Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-07-01LookoutApurva Kumar, Christoph Hebeisen, Kristin Del Rosso
@online{kumar:20200701:multiyear:5ce3699, author = {Apurva Kumar and Christoph Hebeisen and Kristin Del Rosso}, title = {{Multiyear Surveillance Campaigns Discovered Targeting Uyghurs}}, date = {2020-07-01}, organization = {Lookout}, url = {https://blog.lookout.com/multiyear-surveillance-campaigns-discovered-targeting-uyghurs}, language = {English}, urldate = {2020-07-02} } Multiyear Surveillance Campaigns Discovered Targeting Uyghurs
2020-06-30QianxinRedDrip Team
@online{team:20200630:donot:f611c31, author = {RedDrip Team}, title = {{Donot APT团伙使用升级版数字武器针对周边地区的攻击活动分析}}, date = {2020-06-30}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/analysis-of-donot-apt-group-attacks-on-surrounding-areas/}, language = {Chinese}, urldate = {2020-07-02} } Donot APT团伙使用升级版数字武器针对周边地区的攻击活动分析
2020-06-30Bleeping ComputerSergiu Gatlan
@online{gatlan:20200630:evilquest:b90c9ad, author = {Sergiu Gatlan}, title = {{EvilQuest wiper uses ransomware cover to steal files from Macs}}, date = {2020-06-30}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/}, language = {English}, urldate = {2020-07-01} } EvilQuest wiper uses ransomware cover to steal files from Macs
EvilQuest
2020-06-30GuardicoreGuardicore
@online{guardicore:20200630:botnet:9a0cb16, author = {Guardicore}, title = {{Botnet Encyclopedia}}, date = {2020-06-30}, organization = {Guardicore}, url = {https://www.guardicore.com/botnet-encyclopedia/}, language = {English}, urldate = {2020-07-02} } Botnet Encyclopedia
2020-06-30Github (elastic)Elastic
@online{elastic:20200630:detection:79c8fbe, author = {Elastic}, title = {{Detection Rules by Elastic}}, date = {2020-06-30}, organization = {Github (elastic)}, url = {https://github.com/elastic/detection-rules}, language = {English}, urldate = {2020-07-02} } Detection Rules by Elastic
2020-06-30TrustwaveBrian Hussey
@online{hussey:20200630:goldenspy:1ecdff8, author = {Brian Hussey}, title = {{GoldenSpy: Chapter Two - The Uninstaller}}, date = {2020-06-30}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-two-the-uninstaller/}, language = {English}, urldate = {2020-07-02} } GoldenSpy: Chapter Two - The Uninstaller
GoldenSpy
2020-06-30BitdefenderLiviu Arsene, Radu Tudorica, Cristina Vatamanu, Alexandru Maximciuc
@techreport{arsene:20200630:strongpity:ed365fb, author = {Liviu Arsene and Radu Tudorica and Cristina Vatamanu and Alexandru Maximciuc}, title = {{StrongPity APT - Revealing Trojanized Tools, Working Hours and Infrastructure}}, date = {2020-06-30}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/353/Bitdefender-Whitepaper-StrongPity-APT.pdf}, language = {English}, urldate = {2020-06-30} } StrongPity APT - Revealing Trojanized Tools, Working Hours and Infrastructure
StrongPity
2020-06-29QianxinRedDrip Team
@techreport{team:20200629:global:6fa9d6e, author = {RedDrip Team}, title = {{Global Advanced Persistent Threats (APT) Mid-2020 Report}}, date = {2020-06-29}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/06/29/e4663b4f11f01e5ec8a1a5d91a71dc72.pdf}, language = {English}, urldate = {2020-06-30} } Global Advanced Persistent Threats (APT) Mid-2020 Report
2020-06-29Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200629:promethium:e80cd47, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PROMETHIUM extends global reach with StrongPity3 APT}}, date = {2020-06-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html}, language = {English}, urldate = {2020-06-30} } PROMETHIUM extends global reach with StrongPity3 APT
StrongPity
2020-06-29Twitter (@dineshdina04)Dinesh Devadoss
@online{devadoss:20200629:initial:0c8ed48, author = {Dinesh Devadoss}, title = {{Tweet on initial Discovery of EvilQuest}}, date = {2020-06-29}, organization = {Twitter (@dineshdina04)}, url = {https://twitter.com/dineshdina04/status/1277668001538433025}, language = {English}, urldate = {2020-07-01} } Tweet on initial Discovery of EvilQuest
EvilQuest
2020-06-29KISAKrCERT
@techreport{krcert:20200629:operation:bbe9f5c, author = {KrCERT}, title = {{OPERATION BOOKCODES}}, date = {2020-06-29}, institution = {KISA}, url = {https://www.boho.or.kr/filedownload.do?attach_file_seq=2455&attach_file_id=EpF2455.pdf}, language = {Korean}, urldate = {2020-06-29} } OPERATION BOOKCODES
2020-06-29Objective-SeePatrick Wardle
@online{wardle:20200629:osxevilquest:dc69dab, author = {Patrick Wardle}, title = {{OSX.EvilQuest Uncovered}}, date = {2020-06-29}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x59.html}, language = {English}, urldate = {2020-06-30} } OSX.EvilQuest Uncovered
EvilQuest
2020-06-28Security-in-BitsSecurity-in-Bits
@online{securityinbits:20200628:interesting:f625fa2, author = {Security-in-Bits}, title = {{Interesting tactic by Ratty & Adwind for distribution of JAR appended to signed MSI}}, date = {2020-06-28}, organization = {Security-in-Bits}, url = {https://www.securityinbits.com/malware-analysis/interesting-tactic-by-ratty-adwind-distribution-of-jar-appended-to-signed-msi/}, language = {English}, urldate = {2020-06-29} } Interesting tactic by Ratty & Adwind for distribution of JAR appended to signed MSI
AdWind Ratty
2020-06-26Twitter (@luc4m)lc4m
@online{lc4m:20200626:lalala:922eb17, author = {lc4m}, title = {{Tweet on LALALA stealer and how its name was chosen}}, date = {2020-06-26}, organization = {Twitter (@luc4m)}, url = {https://twitter.com/luc4m/status/1276477397102145538}, language = {English}, urldate = {2020-06-30} } Tweet on LALALA stealer and how its name was chosen
LALALA Stealer
2020-06-26Trend MicroJoseph C Chen
@online{chen:20200626:us:8bce65c, author = {Joseph C Chen}, title = {{US Local Government Services Targeted by New Magecart Credit Card Skimming Attack}}, date = {2020-06-26}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/us-local-government-services-targeted-by-new-magecart-credit-card-skimming-attack/}, language = {English}, urldate = {2020-06-30} } US Local Government Services Targeted by New Magecart Credit Card Skimming Attack
magecart
2020-06-26Department of JusticeDepartment of Justice
@online{justice:20200626:russian:276b274, author = {Department of Justice}, title = {{Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities}}, date = {2020-06-26}, organization = {Department of Justice}, url = {https://www.justice.gov/opa/pr/russian-national-sentenced-prison-operating-websites-devoted-fraud-and-malicious-cyber}, language = {English}, urldate = {2020-06-29} } Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities
2020-06-26BleepingComputerSergiu Gatlan
@online{gatlan:20200626:admin:044ef9a, author = {Sergiu Gatlan}, title = {{Admin of carding portal behind $568M in losses pleads guilty}}, date = {2020-06-26}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/admin-of-carding-portal-behind-568m-in-losses-pleads-guilty/}, language = {English}, urldate = {2020-06-29} } Admin of carding portal behind $568M in losses pleads guilty
2020-06-26SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200626:wastedlocker:0e9c75c, author = {Critical Attack Discovery and Intelligence Team}, title = {{WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations}}, date = {2020-06-26}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/wastedlocker-ransomware-us}, language = {English}, urldate = {2020-06-26} } WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations
WastedLocker
2020-06-25MalwarebytesJérôme Segura
@online{segura:20200625:web:2b712b2, author = {Jérôme Segura}, title = {{Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files}}, date = {2020-06-25}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2020/06/web-skimmer-hides-within-exif-metadata-exfiltrates-credit-cards-via-image-files/}, language = {English}, urldate = {2020-06-29} } Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files
magecart
2020-06-25TrustwaveTrustwave SpiderLabs
@techreport{spiderlabs:20200625:golden:8fa4199, author = {Trustwave SpiderLabs}, title = {{The Golden Tax Department and Emergence of GoldenSpy Malware}}, date = {2020-06-25}, institution = {Trustwave}, url = {https://trustwave.azureedge.net/media/16908/the-golden-tax-department-and-emergence-of-goldenspy-malware.pdf}, language = {English}, urldate = {2020-06-30} } The Golden Tax Department and Emergence of GoldenSpy Malware
GoldenSpy