Emotet is Back Again
DFIR Summary You’re probably already aware that Emotet emerged during the month of November after long absence. We first started
Read More
Chris Stewart
Cybersecurity News
Blueteam
Qbot Malware Phishing Trends: Detection vs Infection
Summary QBot, also known as Qakbot, QBot, QuackBot, and Pinkslipbot, is a Banking Trojan that was first observed in 2007.
Read More
VMware Threats being Exploited in the Wild
Summary CISA issued a warning today that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and
Read More
Trickbot Malware Review
Technical Details TrickBot is an advanced Trojan dating back to 2016 that malicious actors spread primarily by spearphishing campaigns using
Read More
Conti Group MITRE ATT&CK Techniques Part Three
MITRE ATT&CK Techniques Conti ransomware uses the ATT&CK techniques listed in table 1. Table 1: Conti ATT&CK techniques for enterprise
Read More
Conti Group – Tools and Tactics Part Two
Date: March 21st 2022 Part two of this Conti Ransomware adventure is where I highlight some tools and tactics in
Read More
Conti Group – Indicators of Compromise
Since the end of February, we have seen news about Conti Group including leaked information and which included detailed operations
Read More
Emotet New Techniques for 2022
Emotet continues to evolve its techniques and has been observed using hexadecimal and octal representations of IP addresses, likely to
Read More
What does Emotet have for 2021
Despite its ripe old age, Emotet is constantly evolving and remains one of the most current threats out there. Save
Read More