Tag: defense evasion

Attack reports, vulnerabilities, indicators and intrusion sets linked to defense evasion.

Attack reports (20)

• The Gentleman Ransomware | Defense Evasion TTPs Uncovered · Published 22/05/2026 01:03 · Modified 22/05/2026 06:43
• Unmasking a Multi-Stage Loader: AutoIt Abuse Leading to Vidar Stealer Command-and-Control Communication · Published 11/05/2026 11:49 · Modified 11/05/2026 19:27
• Multi-Stage Malware Execution Chain Analysis · Published 29/04/2026 12:49 · Modified 29/04/2026 11:14
• CrySome RAT : An Advanced Persistent .NET Remote Access Trojan · Published 31/03/2026 16:14 · Modified 31/03/2026 18:49
• An Overview of The Gentlemen's TTPs · Published 20/03/2026 09:24 · Modified 20/03/2026 08:46
• EDR killers explained: Beyond the drivers · Published 19/03/2026 15:28 · Modified 20/03/2026 08:16
• Botnet Trojan delivered through ClickFix and EtherHiding · Published 27/02/2026 09:28 · Modified 27/02/2026 10:00
• LockBit strikes with new 5.0 version, targeting Windows, Linux and ESXI systems · Published 12/02/2026 15:08 · Modified 12/02/2026 21:53
• Black Basta: Defense Evasion Capability Embedded in Ransomware Payload · Published 05/02/2026 20:21 · Modified 05/02/2026 20:40
• MuddyWater: Snakes by the riverbank · Published 03/01/2026 11:05 · Modified 05/01/2026 11:09
• Snakes by the riverbank · Published 02/12/2025 14:44 · Modified 21/12/2025 18:22
• A Deep Dive Into Warlock Ransomware Deployed Via ToolShell SharePoint Chained Vulnerabilities · Published 30/10/2025 18:04 · Modified 30/10/2025 22:18
• From Scripts to Systems: A Comprehensive Look at Tangerine Turkey Operations · Published 29/10/2025 18:37 · Modified 29/10/2025 20:19
• Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed · Published 09/09/2025 11:34 · Modified 09/09/2025 22:08
• Malware Analysis Report: UMBRELLA STAND - Malware targeting Fortinet devices · Published 23/06/2025 11:34 · Modified 24/06/2025 14:32
• StaryDobry campaign targets gamers with XMRig miner · Published 18/02/2025 12:54 · Modified 18/02/2025 17:54
• GetSmoked: UAC-0006 Returns With SmokeLoader Targeting Ukraine's Largest State-Owned Bank · Published 10/02/2025 20:44 · Modified 10/02/2025 20:57
• Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR … · Published 24/10/2024 11:31 · Modified 24/10/2024 12:21
• SIEM agent being used in SilentCryptoMiner attacks · Published 07/10/2024 09:06 · Modified 07/10/2024 09:33
• Threat Brief: Understanding Akira Ransomware · Published 04/10/2024 10:04 · Modified 04/10/2024 12:30