer-To-Peer Botnets.pdf
|
|
|
|
|
2020-08-19 - Malware Analysis Report (AR20-232A).pdf
|
|
|
|
|
2020-08-19 - MAR-10295134-1.v1 - North Korean Remote Access Trojan- BLINDINGCAN.pdf
|
|
|
|
|
2020-08-19 - Performing Kerberoasting without SPNs.pdf
|
|
|
|
|
2020-08-19 - Responder-MultiRelay.pdf
|
|
|
|
|
2020-08-19 - 調查局 08-19 公布中國對台灣政府機關駭侵事件說明.pdf
|
|
|
|
|
2020-08-20 - [webinar] Proactive Infrastructure Hunting with ThreatConnect & DomainTools.pdf
|
|
|
|
|
2020-08-20 - DBatLoader-ModiLoader Analysis – First Stage.pdf
|
|
|
|
|
2020-08-20 - QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal.pdf
|
|
|
|
|
2020-08-20 - Revealing REvil Ransomware With DomainTools and Maltego.pdf
|
|
|
|
|
2020-08-20 - Transparent Tribe- Evolution analysis, part 1.pdf
|
|
|
|
|
2020-08-20 - ‘Baka’ JavaScript Skimmer Identified.pdf
|
|
|
|
|
2020-08-21 - Wireshark Tutorial- Decrypting HTTPS Traffic.pdf
|
|
|
|
|
2020-08-22 - BitRAT – The Latest in Copy-pasted Malware by Incompetent Developers.pdf
|
|
|
|
|
2020-08-23 - Dispatches from Drovorub- Network Threat Hunting for Russia GRU GTsSS' Malware at Scale.pdf
|
|
|
|
|
2020-08-23 - Programmatically NOP the Current Selection in Ghidra.pdf
|
|
|
|
|
2020-08-24 - Cybercriminal greeners from Iran attack companies worldwide for financial gain.pdf
|
|
|
|
|
2020-08-24 - Emotet Update increases Downloads.pdf
|
|
|
|
|
2020-08-24 - Lifting the veil on DeathStalker, a mercenary triumvirate.pdf
|
|
|
|
|
2020-08-24 - RATs and Spam- The Node.JS QRAT.pdf
|
|
|
|
|
2020-08-24 - Torum is Dead. Long Live CryptBB-.pdf
|
|
|
|
|
2020-08-24 - VT Report for Jazuar.pdf
|
|
|
|
|
2020-08-25 - Cyrat Ransomware.pdf
|
|
|
|
|
2020-08-25 - Darkhotel (APT-C-06) organized multiple attacks using the Thinmon backdoor framework to reveal the secrets.pdf
|
|
|
|
|
2020-08-25 - Deep Analysis of TeamTNT Techniques Using Container Images to Attack.pdf
|
|
|
|
|
2020-08-25 - How Ransomware Gangs Find New Monetization Schemes and Evolve in Marketing.pdf
|
|
|
|
|
2020-08-25 - Ryuk successor Conti Ransomware releases data leak site.pdf
|
|
|
|
|
2020-08-26 - A twisted malware infection chain.pdf
|
|
|
|
|
2020-08-26 - Alert (AA20-239A)- FASTCash 2.0- North Korea's BeagleBoyz Robbing Banks.pdf
|
|
|
|
|
2020-08-26 - MAR-10301706-1.v1 - North Korean Remote Access Tool- ECCENTRICBANDWAGON.pdf
|
|
|
|
|
2020-08-26 - MAR-10301706-2.v1 - North Korean Remote Access Tool- VIVACIOUSGIFT.pdf
|
|
|
|
|
2020-08-26 - ReZer0v4 loader.pdf
|
|
|
|
|
2020-08-26 - SunCrypt Ransomware sheds light on the Maze ransomware cartel.pdf
|
|
|
|
|
2020-08-26 - Threat Actor Profile- TA2719 Uses Colorful Lures to Deliver RATs in Local Languages.pdf
|
|
|
|
|
2020-08-26 - Transparent Tribe- Evolution analysis, part 2.pdf
|
|
|
|
|
2020-08-27 - An Old Bot’s Nasty New Tricks- Exploring Qbot’s Latest Attack Methods.pdf
|
|
|
|
|
2020-08-27 - Cetus- Cryptojacking Worm Targeting Docker Daemons.pdf
|
|
|
|
|
2020-08-27 - Growth and Commoditization of Remote Access Trojans (X).pdf
|
|
|
|
|
2020-08-27 - Smokeloader Analysis and More Family Detections.pdf
|
|
|
|
|
2020-08-28 - A Comprehensive Look at Emotet’s Summer 2020 Return.pdf
|
|
|
|
|
2020-08-28 - Cerberus Banking Trojan Analysis.pdf
|
|
|
|
|
2020-08-28 - Gozi- The Malware with a Thousand Faces.pdf
|
|
|
|
|
2020-08-28 - MVISION Insights- Wastedlocker Ransomware.pdf
|
|
|
|
|
2020-08-28 - TERRACOTTA Android Malware- A Technical Study.pdf
|
|
|
|
|
2020-08-29 - Emulating NotPetya bootloader with Miasm.pdf
|
|
|
|
|
2020-08-30 - Z3 Ransomware.pdf
|
|
|
|
|
2020-08-31 - Analysis of the latest wave of Emotet malicious documents.pdf
|
|
|
|
|
2020-08-31 - In the wild QNAP NAS attacks.pdf
|
|
|
|
|
2020-08-31 - Malware Used by Lazarus after Network Intrusion.pdf
|
|
|
|
|
2020-08-31 - Malware used by the attack group Lazarus after network intrusion.pdf
|
|
|
|
|
2020-08-31 - NetWalker Ransomware in 1 Hour.pdf
|
|
|
|
|
2020-08-31 - The BLINDINGCAN RAT and Malicious North Korean Activity.pdf
|
|
|
|
|
2020-08-31 - Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers.pdf
|
|
|
|
|
2020-08-31 - Who Is PIONEER KITTEN-.pdf
|
|
|
|
|
2020-08-31 - XP10 Ransomware.pdf
|
|
|
|
|
2020-09-01 - An Exhaustively-Analyzed IDB for ComRAT v4.pdf
|
|
|
|
|
2020-09-01 - Characterizing Anomalies in Malware-Generated HTTP Traffic.pdf
|
|
|
|
|
2020-09-01 - DLL Fixer leads to Cyrat Ransomware.pdf
|
|
|
|
|
2020-09-01 - Epic Manchego – atypical maldoc delivery brings flurry of infostealers.pdf
|
|
|
|
|
2020-09-01 - Iranian hackers are selling access to compromised companies on an underground forum.pdf
|
|
|
|
|
2020-09-01 - New web skimmer steals credit card data, sends to crooks via Telegram.pdf
|
|
|
|
|
2020-09-01 - OpBlueRaven- Unveiling Fin7-Carbanak - Part II - BadUSB Attacks.pdf
|
|
|
|
|
2020-09-01 - Quarterly Report- Incident Response trends in Summer 2020.pdf
|
|
|
|
|
2020-09-01 - Who Is PIONEER KITTEN-.pdf
|
|
|
|
|
2020-09-02 - [Alert] New GlobeImposter of Olympian Gods 2.0 is coming.pdf
|
|
|
|
|
2020-09-02 - Chinese APT TA413 Resumes Targeting of Tibet Following COVID-19 Themed Economic Espionage Campaign Delivering Sepulcher Malware Targeting Europe.pdf
|
|
|
|
|
2020-09-02 - Cybersquatting- Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers.pdf
|
|
|
|
|
2020-09-02 - Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software.pdf
|
|
|
|
|
2020-09-02 - KryptoCibule- The multitasking multicurrency cryptostealer.pdf
|
|
|
|
|
2020-09-02 - Machine learning from idea to reality- a PowerShell case study.pdf
|
|
|
|
|
2020-09-02 - Operation PowerFall- CVE-2020-0986 and variants.pdf
|
|
|
|
|
2020-09-02 - Salfram- Robbing the place without removing your name tag.pdf
|
|
|
|
|
2020-09-03 - Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496.pdf
|
|
|
|
|
2020-09-03 - IT threat evolution Q2 2020.pdf
|
|
|
|
|
2020-09-03 - Multi-Platform SMAUG RaaS Aims To See Off Competitors.pdf
|
|
|
|
|
2020-09-03 - No Rest for the Wicked- Evilnum Unleashes PyVil RAT.pdf
|
|
|
|
|
2020-09-03 - The Bitcoin Ransomware Detective Strikes Again- The UCSF Case.pdf
|
|
|
|
|
2020-09-03 - Turning Open Source Against Malware.pdf
|
|
|
|
|
2020-09-04 - BitRAT pt. 2- Hidden Browser, SOCKS5 proxy, and UnknownProducts Unmasked.pdf
|
|
|
|
|
2020-09-04 - Post-Mortem of a Triple Poisoning- New Details Emerge in GRU's Failed Murder Attempts in Bulgaria.pdf
|
|
|
|
|
2020-09-04 - Thanos Ransomware- Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa.pdf
|
|
|
|
|
2020-09-07 - Bulletin d'alerte du CERT-FR- Recrudescence d’activité Emotet en France.pdf
|
|
|
|
|
2020-09-07 - Collection of recent Dridex IOCs.pdf
|
|
|
|
|
2020-09-07 - Time to take the bull by the horns.pdf
|
|
|
|
|
2020-09-08 - APT GROUP系列——DARKHOTEL之窃密与RAT篇.pdf
|
|
|
|
|
2020-09-08 - Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks.pdf
|
|
|
|
|
2020-09-08 - Automated dynamic import resolving using binary emulation.pdf
|
|
|
|
|
2020-09-08 - Exposed Docker Server Abused to Drop Cryptominer, DDoS Bot.pdf
|
|
|
|
|
2020-09-08 - Malware Config Extraction Diaries #1 – GuLoader.pdf
|
|
|
|
|
2020-09-08 - Malware Config Extraction Diaries 1 – GuLoader.pdf
|
|
|
|
|
2020-09-08 - TeamTNT activity targets Weave Scope deployments.pdf
|
|
|
|
|
2020-09-08 - TikTok Spyware- A detailed analysis of spyware masquerading as TikTok.pdf
|
|
|
|
|
2020-09-09 - Malvertising campaigns come back in full swing.pdf
|
|
|
|
|
2020-09-10 - An overview of targeted attacks and APTs on Linux.pdf
|
|
|
|
|
2020-09-10 - Lock Like a Pro- Dive in Recent ProLock's Big Game Hunting.pdf
|
|
|
|
|
2020-09-10 - New cyberattacks targeting U.S. elections.pdf
|
|
|
|
|
2020-09-10 - Recent Dridex activity.pdf
|
|
|
|
|
2020-09-10 - STRONTIUM- Detecting new patterns in credential harvesting.pdf
|
|
|
|
|
2020-09-10 - Who is calling- CDRThief targets Linux VoIP softswitches.pdf
|
|
|
|
|
2020-09-11 - [RE016] Malware Analysis- ModiLoader.pdf
|
|
|
|
|
2020-09-11 - Research Roundup- Activity on Previously Identified APT33 Domains.pdf
|
|
|
|
|
2020-09-13 - Tweet on Cryakl 2.0.0.0.pdf
|
|
|
|
|
2020-09-14 - Alert (AA20-258A)- Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity.pdf
|
|
|
|
|
2020-09-14 - Analysis of a Convoluted Attack Chain Involving Ngrok.pdf
|
|
|
|
|
2020-09-14 - Back to School- Why Cybercriminals Continue to Target the Education Sector - Part Two.pdf
|
|
|
|
|
2020-09-15 - Alert (AA20-259A)- Iran-Based Threat Actor Exploits VPN Vulnerabilities.pdf
|
|
|
|
|
2020-09-15 - Malware Analysis Report (AR20-259A)- Iranian Web Shells.pdf
|
|
|
|
|
2020-09-15 - Rudeminer, Blacksquid and Lucifer Walk Into A Bar.pdf
|
|
|
|
|
2020-09-15 - Threat analysis- The emergent URSA trojan impacts many countries using a sophisticated loader.pdf
|
|
|
|
|
2020-09-16 - Malware Leveraging XML-RPC Vulnerability to Exploit WordPress Sites.pdf
|
|
|
|
|
2020-09-16 - Partners in crime North Koreans and elite Russian-speaking cybercriminals.pdf
|
|
|
|
|
2020-09-16 - Seven International Cyber Defendants, Including “Apt41” Actors, Charged In Connection With Computer Intrusion Campaigns Against More Than 100 Victims Globally.pdf
|
|
|
|
|
2020-09-16 - Target defense industry- Lazarus uses recruitment bait combined with continuously updated cyber weapons.pdf
|
|
|
|
|
2020-09-17 - Analysis of WellMail malware's Command and Control (C2) server.pdf
|
|
|
|
|
2020-09-17 - Automatic ReZer0 payload and configuration extraction.pdf
|
|
|
|
|
2020-09-17 - Complex obfuscation- Meh… (1-2).pdf
|
|
|
|
|
2020-09-17 - Counter Terrorism Designations; Iran-Cyber-related Designations.pdf
|
|
|
|
|
2020-09-17 - GuLoader's VM-Exit Instruction Hammering explained.pdf
|
|
|
|
|
2020-09-17 - Maze attackers adopt Ragnar Locker virtual machine technique.pdf
|
|
|
|
|
2020-09-17 - Maze ransomware now encrypts via virtual machines to evade detection.pdf
|
|
|
|
|
2020-09-17 - Ransomware’s New Trend- Exfiltration and Extortion.pdf
|
|
|
|
|
2020-09-17 - Treasury Sanctions Cyber Actors Backed by Iranian Intelligence Ministry.pdf
|
|
|
|
|
2020-09-18 - APT41- Indictments Put Chinese Espionage Group in the Spotlight.pdf
|
|
|
|
|
2020-09-18 - Egregor Ransomware.pdf
|
|
|
|
|
2020-09-18 - Elfin- Latest U.S. Indictments Appear to Target Iranian Espionage Group.pdf
|
|
|
|
|
2020-09-18 - EvilQuest-ThiefQuest strings decrypt-deobfuscator.pdf
|
|
|
|
|
2020-09-18 - Reverse Engineering Dridex and Automating IOC Extraction.pdf
|
|
|
|
|
2020-09-18 - The Initial Access Broker’s Toolbox – Remote Monitoring and Management.pdf
|
|
|
|
|
2020-09-18 - U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks.pdf
|
|
|
|
|
2020-09-20 - Rampant Kitten – An Iranian Espionage Campaign.pdf
|
|
|
|
|
2020-09-21 - Cybercriminals Distribute Backdoor With VPN Installer.pdf
|
|
|
|
|
2020-09-22 - Alert Number I-092220-PSA- Foreign Actors and Cybercriminals Likely to Spread Disinformation Regarding 2020 Election Results.pdf
|
|
|
|
|
2020-09-22 - APT28 Delivers Zebrocy Malware Campaign using NATO Theme as Lure.pdf
|
|
|
|
|
2020-09-22 - DarkSide- The New Ransomware Group Behind Highly Targeted Attacks.pdf
|
|
|
|
|
2020-09-22 - Grinju Downloader.pdf
|
|
|
|
|
2020-09-22 - Mispadu Banking Trojan Resurfaces.pdf
|
|
|
|
|
2020-09-22 - MTR Casebook- Blocking a $15 million Maze ransomware attack.pdf
|
|
|
|
|
2020-09-22 - Removing Coordinated Inauthentic Behavior.pdf
|
|
|
|
|
2020-09-22 - Russian hackers use fake NATO training docs to breach govt networks.pdf
|
|
|
|
|
2020-09-22 - Taidoor - a truly persistent threat.pdf
|
|
|
|
|
2020-09-22 - Uniklinik Düsseldorf- Ransomware -DoppelPaymer- soll hinter dem Angriff stecken.pdf
|
|
|
|
|
2020-09-22 - What Service NSW has to do with Russia-.pdf
|
|
|
|
|
2020-09-23 - AgeLocker ransomware targets QNAP NAS devices, steals data.pdf
|
|
|
|
|
2020-09-23 - Big Game Hunting- Now in Russia.pdf
|
|
|
|
|
2020-09-23 - Case Study- Emotet Thread Hijacking, an Email Attack Technique.pdf
|
|
|
|
|
2020-09-23 - Government software provider Tyler Technologies hit by ransomware.pdf
|
|
|
|
|
2020-09-23 - Looking for sophisticated malware in IoT devices.pdf
|
|
|
|
|
2020-09-23 - Operation SideCopy!.pdf
|
|
|
|
|
2020-09-23 - Understanding Uncertainty while Undermining Democracy.pdf
|
|
|
|
|
2020-09-24 - Alert Number I-092420-PSA- Cyber Threats to Voting Processes Could Slow But Not Prevent Voting.pdf
|
|
|
|
|
2020-09-24 - Alien - the story of Cerberus' demise.pdf
|
|
|
|
|
2020-09-24 - Analysis Report (AR20-268A)- Federal Agency Compromised by Malicious Cyber Actor.pdf
|
|
|
|
|
2020-09-24 - Apps on Google Play Tainted with Cerberus Banker Malware.pdf
|
|
|
|
|
2020-09-24 - Cycldek aka Goblin Panda- Chronicles of the Goblin.pdf
|
|
|
|
|
2020-09-24 - Double Trouble- Ransomware with Data Leak Extortion, Part 1.pdf
|
|
|
|
|
2020-09-24 - Email-delivered MoDi RAT attack pastes PowerShell commands.pdf
|
|
|
|
|
2020-09-24 - Microsoft Security—detecting empires in the cloud.pdf
|
|
|
|
|
2020-09-24 - Mount Locker ransomware joins the multi-million dollar ransom game.pdf
|
|
|
|
|
2020-09-24 - Removing Coordinated Inauthentic Behavior.pdf
|
|
|
|
|
2020-09-24 - zLoader XLM Update- Macro code and behavior change.pdf
|
|
|
|
|
2020-09-25 - APT vs Internet Service Providers.pdf
|
|
|
|
|
2020-09-25 - APT-C-43 steals Venezuelan military secrets to provide intelligence support for the reactionaries - HpReact campaign.pdf
|
|
|
|
|
2020-09-25 - Baltimore ransomware attack was early attempt at data extortion, new report shows.pdf
|
|
|
|
|
2020-09-25 - Catching Lazarus- Threat Intelligence to Real Detection Logic - Part One.pdf
|
|
|
|
|
2020-09-25 - Double Trouble- Ransomware with Data Leak Extortion, Part 1.pdf
|
|
|
|
|
2020-09-25 - German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed.pdf
|
|
|
|
|
2020-09-25 - Ghost in action- the Specter botnet.pdf
|
|
|
|
|
2020-09-25 - Magento Credit Card Stealing Malware- gstaticapi.pdf
|
|
|
|
|
2020-09-25 - The Fresh Smell of ransomed coffee.pdf
|
|
|
|
|
2020-09-25 - Turla Carbon System.pdf
|
|
|
|
|
2020-09-25 - Visa Security Alert New Malware Samples identified in Point-of-Sale Compromises.pdf
|
|
|
|
|
2020-09-26 - FinFisher Filleted- a triage of the FinSpy (macOS) malware.pdf
|
|
|
|
|
2020-09-26 - Ironcat Ransomware.pdf
|
|
|
|
|
2020-09-26 - The Finfisher Tales, Chapter 1- The dropper.pdf
|
|
|
|
|
2020-09-28 - Alert Number I-092820-PSA- False Claims of Hacked Voter Information Likely Intended to Cast Doubt on Legitimacy of U.S. Elections.pdf
|
|
|
|
|
2020-09-28 - Kimsuky Phishing Operations Putting In Work.pdf
|
|
|
|
|
2020-09-29 - BLINDINGCAN - Malware Used by Lazarus.pdf
|
|
|
|
|
2020-09-29 - Cerberus and Alien- the malware that has put Android in a tight spot.pdf
|
|
|
|
|
2020-09-29 - CobaltStrikeScan.pdf
|
|
|
|
|
2020-09-29 - Getting the Bacon from the Beacon.pdf
|
|
|
|
|
2020-09-29 - LodaRAT Update- Alive and Well.pdf
|
|
|
|
|
2020-09-29 - Palmerworm- Espionage Gang Targets the Media, Finance, and Other Sectors.pdf
|
|
|
|
|
2020-09-29 - Spear Phishing Campaign Delivers Buer and Bazar Malware.pdf
|
|
|
|
|
2020-09-29 - TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks.pdf
|
|
|
|
|
2020-09-29 - Targeted Attacks on Oil and Gas Supply Chain Industries in the Middle East.pdf
|
|
|
|
|
2020-09-29 - The return of the Emotet as the world unlocks!.pdf
|
|
|
|
|
2020-09-29 - What's behind the increase in ransomware attacks this year-.pdf
|
|
|
|
|
2020-09-30 - Alert Number I-093020-PSA- Distributed Denial of Service Attacks Could Hinder Access to Voting Information, Would Not Prevent Voting.pdf
|
|
|
|
|
2020-09-30 - APT‑C‑23 group evolves its Android spyware.pdf
|
|
|
|
|
2020-09-30 - Rooty Dolphin uses Mekotio to target bank clients in South America and Europe.pdf
|
|
|
|
|
2020-09-30 - TeamTNT is Back and Attacking Vulnerable Redis Servers.pdf
|
|
|
|
|
2020-09-30 - Ttint- An IoT remote control Trojan spreading through two 0-day vulnerabilities.pdf
|
|
|
|
|
2020-09-30 - Ttint- 一款通过2个0-day漏洞传播的IoT远控木马.pdf
|
|
|
|
|
2020-10-01 - A Storm is Brewing- IPStorm Now Has Linux Malware.pdf
|
|
|
|
|
2020-10-01 - Alert (AA20-275A)- Potential for China Cyber Response to Heightened U.S.-China Tensions.pdf
|
|
|
|
|
2020-10-01 - Alert Number I-100120-PSA- Foreign Actors Likely to Use Online Journals to Spread Disinformation Regarding 2020 Elections.pdf
|
|
|
|
|
2020-10-01 - Duck Hunting with Falcon Complete- Analyzing a Fowl Banking Trojan, Part 1.pdf
|
|
|
|
|
2020-10-01 - Emotet Makes Timely Adoption of Political and Elections Lures.pdf
|
|
|
|
|
2020-10-01 - Evasive URLs in Spam- Part 2.pdf
|
|
|
|
|
2020-10-01 - LATAM financial cybercrime- Competitors‑in‑crime sharing TTPs.pdf
|
|
|
|
|
2020-10-01 - Malware Analysis Report (AR20-275A)- Remote Access Trojan- SLOTHFULMEDIA.pdf
|
|
|
|
|
2020-10-01 - Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency.pdf
|
|
|
|
|
2020-10-01 - Threat Spotlight- New InterPlanetary Storm variant targeting IoT devices.pdf
|
|
|
|
|
2020-10-01 - XDSpy Indicators of Compromise.pdf
|
|
|
|
|
2020-10-02 - Alert Number I-100220-PSA- Spoofed Internet Domains and Email Accounts Pose Cyber and Disinformation Risks to Voters.pdf
|
|
|
|
|
2020-10-02 - Appgate Labs Analyzes New Family Of Ransomware - Egregor.pdf
|
|
|
|
|
2020-10-02 - Attacks Aimed at Disrupting the Trickbot Botnet.pdf
|
|
|
|
|
2020-10-02 - Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints.pdf
|
|
|
|
|
2020-10-02 - Lockbit analysis.pdf
|
|
|
|
|
2020-10-02 - XDSpy- Stealing government secrets since 2011.pdf
|
|
|
|
|
2020-10-03 - TA505 targets the Americas in a new campaign.pdf
|
|
|
|
|
2020-10-03 - Unveiling the CryptoMimic.pdf
|
|
|
|
|
2020-10-03 - Wikipedia Page- Maksim Yakubets.pdf
|
|
|
|
|
2020-10-05 - Black-T- New Cryptojacking Variant from TeamTnT.pdf
|
|
|
|
|
2020-10-05 - DarkSide ransomware analysis.pdf
|
|
|
|
|
2020-10-05 - MosaicRegressor- Lurking in the Shadows of UEFI.pdf
|
|
|
|
|
2020-10-05 - New pastebin-like service used in multiple malware campaigns.pdf
|
|
|
|
|
2020-10-06 - BAHAMUT- Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps.pdf
|
|
|
|
|
2020-10-06 - Double Trouble- Ransomware with Data Leak Extortion, Part 2.pdf
|
|
|
|
|
2020-10-06 - Eager Beaver- A Short Overview of the Restless Threat Actor TA505.pdf
|
|
|
|
|
2020-10-06 - French companies Under Attack from Clever BEC Scam.pdf
|
|
|
|
|
2020-10-06 - IXWare - Kids will be skids.pdf
|
|
|
|
|
2020-10-06 - PoetRAT- Malware targeting public and private sector in Azerbaijan evolves.pdf
|
|
|
|
|
2020-10-06 - Release the Kraken- Fileless APT attack abuses Windows Error Reporting service.pdf
|
|
|
|
|
2020-10-06 - TA505 targets the Americas in a new campaign.pdf
|
|
|
|
|
2020-10-06 - The FONIX RaaS - New Low-Key Threat with Unnecessary Complexities.pdf
|
|
|
|
|
2020-10-07 - Break out the Box (BOtB).pdf
|
|
|
|
|
2020-10-07 - Duck Hunting with Falcon Complete- Analyzing a Fowl Banking Trojan, Part 2.pdf
|
|
|
|
|
2020-10-07 - GhostDNSbusters (Part 2).pdf
|
|
|
|
|
2020-10-07 - United States Seizes Domain Names Used by Iran’s Islamic Revolutionary Guard Corps.pdf
|
|
|
|
|
2020-10-08 - Credit card skimmer targets virtual conference platform.pdf
|
|
|
|
|
2020-10-08 - Droppers, Downloaders and TrickBot- Detecting a Stealthy COVID-19-themed Campaign using Toolmarks.pdf
|
|
|
|
|
2020-10-08 - Fake Users Rave but Real Users Rant as Apps on Google Play Deal Aggressive Adware.pdf
|
|
|
|
|
2020-10-08 - German tech giant Software AG down after ransomware attack.pdf
|
|
|
|
|
2020-10-08 - MontysThree- Industrial espionage with steganography and a Russian accent on both sides.pdf
|
|
|
|
|
2020-10-08 - Ryuk’s Return.pdf
|
|
|
|
|
2020-10-08 - Shining a light on SunCrypt’s curious file encryption mechanism.pdf
|
|
|
|
|
2020-10-08 - Sophisticated new Android malware marks the latest evolution of mobile ransomware.pdf
|
|
|
|
|
2020-10-08 - Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 1- Waterbear Malware.pdf
|
|
|
|
|
2020-10-08 - Waterbear malware used in attack wave against government agencies.pdf
|
|
|
|
|
2020-10-09 - Alert (AA20-283A)- APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations.pdf
|
|
|
|
|
2020-10-09 - There’s a New a Golang-written RAT in Town.pdf
|
|
|
|
|
2020-10-11 - Chimera, APT19 under the radar -.pdf
|
|
|
|
|
2020-10-12 - -Front Door- into BazarBackdoor- Stealthy Cybercrime Weapon.pdf
|
|
|
|
|
2020-10-12 - A Look Inside The TrickBot Botnet.pdf
|
|
|
|
|
2020-10-12 - CVE-2020-1472- Advanced Persistent Threat Actors Use Zerologon Vulnerability In Exploit Chain with Unpatched Vulnerabilities.pdf
|
|
|
|
|
2020-10-12 - ESET takes part in global operation to disrupt Trickbot.pdf
|
|
|
|
|
2020-10-12 - KELA’s 100 Over 100- September 2020 in Network Access Sales.pdf
|
|
|
|
|
2020-10-12 - New action to combat ransomware ahead of U.S. elections.pdf
|
|
|
|
|
2020-10-12 - Trickbot disrupted.pdf
|
|
|
|
|
2020-10-12 - Trickbot- U.S. Court Order Hits Botnet’s Infrastructure.pdf
|
|
|
|
|
2020-10-12 - Why Emotet’s Latest Wave is Harder to Catch Than Ever Before – Part 2.pdf
|
|
|
|
|
2020-10-13 - Attackers Abuse MobileIron’s RCE to deliver Kaiten.pdf
|
|
|
|
|
2020-10-13 - BazarLoader Campaign with Fake Termination Emails.pdf
|
|
|
|
|
2020-10-13 - Deep Analysis – The EKING Variant of Phobos Ransomware.pdf
|
|
|
|
|
2020-10-13 - Overcoming the Challenges of Detecting P2P Botnets on Your Network.pdf
|
|
|
|
|
2020-10-13 - Tracing fresh Ryuk campaigns itw.pdf
|
|
|
|
|
2020-10-14 - Duck Hunting with Falcon Complete- Remediating a Fowl Banking Trojan, Part 3.pdf
|
|
|
|
|
2020-10-14 - FakeMBAM- Backdoor Delivered Through Software Updates.pdf
|
|
|
|
|
2020-10-14 - FIN11- Widespread Email Campaigns as Precursor for Ransomware and Data Theft.pdf
|
|
|
|
|
2020-10-14 - German Made State Malware Company FinFisher Raided.pdf
|
|
|
|
|
2020-10-14 - LV Ransomware.pdf
|
|
|
|
|
2020-10-14 - Secret Stealing Trojan Active in Brazil Releases the New Framework SolarSys.pdf
|
|
|
|
|
2020-10-14 - Silent Librarian APT right on schedule for 20-21 academic year.pdf
|
|
|
|
|
2020-10-14 - They’re back- inside a new Ryuk ransomware attack.pdf
|
|
|
|
|
2020-10-14 - Two New IoT Vulnerabilities Identified with Mirai Payloads.pdf
|
|
|
|
|
2020-10-15 - IAmTheKing and the SlothfulMedia malware family.pdf
|
|
|
|
|
2020-10-15 - Officials Announce International Operation Targeting Transnational Criminal Organization QQAAZZ that Provided Money Laundering Services to High-Level Cybercriminals.pdf
|
|
|
|
|
2020-10-15 - Panda’s New Arsenal- Part 1 Tmanger.pdf
|
|
|
|
|
2020-10-15 - That was quick Trickbot is back after disruption attempts.pdf
|
|
|
|
|
2020-10-15 - Ubisoft, Crytek data posted on ransomware gang's site.pdf
|
|
|
|
|
2020-10-16 - Geofenced Amazon Japan Credential Phishing Volumes Rival Emotet.pdf
|
|
|
|
|
2020-10-16 - How we're tackling evolving online threats.pdf
|
|
|
|
|
2020-10-16 - ThreatConnect Research Roundup- Possible Ryuk Infrastructure.pdf
|
|
|
|
|
2020-10-16 - ThunderX Ransomware rebrands as Ranzy Locker, adds data leak site.pdf
|
|
|
|
|
2020-10-16 - Trickbot Up to Its Old Tricks.pdf
|
|
|
|
|
2020-10-16 - VBA Purging Malspam Campaigns.pdf
|
|
|
|
|
2020-10-16 - WIZARD SPIDER Update- Resilient, Reactive and Resolute.pdf
|
|
|
|
|
2020-10-18 - Ryuk in 5 Hours.pdf
|
|
|
|
|
2020-10-19 - GravityRAT- The spy returns.pdf
|
|
|
|
|
2020-10-19 - GRU HACKERS' DESTRUCTIVE MALWARE AND INTERNATIONAL CYBER ATTACKS.pdf
|
|
|
|
|
2020-10-19 - Hackers Planted Trump Smears - and Pro-Iran Trolls Spread Them.pdf
|
|
|
|
|
2020-10-19 - Industry alert pins state, local government hacking on suspected Russian group (Temp.Isotope).pdf
|
|
|
|
|
2020-10-19 - New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks.pdf
|
|
|
|
|
2020-10-19 - Possible Identity of a Kuwaiti Hacker NYANxCAT.pdf
|
|
|
|
|
2020-10-19 - Purple Fox EK - New CVEs, Steganography, and Virtualization Added to Attack Flow.pdf
|
|
|
|
|
2020-10-19 - Revisited- Fancy Bear's New Faces...and Sandworms' too.pdf
|
|
|
|
|
2020-10-19 - The Many Faces of Emotet.pdf
|
|
|
|
|
2020-10-19 - UK exposes series of Russian cyber attacks against Olympic and Paralympic Games.pdf
|
|
|
|
|
2020-10-19 - US charges Russian GRU officers for NotPetya, other major hacks.pdf
|
|
|
|
|
2020-10-19 - US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit.pdf
|
|
|
|
|
2020-10-20 - 404 Keylogger Campaigns.pdf
|
|
|
|
|
2020-10-20 - An update on disruption of Trickbot.pdf
|
|
|
|
|
2020-10-20 - Barnes & Noble hit by Egregor ransomware, strange data leaked.pdf
|
|
|
|
|
2020-10-20 - Chinese State-Sponsored Actors Exploit Publicly Known Vulnerabilitie.PDF
|
|
|
|
|
2020-10-20 - FBI Investigating Threatening Emails Sent To Democrats In Florida.pdf
|
|
|
|
|
2020-10-20 - Global Trickbot disruption operation shows promise.pdf
|
|
|
|
|
2020-10-20 - Katana- a new variant of the Mirai botnet.pdf
|
|
|
|
|
2020-10-21 - 'MuddyWater' spies suspected in attacks against Middle East governments, telecoms.pdf
|
|
|
|
|
2020-10-21 - Life of Maze ransomware.pdf
|
|
|
|
|
2020-10-21 - LockBit uses automated attack tools to identify tasty targets.pdf
|
|
|
|
|
2020-10-21 - Media Coverage Doesn’t Deter Actor From Threatening Democratic Voters.pdf
|
|
|
|
|
2020-10-21 - Seedworm- Iran-Linked Group Continues to Target Organizations in the Middle East.pdf
|
|
|
|
|
2020-10-21 - T-RAT 2.0- Malware control via smartphone.pdf
|
|
|
|
|
2020-10-22 - Alert (AA20-296A)- Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets.pdf
|
|
|
|
|
2020-10-22 - Alert (AA20-296B)- Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems.pdf
|
|
|
|
|
2020-10-22 - An Inside Look at How Ryuk Evolved Its Encryption and Evasion Techniques.pdf
|
|
|
|
|
2020-10-22 - EU sanctions Russia over 2015 German Parliament hack.pdf
|
|
|
|
|
2020-10-22 - French IT giant Sopra Steria hit by Ryuk ransomware.pdf
|
|
|
|
|
2020-10-22 - On the trail of the XMRig miner.pdf
|
|
|
|
|
2020-10-22 - Russian Vehicle Registration Leak Reveals Additional GRU Hackers.pdf
|
|
|
|
|
2020-10-22 - Treasury Sanctions Iranian Entities for Attempted Election Interference.pdf
|
|
|
|
|
2020-10-23 - A Last Clever Knot-.pdf
|
|
|
|
|
2020-10-23 - APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析.pdf
|
|
|
|
|
2020-10-23 - Catching Lazarus- Threat Intelligence to Real Detection Logic - Part Two.pdf
|
|
|
|
|
2020-10-23 - Exclusive- 'Dumb mistake' exposed Iranian hand behind fake Proud Boys U.S. election emails - sources.pdf
|
|
|
|
|
2020-10-23 - Exclusive- National Guard called in to thwart cyberattack in Louisiana weeks before election.pdf
|
|
|
|
|
2020-10-23 - Leakware-Ransomware-Hybrid Attacks.pdf
|
|
|
|
|
2020-10-23 - New RAT malware gets commands via Discord, has ransomware feature.pdf
|
|
|
|
|
2020-10-23 - Report- Ransomware disables Georgia county election database.pdf
|
|
|
|
|
2020-10-23 - Russia’s Clandestine Chemical Weapons Programme and the GRU’s Unit 29155.pdf
|
|
|
|
|
2020-10-23 - Treasury Sanctions Russian Government Research Institution Connected to the Triton Malware.pdf
|
|
|
|
|
2020-10-24 - Gacrux – a basic C malware with a custom PE loader.pdf
|
|
|
|
|
2020-10-25 - MetadataBin Ransomware.pdf
|
|
|
|
|
2020-10-26 - Dropping the Anchor.pdf
|
|
|
|
|
2020-10-26 - Excel 4 Macros- -Abnormal Sheet Visibility-.pdf
|
|
|
|
|
2020-10-26 - Exploit Developer Spotlight- The Story of PlayBit.pdf
|
|
|
|
|
2020-10-26 - The Russian Hackers (BERSERK BEAR) Playing 'Chekhov's Gun' With US Infrastructure.pdf
|
|
|
|
|
2020-10-26 - Threat Hunting for Avaddon Ransomware.pdf
|
|
|
|
|
2020-10-26 - ThreatConnect Research Roundup- Ryuk and Domains Spoofing ESET and Microsoft.pdf
|
|
|
|
|
2020-10-27 - Alert (AA20-301A)- North Korean Advanced Persistent Threat Focus- Kimsuky.pdf
|
|
|
|
|
2020-10-27 - APT-31 leverages COVID-19 vaccine theme and abuses legitimate online services.pdf
|
|
|
|
|
2020-10-27 - Data exfiltration via IPv6.pdf
|
|
|
|
|
2020-10-27 - Enel Group hit by ransomware again, Netwalker demands $14 million.pdf
|
|
|
|
|
2020-10-27 - Mars Ransomware.pdf
|
|
|
|
|
2020-10-27 - MTR Casebook- An active adversary caught in the act.pdf
|
|
|
|
|
2020-10-27 - Purchase Order Phishing, the Everlasting Phishing Tactic.pdf
|
|
|
|
|
2020-10-27 - Steelcase furniture giant hit by Ryuk ransomware attack.pdf
|
|
|
|
|
2020-10-28 - Alleged REvil member spills details on groups ransomware operations.pdf
|
|
|
|
|
2020-10-28 - Cyberattacks target international conference attendees (APT35-PHOSPHORUS).pdf
|
|
|
|
|
2020-10-28 - Fake COVID-19 survey hides ransomware in Canadian university attack.pdf
|
|
|
|
|
2020-10-28 - FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals.pdf
|
|
|
|
|
2020-10-28 - Hacks for sale- inside the Buer Loader malware-as-a-service.pdf
|
|
|
|
|
2020-10-28 - Operation Earth Kitsune- A Dance of Two New Backdoors.pdf
|
|
|
|
|
2020-10-28 - The many personalities of Lazarus.pdf
|
|
|
|
|
2020-10-28 - Turla uses HyperStack, Carbon, and Kazuar to compromise government entity.pdf
|
|
|
|
|
2020-10-28 - UNC1878 indicators.pdf
|
|
|
|
|
2020-10-28 - Unhappy Hour Special- KEGTAP and SINGLEMALT With a Ransomware Chaser.pdf
|
|
|
|
|
2020-10-29 - A Bazar start- How one hospital thwarted a Ryuk ransomware outbreak.pdf
|
|
|
|
|
2020-10-29 - Building wave of ransomware attacks strike U.S. hospitals.pdf
|
|
|
|
|
2020-10-29 - Domain Parking- A Gateway to Attackers Spreading Emotet and Impersonating McAfee.pdf
|
|
|
|
|
2020-10-29 - DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread.pdf
|
|
|
|
|
2020-10-29 - Egregor- Sekhmet’s Cousin.pdf
|
|
|
|
|
2020-10-29 - FIN11- A Widespread Ransomware and Extortion Operation (Webinar).pdf
|
|
|
|
|
2020-10-29 - Hacking group is targeting US hospitals with Ryuk ransomware.pdf
|
|
|
|
|
2020-10-29 - List of CobaltStrike C2's used by RYUK.pdf
|
|
|
|
|
2020-10-29 - Malware Analysis Report (AR20-303A)- PowerShell Script- ComRAT.pdf
|
|
|
|
|
2020-10-29 - Malware Analysis Report (AR20-303B)- ZEBROCY Backdoor.pdf
|
|
|
|
|
2020-10-29 - Maze ransomware is shutting down its cybercrime operation.pdf
|
|
|
|
|
2020-10-29 - Online Leader Invites You to This Webex Phish.pdf
|
|
|
|
|
2020-10-29 - REvil ransomware gang claims over $100 million profit in a year.pdf
|
|
|
|
|
2020-10-29 - Several hospitals targeted in new wave of ransomware attacks.pdf
|
|
|
|
|
2020-10-29 - Threat Assessment- Ryuk Ransomware and Trickbot Targeting U.S. Healthcare and Public Health Sector.pdf
|
|
|
|
|
2020-10-30 - Alert (AA20-304A)- Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data.pdf
|
|
|
|
|
2020-10-30 - Russian hackers targeted California, Indiana Democratic parties.pdf
|
|
|
|
|
2020-10-30 - The Ryuk Threat- Why BazarBackdoor Matters Most.pdf
|
|
|
|
|
2020-10-30 - UNC 1878 Indicators from Threatconnect.pdf
|
|
|
|
|
2020-10-30 - 攻击武器再升级:Donot组织利用伪造签名样本的攻击活动分析.pdf
|
|
|
|
|
2020-10-30 - 蓝色魔眼(APT-C-41)组织首次针对我国重要机构定向攻击活动披露.pdf
|
|
|
|
|
2020-10-31 - Ryuk and Splunk Detections.pdf
|
|
|
|
|
2020-11-01 - Observed Malware Campaigns – October 2020.pdf
|
|
|
|
|
2020-11-01 - Vjw0rm is Back With New Tactics.pdf
|
|
|
|
|
2020-11-02 - CSS-JS Steganography in Fake Flash Player Update Malware.pdf
|
|
|
|
|
2020-11-02 - Live off the Land- How About Bringing Your Own Island- An Overview of UNC1945.pdf
|
|
|
|
|
2020-11-02 - TinyPOS and ProLocker- An Odd Relationship.pdf
|
|
|
|
|
2020-11-03 - Adventures in Anti-Gravity- Deconstructing the Mac Variant of GravityRAT.pdf
|
|
|
|
|
2020-11-03 - APT trends report Q3 2020.pdf
|
|
|
|
|
2020-11-03 - Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike.pdf
|
|
|
|
|
2020-11-03 - New RegretLocker ransomware targets Windows virtual machines.pdf
|
|
|
|
|
2020-11-03 - Versions of PsiXBot.pdf
|
|
|
|
|
2020-11-04 - A new APT uses DLL side-loads to “KilllSomeOne”.pdf
|
|
|
|
|
2020-11-04 - In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871.pdf
|
|
|
|
|
2020-11-04 - Persistent Actor Targets Ledger Cryptocurrency Wallets.pdf
|
|
|
|
|
2020-11-04 - REvil ransomware gang 'acquires' KPOT malware.pdf
|
|
|
|
|
2020-11-04 - The Enigmatic Energetic Bear.pdf
|
|
|
|
|
2020-11-04 - United States Seizes 27 Additional Domain Names Used by Iran’s Islamic Revolutionary Guard Corps to Further a Global, Covert Influence Campaign.pdf
|
|
|
|
|
2020-11-05 - #ThreatThursday - Ryuk.pdf
|
|
|
|
|
2020-11-05 - Agent Tesla- A Day in a Life of IR.pdf
|
|
|
|
|
2020-11-05 - ALFA TEaM Shell ~ v4.1-Tesla- A Feature Update Analysis.pdf
|
|
|
|
|
2020-11-05 - Attack of the clones- Git clients remote code execution.pdf
|
|
|
|
|
2020-11-05 - Babax stealer rebrands to Osno, installs rootkit.pdf
|
|
|
|
|
2020-11-05 - Brazil's court system under massive RansomExx ransomware attack.pdf
|
|
|
|
|
2020-11-05 - Capcom hit by Ragnar Locker ransomware, 1TB allegedly stolen.pdf
|
|
|
|
|
2020-11-05 - Capcom quietly discloses cyberattack impacting email, file servers.pdf
|
|
|
|
|
2020-11-05 - Cerberus is Dead, Long Live Cerberus-.pdf
|
|
|
|
|
2020-11-05 - Gitpaste-12- a new worming botnet with reverse shell capability spreading via GitHub and Pastebin.pdf
|
|
|
|
|
2020-11-05 - Hunting Emotet with Brim and Zeek.pdf
|
|
|
|
|
2020-11-05 - INJ3CTOR3 Operation – Leveraging Asterisk Servers for Monetization.pdf
|
|
|
|
|
2020-11-05 - Japanese game dev Capcom hit by cyberattack, business impacted.pdf
|
|
|
|
|
2020-11-05 - Operation North Star- Behind The Scenes.pdf
|
|
|
|
|
2020-11-05 - Resourceful macOS Malware Hides in Named Fork.pdf
|
|
|
|
|
2020-11-05 - Ryuk Adversary Emulation Plan.pdf
|
|
|
|
|
2020-11-05 - Ryuk Speed Run, 2 Hours to Ransom.pdf
|
|
|
|
|
2020-11-05 - ThreatThursday - Ryuk.pdf
|
|
|
|
|
2020-11-06 - Anatomy of Attack- Inside BazarBackdoor to Ryuk Ransomware -one- Group via Cobalt Strike.pdf
|
|
|
|
|
2020-11-06 - Cobalt Strike 4.2 – Everything but the kitchen sink.pdf
|
|
|
|
|
2020-11-06 - Indicators of Compromise related to Cobaltstrike, PyXie Lite, Vatet and Defray777.pdf
|
|
|
|
|
2020-11-06 - Last, but Not Least- Defray777.pdf
|
|
|
|
|
2020-11-06 - Linking Vatet, PyXie and Defray777.pdf
|
|
|
|
|
2020-11-06 - Netwalker Ransomware.pdf
|
|
|
|
|
2020-11-06 - Next Up- “PyXie Lite”.pdf
|
|
|
|
|
2020-11-06 - Quick Post- Spooky New PowerShell Obfuscation in Emotet Maldocs.pdf
|
|
|
|
|
2020-11-06 - RansomEXX Trojan attacks Linux systems.pdf
|
|
|
|
|
2020-11-06 - Ransomware Alert- Pay2Key.pdf
|
|
|
|
|
2020-11-06 - When Threat Actors Fly Under the Radar- Vatet, PyXie and Defray777.pdf
|
|
|
|
|
2020-11-06 - 分析レポート:Emotetの裏で動くバンキングマルウェア「Zloader」に注意.pdf
|
|
|
|
|
2020-11-07 - Linux.Midrashim.pdf
|
|
|
|
|
2020-11-09 - A Closer Look at the Web Skimmer.pdf
|
|
|
|
|
2020-11-09 - An Old Joker’s New Tricks- Using Github To Hide Its Payload.pdf
|
|
|
|
|
2020-11-09 - Analysis of the latest targeted attacks by Lugansk against Ukraine.pdf
|
|
|
|
|
2020-11-09 - Fake Microsoft Teams updates lead to Cobalt Strike deployment.pdf
|
|
|
|
|
2020-11-09 - Ghimob- a Tétrade threat actor moves to infect mobile devices.pdf
|
|
|
|
|
2020-11-09 - Laptop maker Compal hit by ransomware, $17 million demanded.pdf
|
|
|
|
|
2020-11-09 - Phishing Campaign Threatens Job Security, Drops Bazar and Buer Malware.pdf
|
|
|
|
|
2020-11-09 - The Exploitation of CVE-2020-0688 in the UAE.pdf
|
|
|
|
|
2020-11-09 - WOW64!Hooks- WOW64 Subsystem Internals and Hooking Techniques.pdf
|
|
|
|
|
2020-11-09 - xHunt Campaign- Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control.pdf
|
|
|
|
|
2020-11-10 - Ransomware Group Turns to Facebook Ads.pdf
|
|
|
|
|
2020-11-10 - Threat Hunting for REvil Ransomware.pdf
|
|
|
|
|
2020-11-10 - Trickbot down but is it out.pdf
|
|
|
|
|
2020-11-11 - Extrapolating Adversary Intent Through Infrastructure.pdf
|
|
|
|
|
2020-11-11 - Targeted ransomware- it’s not just about encrypting your data! Part 1 - “Old and New Friends”.pdf
|
|
|
|
|
2020-11-11 - Wroba Android banking trojan targets Japan.pdf
|
|
|
|
|
2020-11-12 - An Investigative Analysis of the Silent Librarian IoCs.pdf
|
|
|
|
|
2020-11-12 - Biotech research firm Miltenyi Biotec hit by ransomware, data leaked.pdf
|
|
|
|
|
2020-11-12 - CRAT wants to plunder your endpoints.pdf
|
|
|
|
|
2020-11-12 - Cryptominers Exploiting WebLogic RCE CVE-2020-14882.pdf
|
|
|
|
|
2020-11-12 - Darkside Ransomware Gang Launches Affiliate Program.pdf
|
|
|
|
|
2020-11-12 - Diving into the Sun — SunCrypt- A new neighbour in the ransomware mafia.pdf
|
|
|
|
|
2020-11-12 - Egregor – Prolock- Fraternal Twins -.pdf
|
|
|
|
|
2020-11-12 - Hungry for data, ModPipe backdoor hits POS software used in hospitality sector.pdf
|
|
|
|
|
2020-11-12 - Hunting for Barium using Azure Sentinel.pdf
|
|
|
|
|
2020-11-12 - Living Off The Land on a Private Island- An Overview of UNC1945.pdf
|
|
|
|
|
2020-11-12 - Operation Gold Hunting- Targeting the Cutting-Edge Technology Industry.pdf
|
|
|
|
|
2020-11-12 - Password stealer in Delphi- Meh… (2-2).pdf
|
|
|
|
|
2020-11-12 - Splunking with Sysmon Part 4- Detecting Trickbot.pdf
|
|
|
|
|
2020-11-12 - The CostaRicto Campaign- Cyber-Espionage Outsourced.pdf
|
|
|
|
|
2020-11-12 - Threat Profile- JUPYTER INFOSTEALER.pdf
|
|
|
|
|
2020-11-13 - Biotech research firm Miltenyi Biotec hit by ransomware, data leaked.pdf
|
|
|
|
|
2020-11-13 - Cyberattacks targeting health care must stop.pdf
|
|
|
|
|
2020-11-13 - DarkSide ransomware is creating a secure data leak service in Iran.pdf
|
|
|
|
|
2020-11-13 - HelloKitty Ransomware.pdf
|
|
|
|
|
2020-11-13 - Here Comes TroubleGrabber- Stealing Credentials Through Discord.pdf
|
|
|
|
|
2020-11-13 - Quick update on the Linux.Ngioweb botnet, now it is going after IoT devices.pdf
|
|
|
|
|
2020-11-14 - Deep Dive Into Ryuk Ransomware.pdf
|
|
|
|
|
2020-11-14 - Retail giant Cencosud hit by Egregor Ransomware attack, stores impacted.pdf
|
|
|
|
|
2020-11-14 - The Week in Ransomware - November 13th 2020 - Extortion gone wild.pdf
|
|
|
|
|
2020-11-15 - From virus alert to PowerShell Encrypted Loader.pdf
|
|
|
|
|
2020-11-16 - ELF_PLEAD - Linux Malware Used by BlackTech.pdf
|
|
|
|
|
2020-11-16 - Lazarus supply‑chain attack in South Korea.pdf
|
|
|
|
|
2020-11-16 - Malicious Actors Target Comm Apps such as Zoom, Slack, Discord.pdf
|
|
|
|
|
2020-11-16 - Malsmoke operators abandon exploit kits in favor of social engineering scheme.pdf
|
|
|
|
|
2020-11-16 - Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware.pdf
|
|
|
|
|
2020-11-16 - PoorWeb - Hitching a Ride on Hangul.pdf
|
|
|
|
|
2020-11-16 - Ransomware-as-a-service The pandemic within a pandemic.pdf
|
|
|
|
|
2020-11-16 - TA505- A Brief History Of Their Time.pdf
|
|
|
|
|
2020-11-17 - FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme.pdf
|
|
|
|
|
2020-11-17 - Iranian APT Utilizing Commercial VPN Services.pdf
|
|
|
|
|
2020-11-17 - Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign.pdf
|
|
|
|
|
2020-11-17 - Nibiru ransomware variant decryptor.pdf
|
|
|
|
|
2020-11-17 - OceanLotus Continues With Its Cyber Espionage Operations.pdf
|
|
|
|
|
2020-11-17 - RegretLocker.pdf
|
|
|
|
|
2020-11-17 - TAG Bulletin- Q4 2020.pdf
|
|
|
|
|
2020-11-17 - Ukraine’s Top Cyber Cop on Defending Against Disinformation and Russian Hackers.pdf
|
|
|
|
|
2020-11-18 - Analyzing Network Infrastructure as Composite Objects.pdf
|
|
|
|
|
2020-11-18 - Android Mischief Dataset.pdf
|
|
|
|
|
2020-11-18 - Back from vacation- Analyzing Emotet’s activity in 2020.pdf
|
|
|
|
|
2020-11-18 - Business as usual- Criminal Activities in Times of a Global Pandemic.pdf
|
|
|
|
|
2020-11-18 - Hacking Farm to Table- Threat Hunters Uncover Rise in Attacks Against Agriculture.pdf
|
|
|
|
|
2020-11-18 - Malware Analysis Spotlight- AZORult Delivered by GuLoader.pdf
|
|
|
|
|
2020-11-18 - Panda’s New Arsenal- Part 2 Albaniiutas.pdf
|
|
|
|
|
2020-11-18 - Ranzy Ransomware - Better Encryption Among New Features of ThunderX Derivative.pdf
|
|
|
|
|
2020-11-18 - REvil ransomware hits Managed.com hosting provider, 500K ransom.pdf
|
|
|
|
|
2020-11-18 - Stopping BuerLoader With Minerva Lab's Hostile Environment Simulation module.pdf
|
|
|
|
|
2020-11-18 - Thanos Ransomware Evading Anti-ransomware Protection With RIPlace Tactic.pdf
|
|
|
|
|
2020-11-18 - Zooming into Darknet Threats Targeting Japanese Organizations.pdf
|
|
|
|
|
2020-11-19 - APT Exploits Microsoft Zerologon Bug- Targets Japanese Companies.pdf
|
|
|
|
|
2020-11-19 - Chinese Scam Shops Lure Black Friday Shoppers.pdf
|
|
|
|
|
2020-11-19 - Cybereason vs. MedusaLocker Ransomware.pdf
|
|
|
|
|
2020-11-19 - Hiding in the Noise.pdf
|
|
|
|
|
2020-11-19 - Mount Locker ransomware now targets your TurboTax tax returns.pdf
|
|
|
|
|
2020-11-19 - OK Google, Build Me a Phishing Campaign.pdf
|
|
|
|
|
2020-11-19 - PowerShell Dropper Delivering Formbook.pdf
|
|
|
|
|
2020-11-19 - Purgalicious VBA- Macro Obfuscation With VBA Purging.pdf
|
|
|
|
|
2020-11-19 - Rewterz Threat Alert – Common Raven – IOCs.pdf
|
|
|
|
|
2020-11-19 - Threat Actor Utilizes COVID-19 Uncertainty to Target Users.pdf
|
|
|
|
|
2020-11-20 - 360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico.pdf
|
|
|
|
|
2020-11-20 - Current Events to Widespread Campaigns- Pivoting from Samples to Identify Activity.pdf
|
|
|
|
|
2020-11-20 - Detecting Cobalt Strike Default Modules via Named Pipe Analysis.pdf
|
|
|
|
|
2020-11-20 - MooBot on the run using another 0 day targeting UNIX CCTV DVR.pdf
|
|
|
|
|
2020-11-20 - The Locking Egregor.pdf
|
|
|
|
|
2020-11-20 - The malware that usually installs ransomware and you need to remove right away.pdf
|
|
|
|
|
2020-11-20 - Weaponizing Open Source Software for Targeted Attacks.pdf
|
|
|
|
|
2020-11-21 - Deep Dive Into HERMES Ransomware.pdf
|
|
|
|
|
2020-11-21 - Multi-Vector Miner and Tsunami Botnet with SSH Lateral Movement.pdf
|
|
|
|
|
2020-11-21 - Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement.pdf
|
|
|
|
|
2020-11-22 - Analyzing an Emotet Dropper and Writing a Python Script to Statically Unpack Payload..pdf
|
|
|
|
|
2020-11-22 - Election Cyber Threats in the Asia-Pacific Region.pdf
|
|
|
|
|
2020-11-23 - Alert Number I-112320-PSA- Spoofed FBI Internet Domains Pose Cyber and Disinformation Risks.pdf
|
|
|
|
|
2020-11-23 - Genetic Analysis of CryptoWall Ransomware.pdf
|
|
|
|
|
2020-11-23 - Heres what happens after a business gets hit with ransomware.pdf
|
|
|
|
|
2020-11-23 - PYSA-Mespinoza Ransomware.pdf
|
|
|
|
|
2020-11-23 - TA416 Goes to Ground and Returns with a Golang PlugX Malware Loader.pdf
|
|
|
|
|
2020-11-23 - TrickBot is Dead. Long Live TrickBot!.pdf
|
|
|
|
|
2020-11-23 - Zoom into Kinsing.pdf
|
|
|
|
|
2020-11-24 - Analysis of Kinsing Malware's Use of Rootkit.pdf
|
|
|
|
|
2020-11-24 - Stantinko’s Proxy After Your Apache Server.pdf
|
|
|
|
|
2020-11-25 - CSP, the Right Solution for the Web-Skimming Pandemic-.pdf
|
|
|
|
|
2020-11-25 - Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone.pdf
|
|
|
|
|
2020-11-25 - Microsoft Teams- New Attack Form Almost Takes Down Global Financial Institution.pdf
|
|
|
|
|
2020-11-25 - Warzone RAT comes with UAC bypass technique.pdf
|
|
|
|
|
2020-11-26 - Actor behind Operation LagTime targets Russia.pdf
|
|
|
|
|
2020-11-26 - Bandook- Signed & Delivered.pdf
|
|
|
|
|
2020-11-26 - Cybereason vs. Egregor Ransomware.pdf
|
|
|
|
|
2020-11-26 - Hackers Love Expired Domains.pdf
|
|
|
|
|
2020-11-26 - Payment skimmer hides in social media buttons.pdf
|
|
|
|
|
2020-11-26 - Tracking Cryptocurrency Malware in The Homelab.pdf
|
|
|
|
|
2020-11-26 - Using similarity to expand context and map out threat campaigns.pdf
|
|
|
|
|
2020-11-27 - Adventures in Anti-Gravity (Part II) Deconstructing the Mac Variant of GravityRAT.pdf
|
|
|
|
|
2020-11-27 - Aggah Campaign’s Latest Tactics- Victimology, PowerPoint Dropper and Cryptocurrency Stealer.pdf
|
|
|
|
|
2020-11-27 - Analyzing Organizational Invasion Ransom Incidents Using Dtrack.pdf
|
|
|
|
|
2020-11-27 - Dissecting APT21 samples using a step-by-step approach.pdf
|
|
|
|
|
2020-11-27 - Having fun with a Ursnif VBS dropper.pdf
|
|
|
|
|
2020-11-27 - New MacOS Backdoor Connected to OceanLotus Surfaces.pdf
|
|
|
|
|
2020-11-27 - The ICO Fines Ticketmaster UK £1.25 Million for Security Failures- A Lesson to be Learned.pdf
|
|
|
|
|
2020-11-27 - Threat Actor- Unkown.pdf
|
|
|
|
|
2020-11-27 - 钱包黑洞:Lazarus 组织近期在加密货币方面的隐蔽攻击活动.pdf
|
|
|
|
|
2020-11-28 - Hunting Koadic Pt. 2 - JARM Fingerprinting.pdf
|
|
|
|
|
2020-11-30 - Do you want to bake a donut- Come on, let’s go update~ Go away, Maria..pdf
|
|
|
|
|
2020-11-30 - German users targeted with Gootkit banker or REvil ransomware.pdf
|
|
|
|
|
2020-11-30 - Shadows From The Past Threaten Italian Enterprises.pdf
|
|
|
|
|
2020-11-30 - Threat actor (BISMUTH) leverages coin miner techniques to stay under the radar – here’s how to spot them.pdf
|
|
|
|
|
2020-11-30 - Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them.pdf
|
|
|
|
|
2020-12 - Solarwinds Breach Resource Center.pdf
|
|
|
|
|
2020-12-01 - [Urgent Report] Targeted attack by -SigLoader- that exploits Microsoft's digital signature file confirmed.pdf
|
|
|
|
|
2020-12-01 - Alert (AA20-336A)- Advanced Persistent Threat Actors Targeting U.S. Think Tanks.pdf
|
|
|
|
|
2020-12-01 - Blade Eagle Group - Targeted attack group activities circling the Middle East and West Asia's cyberspace revealed.pdf
|
|
|
|
|
2020-12-01 - Cobalt Strike PowerShell Execution.pdf
|
|
|
|
|
2020-12-01 - DarkIRC bot exploits recent Oracle WebLogic vulnerability.pdf
|
|
|
|
|
2020-12-01 - Dox, steal, reveal. Where does your personal data end up-.pdf
|
|
|
|
|
2020-12-01 - Hunting Beacons.pdf
|
|
|
|
|
2020-12-01 - IceRat evades antivirus by running PHP on Java VM.pdf
|
|
|
|
|
2020-12-01 - Running in Circles Uncovering the Clients of Cyberespionage Firm Circles.pdf
|
|
|
|
|
2020-12-01 - Steal then strike Access merchants are first clues to future ransomware attacks.pdf
|
|
|
|
|
2020-12-01 - The Impact of Modern Ransomware on Manufacturing Networks.pdf
|
|
|
|
|
2020-12-01 - There’s a RAT in my code- new npm malware with Bladabindi trojan spotted.pdf
|
|
|
|
|
2020-12-01 - Using Speakeasy Emulation Framework Programmatically to Unpack Malware.pdf
|
|
|
|
|
2020-12-01 - Xanthe - Docker aware miner.pdf
|
|
|
|
|
2020-12-01 - “Free” Symchanger Malware Tricks Users Into Installing Backdoor.pdf
|
|
|
|
|
2020-12-02 - APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique.pdf
|
|
|
|
|
2020-12-02 - Automated string de-gobfuscation.pdf
|
|
|
|
|
2020-12-02 - Deep Dive into an Obfuscation-as-a-Service for Android Malware.pdf
|
|
|
|
|
2020-12-02 - Fileless Malware Executing in Containers.pdf
|
|
|
|
|
2020-12-02 - IcedID Stealer Man-in-the-browser Banking Trojan.pdf
|
|
|
|
|
2020-12-02 - Identifying Network Infrastructure Related to a World Health Organization Spoofing Campaign.pdf
|
|
|
|
|
2020-12-02 - Persistent parasite in EOL Magento 2 stores wakes at Black Friday.pdf
|
|
|
|
|
2020-12-02 - Threat Alert- Fileless Malware Executing in Containers.pdf
|
|
|
|
|
2020-12-02 - Turla Crutch- Keeping the “back door” open.pdf
|
|
|
|
|
2020-12-02 - ‘Shadow Academy’ Targets 20 Universities Worldwide.pdf
|
|
|
|
|
2020-12-03 - [Mal Series #13] Darkside Ransom.pdf
|
|
|
|
|
2020-12-03 - [Mal Series 13] Darkside Ransom.pdf
|
|
|
|
|
2020-12-03 - Another LILIN DVR 0-day being used to spread Mirai.pdf
|
|
|
|
|
2020-12-03 - APT annual review- What the world’s threat actors got up to in 2020.pdf
|
|
|
|
|
2020-12-03 - DeathStalker Hits the Americas & Europe With New PowerPepper Malware.pdf
|
|
|
|
|
2020-12-03 - Easy Way In- 5 Ransomware Victims Had Their Pulse Secure VPN Credentials Leaked.pdf
|
|
|
|
|
2020-12-03 - How to Beat Nefilim Ransomware Attacks.pdf
|
|
|
|
|
2020-12-03 - IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain.pdf
|
|
|
|
|
2020-12-03 - Kmart nationwide retailer suffers a ransomware attack.pdf
|
|
|
|
|
2020-12-03 - Ransomware gang says they stole 2 million credit cards from E-Land.pdf
|
|
|
|
|
2020-12-03 - TrickBot Now Offers ‘TrickBoot’- Persist, Brick, Profit.pdf
|
|
|
|
|
2020-12-03 - Vulnerability in Google Play Core Library Remains Unpatched in Google Play Applications.pdf
|
|
|
|
|
2020-12-03 - What did DeathStalker hide between two ferns-.pdf
|
|
|
|
|
2020-12-04 - Inside a .NET Stealer- AgentTesla.pdf
|
|
|
|
|
2020-12-04 - Largest global staffing agency Randstad hit by Egregor ransomware.pdf
|
|
|
|
|
2020-12-04 - Metro Vancouver's transit system hit by Egregor ransomware.pdf
|
|
|
|
|
2020-12-04 - Obfuscation Techniques in MARIJUANA Shell “Bypass”.pdf
|
|
|
|
|
2020-12-04 - Snakes & Ladders- the offensive use of Python on Windows.pdf
|
|
|
|
|
2020-12-04 - The chronicles of Emotet.pdf
|
|
|
|
|
2020-12-04 - Yellow Cockatoo- Search engine redirects, in-memory remote access trojan, and more.pdf
|
|
|
|
|
2020-12-05 - Ransomware hits helicopter maker Kopter.pdf
|
|
|
|
|
2020-12-07 - A Gafgyt variant that exploits Pulse Secure CVE-2020-8218.pdf
|
|
|
|
|
2020-12-07 - Advanced Persistent Infrastructure Tracking.pdf
|
|
|
|
|
2020-12-07 - Analysis of the suspected two-tailed scorpion APT organization using CIA-funded information about Hamas as bait.pdf
|
|
|
|
|
2020-12-07 - Blocking APT- Qi'anxin QOWL engine defeats BITTER's targeted attacks on domestic government and enterprises.pdf
|
|
|
|
|
2020-12-07 - Commodity .NET Packers use Embedded Images to Hide Payloads.pdf
|
|
|
|
|
2020-12-07 - Egregor Ransomware - An In-Depth Analysis.pdf
|
|
|
|
|
2020-12-07 - Foxconn electronics giant hit by ransomware, $34 million ransom.pdf
|
|
|
|
|
2020-12-07 - Massive malicious campaign by FakeSecurity JS-sniffer.pdf
|
|
|
|
|
2020-12-07 - Rana Android Malware Your past catches up, sooner or later....pdf
|
|
|
|
|
2020-12-07 - The footprints of Raccoon- a story about operators of JS-sniffer FakeSecurity distributing Raccoon stealer.pdf
|
|
|
|
|
2020-12-08 - A Red Teamer Plays with JARM.pdf
|
|
|
|
|
2020-12-08 - Egregor ransomware- Maze’s heir apparent.pdf
|
|
|
|
|
2020-12-08 - FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community.pdf
|
|
|
|
|
2020-12-08 - Gift Card Scams Explode in Upcoming Holiday Shopping Season.pdf
|
|
|
|
|
2020-12-08 - Identifying Critical Infrastructure Targeting through Network Creation.pdf
|
|
|
|
|
2020-12-08 - Norway says Russian hacking group APT28 is behind August 2020 Parliament hack.pdf
|
|
|
|
|
2020-12-08 - The why, what, and how of threat research.pdf
|
|
|
|
|
2020-12-08 - Threat Assessment- Egregor Ransomware.pdf
|
|
|
|
|
2020-12-08 - Unauthorized Access of FireEye Red Team Tools.pdf
|
|
|
|
|
2020-12-08 - Understanding BEC Scams- Supplier Invoicing Fraud.pdf
|
|
|
|
|
2020-12-08 - “「2021 평화∙통일 이야기 공모전」 참가 신청서” 제목의 한글문서 유포 (APT 추정).pdf
|
|
|
|
|
2020-12-09 - A Zebra in Gopher's Clothing- Russian APT Uses COVID-19 Lures to Deliver Zebrocy.pdf
|
|
|
|
|
2020-12-09 - APT Group Targeting Governmental Agencies in East Asia.pdf
|
|
|
|
|
2020-12-09 - EDR in block mode stops IcedID cold.pdf
|
|
|
|
|
2020-12-09 - Fireeye RED TEAM tool countermeasures.pdf
|
|
|
|
|
2020-12-09 - New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign.pdf
|
|
|
|
|
2020-12-09 - njRAT Spreading Through Active Pastebin Command and Control Tunnel.pdf
|
|
|
|
|
2020-12-09 - Quarterly Report- Incident Response trends from Fall 2020.pdf
|
|
|
|
|
2020-12-09 - Recent Qakbot (Qbot) activity.pdf
|
|
|
|
|
2020-12-09 - SideWinder Leverages South Asian Territorial Issues for Spear Phishing and Mobile Device Attacks.pdf
|
|
|
|
|
2020-12-10 - Alert (AA20-345A)- Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data.pdf
|
|
|
|
|
2020-12-10 - APT model worker- A summary of the activities of the Eastern European hacker group using spear phishing emails to attack Ukraine.pdf
|
|
|
|
|
2020-12-10 - Attack Activities by Quasar Family.pdf
|
|
|
|
|
2020-12-10 - Cybereason vs. Ryuk Ransomware.pdf
|
|
|
|
|
2020-12-10 - Dark Caracal- You Missed a Spot.pdf
|
|
|
|
|
2020-12-10 - Dutch expel two Russian diplomats for suspected espionage.pdf
|
|
|
|
|
2020-12-10 - No pandas just people The current state of Chinas cybercrime underground.pdf
|
|
|
|
|
2020-12-10 - Operation StealthyTrident- corporate software under attack.pdf
|
|
|
|
|
2020-12-10 - PGMiner- New Cryptocurrency Mining Botnet Delivered via PostgreSQL.pdf
|
|
|
|
|
2020-12-10 - PLEASE_READ_ME- The Opportunistic Ransomware Devastating MySQL Servers.pdf
|
|
|
|
|
2020-12-10 - Ryuk Crypto-Ransomware.pdf
|
|
|
|
|
2020-12-10 - Tactics, Techniques and Procedures (TTPs) Utilized by FireEye’s Red Team Tools.pdf
|
|
|
|
|
2020-12-10 - Taking Action Against Hackers in Bangladesh and Vietnam.pdf
|
|
|
|
|
2020-12-10 - Terrorism or Information Operation-.pdf
|
|
|
|
|
2020-12-10 - Threat Brief- FireEye Red Team Tool Breach.pdf
|
|
|
|
|
2020-12-10 - Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers.pdf
|
|
|
|
|
2020-12-10 - マルウェア「IcedID」の検知傾向と感染に至るプロセスを徹底解説.pdf
|
|
|
|
|
2020-12-11 - Investigating the Gootkit Loader.pdf
|
|
|
|
|
2020-12-11 - MountLocker Ransomware-as-a-Service Offers Double Extortion Capabilities to Affiliates.pdf
|
|
|
|
|
2020-12-11 - Panda’s New Arsenal- Part 3 Smanager.pdf
|
|
|
|
|
2020-12-11 - The Tangled Genealogy of IoT Malware.pdf
|
|
|
|
|
2020-12-12 - ContiUnpacker- An automatic unpacker for Conti rasnomware.pdf
|
|
|
|
|
2020-12-13 - Customer Guidance on Recent Nation-State Cyber Attacks.pdf
|
|
|
|
|
2020-12-13 - Decrypting strings with a JEB script.pdf
|
|
|
|
|
2020-12-13 - Defender Control.pdf
|
|
|
|
|
2020-12-13 - From ThreatHunting to Campaign Tracking.pdf
|
|
|
|
|
2020-12-13 - Global Intrusion Campaign Leverages Software Supply Chain Compromise.pdf
|
|
|
|
|
2020-12-13 - Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor.pdf
|
|
|
|
|
2020-12-13 - Important steps for customers to protect themselves from recent nation-state cyberattacks.pdf
|
|
|
|
|
2020-12-13 - Intel's Habana Labs hacked by Pay2Key ransomware, data stolen.pdf
|
|
|
|
|
2020-12-13 - SUNBURST Countermeasures.pdf
|
|
|
|
|
2020-12-13 - Suspected Russian hackers spied on U.S. Treasury emails - sources.pdf
|
|
|
|
|
2020-12-13 - Trojan-MSIL-Solorigate.B!dha.pdf
|
|
|
|
|
2020-12-14 - Dark Halo Leverages SolarWinds Compromise to Breach Organizations.pdf
|
|
|
|
|
2020-12-14 - Egregor Ransomware Launches String of High-Profile Attacks to End 2020.pdf
|
|
|
|
|
2020-12-14 - Everything but the kitchen sink- more attacks from the Gitpaste-12 worm.pdf
|
|
|
|
|
2020-12-14 - FireEye Sunburst KQL Detections.pdf
|
|
|
|
|
2020-12-14 - Incident response playbook for responding to SolarWinds Orion compromise.pdf
|
|
|
|
|
2020-12-14 - PyMICROPSIA- New Information-Stealing Trojan from AridViper.pdf
|
|
|
|
|
2020-12-14 - Responding to Solarigate.pdf
|
|
|
|
|
2020-12-14 - Security Advisory on SolarWinds Supply chain attack FAQ.pdf
|
|
|
|
|
2020-12-14 - Security Advisory on SolarWinds Supply chain attack.pdf
|
|
|
|
|
2020-12-14 - SolarWinds Orion and UNC2452 – Summary and Recommendations.pdf
|
|
|
|
|
2020-12-14 - Sophos-ReversingLabs (SOREL) 20 Million sample malware dataset.pdf
|
|
|
|
|
2020-12-14 - Sunburst- Supply Chain Attack Targets SolarWinds Users.pdf
|
|
|
|
|
2020-12-14 - Threat Advisory- SolarWinds supply chain attack.pdf
|
|
|
|
|
2020-12-14 - Threat Brief SolarStorm and SUNBURST Customer Coverage.pdf
|
|
|
|
|
2020-12-14 - Unraveling Network Infrastructure Linked to the SolarWinds Hack.pdf
|
|
|
|
|
2020-12-14 - Using Qiling Framework to Unpack TA505 packed samples.pdf
|
|
|
|
|
2020-12-14 - Using Splunk to Detect Sunburst Backdoor.pdf
|
|
|
|
|
2020-12-15 - A deep dive into an NSO zero-click iMessage exploit- Remote Code Execution.pdf
|
|
|
|
|
2020-12-15 - A quick note from Nick Carr on COSMICGALE and SUPERNOVA that those are unrelated to UC2452 intrusion campaign.pdf
|
|
|
|
|
2020-12-15 - Analyzing FireEye Maldocs.pdf
|
|
|
|
|
2020-12-15 - Conti Ransomware v2.pdf
|
|
|
|
|
2020-12-15 - Finding SUNBURST Backdoor with Zeek Logs & Corelight.pdf
|
|
|
|
|
2020-12-15 - Greetings from Lazarus Anatomy of a cyber espionage campaign.pdf
|
|
|
|
|
2020-12-15 - Infrastructure Research and Hunting- Boiling the Domain Ocean.pdf
|
|
|
|
|
2020-12-15 - Malware Analysis Spotlight – Hentai Oniichan Ransomware (Berserker Variant).pdf
|
|
|
|
|
2020-12-15 - Operation Falling Eagle-the secret of the most influential supply chain attack in history.pdf
|
|
|
|
|
2020-12-15 - Overview of Recent Sunburst Targeted Attacks.pdf
|
|
|
|
|
2020-12-15 - QakBot reducing its on disk artifacts.pdf
|
|
|
|
|
2020-12-15 - Removing Coordinated Inauthentic Behavior from France and Russia.pdf
|
|
|
|
|
2020-12-15 - Reverse engineering KPOT v2.0 Stealer.pdf
|
|
|
|
|
2020-12-15 - solarwinds-threathunt.pdf
|
|
|
|
|
2020-12-15 - Strategic Analysis- Agent Tesla Expands Targeting and Networking Capabilities.pdf
|
|
|
|
|
2020-12-15 - Sunburst Backdoor- A Deeper Look Into The SolarWinds' Supply Chain Malware (Broken link).pdf
|
|
|
|
|
2020-12-15 - Tactics, Techniques, and Procedures (TTPs) Used in the SolarWinds Breach.pdf
|
|
|
|
|
2020-12-15 - Threat Hunt Deep Dives- SolarWinds Supply Chain Compromise (Solorigate - SUNBURST Backdoor).pdf
|
|
|
|
|
2020-12-15 - Threat profile- Egregor ransomware is making a name for itself.pdf
|
|
|
|
|
2020-12-15 - Who is the Threat Actor Behind Operation Earth Kitsune-.pdf
|
|
|
|
|
2020-12-16 - A script to decode SUNBURST DGA domain.pdf
|
|
|
|
|
2020-12-16 - Adversary Playbook- JavaScript RAT Looking for that Government Cheese.pdf
|
|
|
|
|
2020-12-16 - Exclusive-Suspected Chinese hackers stole camera footage from African Union - memo.pdf
|
|
|
|
|
2020-12-16 - FireEye, Microsoft create kill switch for SolarWinds backdoor.pdf
|
|
|
|
|
2020-12-16 - Hiding in Plain Sight- Remediating “Hidden” Malware with Real Time Response.pdf
|
|
|
|
|
2020-12-16 - List of domain infrastructure including DGA domain used by UNC2452.pdf
|
|
|
|
|
2020-12-16 - Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users.pdf
|
|
|
|
|
2020-12-16 - Next Version of the Bazar Loader DGA.pdf
|
|
|
|
|
2020-12-16 - Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor.pdf
|
|
|
|
|
2020-12-16 - Snake-404 Keylogger, BIFF, and Covering Tracks-- An unusual maldoc.pdf
|
|
|
|
|
2020-12-16 - SolarWinds Post-Compromise Hunting with Azure Sentinel.pdf
|
|
|
|
|
2020-12-16 - SUNBURST- SolarWinds Supply-Chain Attack.pdf
|
|
|
|
|
2020-12-16 - SunBurst- the next level of stealth SolarWinds compromise exploited through sophistication and patience.pdf
|
|
|
|
|
2020-12-16 - Tracking and combatting an evolving danger- Ransomware extortion.pdf
|
|
|
|
|
2020-12-16 - 中招目标首次披露:SolarWinds供应链攻击相关域名生成算法可破解!.pdf
|
|
|
|
|
2020-12-16 - 旺刺组织(APT-C-47)使用ClickOnce技术的攻击活动披露.pdf
|
|
|
|
|
2020-12-17 - [RE017-1] Phân tích kỹ thuật dòng mã độc mới được sử dụng để tấn công chuỗi cung ứng nhắm vào Ban Cơ yếu Chính phủ Việt Nam của nhóm tin tặc Panda Trung Quốc (Phần 1).pdf
|
|
|
|
|
2020-12-17 - A moment of reckoning- the need for a strong and global cybersecurity response.pdf
|
|
|
|
|
2020-12-17 - Additional Analysis into the SUNBURST Backdoor.pdf
|
|
|
|
|
2020-12-17 - Alert (AA20-352A)- Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations.pdf
|
|
|
|
|
2020-12-17 - Credential Stealer Targets US, Canadian Bank Customers.pdf
|
|
|
|
|
2020-12-17 - DebUNCing Attribution How Mandiant Tracks Uncategorized Threat Actors.pdf
|
|
|
|
|
2020-12-17 - Hack Suggests New Scope, Sophistication for Cyberattacks.pdf
|
|
|
|
|
2020-12-17 - Increase In Attack- SocGholish.pdf
|
|
|
|
|
2020-12-17 - Microsoft confirms it was also breached in recent SolarWinds supply chain hack.pdf
|
|
|
|
|
2020-12-17 - Onboarding Threat Indicators into Splunk Enterprise Security- SolarWinds Continued.pdf
|
|
|
|
|
2020-12-17 - Operation SignSight- Supply‑chain attack against a certification authority in Southeast Asia.pdf
|
|
|
|
|
2020-12-17 - Pawn Storm’s Lack of Sophistication as a Strategy.pdf
|
|
|
|
|
2020-12-17 - Reassembling Victim Domain Fragments from SUNBURST DNS.pdf
|
|
|
|
|
2020-12-17 - Russia's Hack Wasn't Cyberwar. That Complicates US Strategy.pdf
|
|
|
|
|
2020-12-17 - Russian Hackers Have Been Inside Austin City Network for Months.pdf
|
|
|
|
|
2020-12-17 - Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs.pdf
|
|
|
|
|
2020-12-17 - SolarWinds Backdoor (Sunburst) Incident Response Playbook.pdf
|
|
|
|
|
2020-12-17 - Sunburst Backdoor, Part II- DGA & The List of Victims.pdf
|
|
|
|
|
2020-12-17 - SUPERNOVA SolarWinds .NET Webshell Analysis.pdf
|
|
|
|
|
2020-12-17 - SUPERNOVA- SolarStorm’s Novel .NET Webshell.pdf
|
|
|
|
|
2020-12-17 - The Dangers of Using Abandoned Plugins & Themes.pdf
|
|
|
|
|
2020-12-17 - The SolarWinds Orion SUNBURST supply-chain Attack.pdf
|
|
|
|
|
2020-12-18 - A quirk in the SUNBURST DGA algorithm.pdf
|
|
|
|
|
2020-12-18 - Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers.pdf
|
|
|
|
|
2020-12-18 - Combining supervised and unsupervised machine learning for DGA detection.pdf
|
|
|
|
|
2020-12-18 - Continuous Eruption- Further Analysis of the SolarWinds Supply Chain Incident.pdf
|
|
|
|
|
2020-12-18 - Exclusive- Microsoft breached in suspected Russian hack using SolarWinds - sources.pdf
|
|
|
|
|
2020-12-18 - High Value Malicious Domains..pdf
|
|
|
|
|
2020-12-18 - Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware.pdf
|
|
|
|
|
2020-12-18 - Nordkorea in Verdacht- Cyberspionage gegen deutsche Rüstungskonzerne.pdf
|
|
|
|
|
2020-12-18 - Protecting Microsoft 365 from on-premises attacks.pdf
|
|
|
|
|
2020-12-18 - RAT used by Chinese cyberspies infiltrating Indian businesses.pdf
|
|
|
|
|
2020-12-18 - Self-Delusion on the Russia Hack.pdf
|
|
|
|
|
2020-12-18 - SolarWinds SUNBURST Backdoor- Inside the APT Campaign.pdf
|
|
|
|
|
2020-12-18 - SUNBURST indicator detection in QRadar.pdf
|
|
|
|
|
2020-12-18 - Sunburst- connecting the dots in the DNS requests.pdf
|
|
|
|
|
2020-12-18 - TA505s modified loader means new attack campaign could be coming.pdf
|
|
|
|
|
2020-12-18 - TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger.pdf
|
|
|
|
|
2020-12-18 - The Strategic Implications of SolarWinds.pdf
|
|
|
|
|
2020-12-18 - Tracking Sunburst-Related Activity with ThreatConnect Dashboards.pdf
|
|
|
|
|
2020-12-19 - [RE017-2] Phân tích kỹ thuật dòng mã độc mới được sử dụng để tấn công chuỗi cung ứng nhắm vào Ban Cơ yếu Chính phủ Việt Nam của nhóm tin tặc Panda Trung Quốc (Phần 2).pdf
|
|
|
|
|
2020-12-19 - [RE018-1] Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 1.pdf
|
|
|
|
|
2020-12-19 - Hackers last year conducted a 'dry run' of SolarWinds breach.pdf
|
|
|
|
|
2020-12-20 - A Look into SUNBURST’s DGA.pdf
|
|
|
|
|
2020-12-20 - Analyzing Cobalt Strike for Fun and Profit.pdf
|
|
|
|
|
2020-12-20 - SolarWinds-SunBurst FNV-1a-XOR hashes found in analysis.pdf
|
|
|
|
|
2020-12-20 - The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit.pdf
|
|
|
|
|
2020-12-20 - Tracking Jupyter Malware.pdf
|
|
|
|
|
2020-12-20 - Transcript- Kevin Mandia on -Face the Nation,- December 20, 2020.pdf
|
|
|
|
|
2020-12-21 - 2020- The year in malware.pdf
|
|
|
|
|
2020-12-21 - Active Directory 侵害と推奨対策.pdf
|
|
|
|
|
2020-12-21 - Advice for incident responders on recovery from systemic identity compromises.pdf
|
|
|
|
|
2020-12-21 - Cyber Mercenaries Don’t Deserve Immunity.pdf
|
|
|
|
|
2020-12-21 - How A Cybersecurity Firm Uncovered The Massive Computer Hack.pdf
|
|
|
|
|
2020-12-21 - How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise.pdf
|
|
|
|
|
2020-12-21 - How SunBurst malware does defense evasion.pdf
|
|
|
|
|
2020-12-21 - Investigating Crimeware Name Servers.pdf
|
|
|
|
|
2020-12-21 - Russian cyber attack campaigns and actors.pdf
|
|
|
|
|
2020-12-21 - SolarWinds Adviser Warned of Lax Security Years Before Hack.pdf
|
|
|
|
|
2020-12-21 - SolarWinds-SUNBURST- DGA or DNS Tunneling-.pdf
|
|
|
|
|
2020-12-21 - Solorigate Resource Center.pdf
|
|
|
|
|
2020-12-21 - Top Linux Cloud Threats of 2020.pdf
|
|
|
|
|
2020-12-21 - TrickBot- A Closer Look.pdf
|
|
|
|
|
2020-12-21 - Trucking giant Forward Air hit by new Hades ransomware gang.pdf
|
|
|
|
|
2020-12-21 - Understanding -Solorigate-'s Identity IOCs - for Identity Vendors and their customers..pdf
|
|
|
|
|
2020-12-21 - UNIT 68240 Meet Russia’s DARPA.pdf
|
|
|
|
|
2020-12-21 - What We Have Learned So Far about the “Sunburst”-SolarWinds Hack.pdf
|
|
|
|
|
2020-12-22 - [TrendMicro CTF 2020 Finals] Wildcard-2- Yara exfiltration.pdf
|
|
|
|
|
2020-12-22 - Azure AD workbook to help you assess Solorigate risk.pdf
|
|
|
|
|
2020-12-22 - Biden blasts Trump administration over SolarWinds attack response.pdf
|
|
|
|
|
2020-12-22 - Collaboration between FIN7 and the RYUK group, a Truesec Investigation.pdf
|
|
|
|
|
2020-12-22 - Identifying UNC2452-Related Techniques for ATT&CK.pdf
|
|
|
|
|
2020-12-22 - Leftover Lunch- Finding, Hunting and Eradicating Spicy Hot Pot, a Persistent Browser Hijacking Rootkit.pdf
|
|
|
|
|
2020-12-22 - macOS 用戶當心!北韓駭客 Lazarus 將目標瞄準虛擬貨幣交易用戶.pdf
|
|
|
|
|
2020-12-22 - SolarWinds Attacks- Stealthy Attackers Attempted To Evade Detection.pdf
|
|
|
|
|
2020-12-22 - SUNBURST, TEARDROP and the NetSec New Normal.pdf
|
|
|
|
|
2020-12-22 - The Hitchhiker’s Guide to SolarWinds Incident Response.pdf
|
|
|
|
|
2020-12-23 - CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory.pdf
|
|
|
|
|
2020-12-23 - Detect RC4 in (malicious) binaries.pdf
|
|
|
|
|
2020-12-23 - Iranian Cyber Actors Responsible for Website Threatening U.S. Election Officials.pdf
|
|
|
|
|
2020-12-23 - Lazarus covets COVID-19-related intelligence.pdf
|
|
|
|
|
2020-12-23 - Mindmap on Russia-linked threat groups.pdf
|
|
|
|
|
2020-12-23 - New attacks by UltraRank group.pdf
|
|
|
|
|
2020-12-23 - SolarStorm Supply Chain Attack Timeline.pdf
|
|
|
|
|
2020-12-23 - SolarWinds - Understanding & Detecting the SUPERNOVA Webshell Trojan.pdf
|
|
|
|
|
2020-12-23 - 从Solarwinds供应链攻击(金链熊)看APT行动中的隐蔽作战.pdf
|
|
|
|
|
2020-12-24 - China cyber attacks- the current threat landscape.pdf
|
|
|
|
|
2020-12-24 - Dark Side Of BlackNET RAT.pdf
|
|
|
|
|
2020-12-24 - Malicious Word Document Delivering an Octopus Backdoor.pdf
|
|
|
|
|
2020-12-24 - SUNBURST Additional Technical Details.pdf
|
|
|
|
|
2020-12-25 - [RE018-2] Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 2.pdf
|
|
|
|
|
2020-12-25 - SUNBURST & Memory Analysis.pdf
|
|
|
|
|
2020-12-26 - Analyzing APT19 malware using a step-by-step method.pdf
|
|
|
|
|
2020-12-26 - SolarWinds Orion API authentication bypass allows remote comand execution (CVE-2020-10148).pdf
|
|
|
|
|
2020-12-26 - Spoofing JARM signatures. I am the Cobalt Strike server now!.pdf
|
|
|
|
|
2020-12-27 - HorusEyesRat.pdf
|
|
|
|
|
2020-12-28 - -Civerids- organization vs. Middle East area attack activity analysis report.pdf
|
|
|
|
|
2020-12-28 - Avaddon Ransomware- Incident Response Analysis.pdf
|
|
|
|
|
2020-12-28 - Home appliance giant Whirlpool hit in Nefilim ransomware attack.pdf
|
|
|
|
|
2020-12-28 - Never upload ransomware samples to the Internet.pdf
|
|
|
|
|
2020-12-28 - Using Microsoft 365 Defender to protect against Solorigate.pdf
|
|
|
|
|
2020-12-29 - Early Bird Catches the Worm- New Golang Worm Drops XMRig Miner on Servers.pdf
|
|
|
|
|
2020-12-29 - Extracting Security Products from SUNBURST DNS Beacons.pdf
|
|
|
|
|
2020-12-29 - Golden SAML Revisited- The Solorigate Connection.pdf
|
|
|
|
|
2020-12-29 - Revenge RAT targeting users in South America.pdf
|
|
|
|
|
2020-12-30 - Emotet malware hits Lithuania's National Public Health Center.pdf
|
|
|
|
|
2020-12-31 - Microsoft Internal Solorigate Investigation Update.pdf
|
|
|
|
|
2020-12-31 - Simplify Emotet parsing with Python and iced x86.pdf
|
|
|
|
|
2020-12-31 - SolarWinds_SUNBURST- Behavioral analytics and Collective Defense in action.pdf
|
|
|
|
|
2020-12-31 - StrongPity APT Extends Global Reach with New Infrastructure.pdf
|
|
|
|