Date Author Title
2022-08-24Brad DuncanMonster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC
2021-12-02Brad DuncanTA551 (Shathak) pushes IcedID (Bokbot)
2021-09-15Brad DuncanHancitor campaign abusing Microsoft's OneDrive
2021-08-11Brad DuncanTA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike
2021-02-02Xavier MertensNew Example of XSL Script Processing aka "Mitre T1220"
2021-01-26Brad DuncanTA551 (Shathak) Word docs push Qakbot (Qbot)
2020-10-14Brad DuncanMore TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07Brad DuncanTA551 (Shathak) Word docs push IcedID (Bokbot)