Common Information
| Type | Value |
|---|---|
| Value |
powershell.exe |
| Category | |
| Type | File |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-04 | 13 | Red Teaming 101: Using LNK Files for Initial Access. (Part 1) | ||
| Details | Website | 2024-10-03 | 11 | My Recent Journey In Detecting Cobalt Strike | ||
| Details | Website | 2024-10-03 | 38 | Decoy Manuals and Malicious Browser Extensions: A Closer Look at a Multi-Layered Threat | ||
| Details | Website | 2024-10-02 | 25 | Security Brief: Royal Mail Lures Deliver Open Source Prince Ransomware | Proofpoint US | ||
| Details | Website | 2024-10-02 | 35 | Threat Brief: Understanding Akira Ransomware | Qualys Security Blog | ||
| Details | Website | 2024-10-01 | 41 | Building a Hands-on Active Directory Lab for Beginners | ||
| Details | Website | 2024-09-30 | 12 | [TryHackMe] PS Eclipse | ||
| Details | 2024-09-30 | 78 | Global Threat Report | |||
| Details | Website | 2024-09-30 | 6 | Additional things identifying Indicators of Compromise (IOCs) for malware. | ||
| Details | Website | 2024-09-30 | 17 | LetsDefend SA Event ID: 113, SOC163 — Suspicious Certutil.exe Usage | ||
| Details | Website | 2024-09-30 | 6 | LetsDefend SA Event ID: 114, SOC164 — Suspicious Mshta Behavior | ||
| Details | Website | 2024-09-26 | 22 | Avaddon Ransomware Analysis (EN) | ||
| Details | Website | 2024-09-26 | 20 | Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy | ||
| Details | Website | 2024-09-26 | 20 | Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy | ||
| Details | Website | 2024-09-25 | 27 | From 12 to 21: how we discovered connections between the Twelve and BlackJack groups | ||
| Details | Website | 2024-09-25 | 23 | Analysis of the BlackJack group: techniques, tools, and similarities with Twelve | ||
| Details | Website | 2024-09-24 | 8 | 가짜 캡차 인증 페이지를 이용해 악성코드 실행을 유도하는 공격 주의! | ||
| Details | Website | 2024-09-24 | 15 | Escape — Vulnlab Full Walkthrough | ||
| Details | Website | 2024-09-22 | 17 | Monday Monitor | ||
| Details | Website | 2024-09-22 | 21 | Uncovering Agent Tesla From a Malicious Batch Script | ||
| Details | Website | 2024-09-21 | 31 | LummaStealer Analysis Report: Meet-Llama 3.1 | ||
| Details | Website | 2024-09-21 | 27 | Security Implications of VS Code Dev Tunneling | ||
| Details | Website | 2024-09-20 | 143 | Twelve: from initial compromise to ransomware and wipers | ||
| Details | Website | 2024-09-19 | 12 | Lumma Stealer campaign attacks developers on GitHub | ||
| Details | Website | 2024-09-19 | 12 | Lumma Stealer delivered through GitHub issues. |