The Shelby Strategy — Elastic Security Labs
An analysis of REF8685's abuse of GitHub for C2 to evade defenses.
CoffeeLoader: A Brew of Stealthy Techniques
CoffeeLoader is a new malware loader that employs stealthy techniques including call stack spoofing, sleep obfuscation, and Windows fibers to evade detection.