https://www.sophos.com/en-us/blog/new-qakbot-c2-servers-detected-with-sophos-ndr
Sophos NDR updates detected two new QakBot servers that had not yet been publicly identified.
newqakbotserversdetectedsophos
https://www.sophos.com/en-gb/blog/new-qakbot-c2-servers-detected-with-sophos-ndr
Sophos NDR updates detected two new QakBot servers that had not yet been publicly identified.
newqakbotserversdetectedsophos
https://www.trendmicro.com/en_gb/research/22/f/black-basta-ransomware-operators-expand-their-attack-arsenal-wit.html
We look into a recent attack orchestrated by the Black Basta ransomware group that used the banking trojan QakBot as a means of entry and movement and took...
black bastaransomwareoperatorsexpandattack
https://www.sophos.com/ja-jp/blog/tag/qakbot
qakbotblog
https://www.sophos.com/en-gb/blog/law-enforcement-takes-down-qakbot
Distribution of a DLL to neutralize infections and changes to Qakbot infrastructure suggested technical efforts to take down GOLD LAGOON's Qakbot botnet.
law enforcementtakesqakbotsophos
https://www.trendmicro.com/en_us/research/22/j/where-is-the-origin-qakbot-uses-valid-code-signing-.html
Code signing certificates help us assure the file's validity and legitimacy. However, threat actors can use that against us. In this blog, discover how QAKBOT...
code signingoriginqakbotusesvalid
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/spam/3730/qakbot-sneaks-in-via-html-smuggling-and-html-downloader
We continuously witness the evolution of QAKBOT, a sophisticated data stealer malware, come up with old and new techniques to bypass email security filters. We...
qakbotsneaksviahtmlsmuggling
https://www.trendmicro.com/en_us/research/22/f/black-basta-ransomware-operators-expand-their-attack-arsenal-wit.html?utm_campaign=Threat%20Report%20Newsletter&utm_medium=email&_hsenc=p2ANqtz--cDRtinL6WMg6076yHWozENAvdMlQhilVFkDpJcjIojmqiui9A1xK7zI04nHMdrVBZI3lgNFluMDsytKoyEnzL3y--UQ&_hsmi=218644927&utm_content=218644926&utm_source=hs_email
We look into a recent attack orchestrated by the Black Basta ransomware group that used the banking trojan QakBot as a means of entry and movement and took...
black bastaransomwareoperatorsexpandattack
https://www.pcmag.com/news/notorious-qakbot-botnet-threat-continues-despite-fbi-takedown
The group behind the Qakbot threat is still sending out phishing emails designed to load ransomware, according to Cisco's security researchers.
notoriousqakbotbotnetthreatcontinues
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/bkdr_qakbot.cm
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It sends the...
threat encyclopediatrend microbkdrqakbotcm