The Shelby Strategy — Elastic Security Labs
An analysis of REF8685's abuse of GitHub for C2 to evade defenses.
CoffeeLoader: A Brew of Stealthy Techniques
CoffeeLoader is a new malware loader that employs stealthy techniques including call stack spoofing, sleep obfuscation, and Windows fibers to evade detection.
Babble Babble Babble Babble Babble Babble BabbleLoader
BabbleLoader: the annoyingly clever malware loader that jumbles, scrambles, and evades its way past modern defenses with frustrating ease.