[2013] - [2014] - [2015] - [2016] - [2017] - [2018] - [2019] - [2020] - [2021] - [2022] - [2023]

• 2023-06-06 -- 30 days of Formbook: Day 2, Tuesday 2023-06-06 - "CG62"
• 2023-06-05 -- 30 days of Formbook: Day 1, Monday 2023-06-05 - "HE2A"

• 2023-05-29 -- Pcap and malware for ISC Diary (ModiLoader/Remcos RAT)
• 2023-05-24 -- Bye Bye Pikabot... We're back to Qak!  (obama264 Qakbot infection)
• 2023-05-23 -- Pikabot infection with Cobalt Strike
• 2023-05-22 -- Pikabot infection with Cobalt Strike
• 2023-05-17 -- Knock knock... Guess who? It's Pikabot!
• 2023-05-10 -- IcedID (Bokbot) infection with Cobalt Strike & Keyhole VNC
• 2023-05-10 -- obama262 Qakbot (Qbot) infection with Cobalt Strike & Dark Cat VNC
• 2023-05-02 -- obama259 Qakbot (Qbot) infection with Dark Cat VNC

• 2023-04-19 -- Quick post: Qakbot (Qbot) activity, distribution tags BB24 and obama254
• 2023-04-14 -- Quick post: IcedID (Bokbot) activity
• 2023-04-13 -- Metastealer infection
• 2023-04-12 -- Quick Post: Qakbot (Qbot), Distribution Tag obama251
• 2023-04-03 -- IoC update: Qakbot (Qbot) TCP port 65400 traffic changes IP address

• 2023-03-31 -- Quick post: Qakbot (Qbot), obama247 distribution tag
• 2023-03-24 -- IcedID (Bokbot) with BackConnect traffic and Cobalt Strike
• 2023-03-22 -- Emotet Epoch 4 activity
• 2023-03-17 -- Emotet Epoch 5 activity
• 2023-03-16 -- Epoch 5 activity: Emotet now also using OneNote files
• 2023-03-08 -- IcedID (Bokbot) infection with BackConnect & VNC traffic
• 2023-03-07 -- Emotet infection with spambot traffic
• 2023-03-06 -- Gozi (ISFB/Ursnif) activity targeting Italy
• 2023-03-02 -- Rig EK --> malware loader --> Redline Stealer

• 2023-02-27 -- Pcap for an ISC diary (BB17 Qakbot)
• 2023-02-23 -- Files for ISC Diary: URL files & WebDAV used for IcedID (Bokbot)
• 2023-02-13 -- IcedID (Bokbot) from fake Microsoft Teams page
• 2023-02-07 -- OneNote file pushes unidentified malware
• 2023-02-03 -- DEV-0569: Google ad --> "FakeBat" Loader --> Redline Stealer & Gozi/ISFB

• 2023-01-31 -- BB12 Qakbot (Qbot) infection with Cobalt Strike and VNC traffic
• 2023-01-23 -- Google Ad --> Fake AnyDesk page --> possible TA505 activity
• 2023-01-18 -- Google Ad --> Fake Libre Office page --> IcedID (Bokbot) --> Cobalt Strike
• 2023-01-16 -- IcedID (Bokbot) with Backconnect and VNC and Cobalt Strike
• 2023-01-16 -- Google Ad --> Fake 7-Zip page --> Malicious .msi file
• 2023-01-12 -- IcedID (Bokbot) infection with Cobalt Strike
• 2023-01-05 -- Infection from AgentTesla variant, possibly OriginLogger
• 2023-01-03 and 01-04 -- Astaroth (Guildma) malware infections
• 2023-01-03 -- Google ad --> fake Notepad++ page --> Rhadamanthys Stealer