Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-14TelekomThomas Barabosch
@online{barabosch:20210914:httpswwwtelekomcomenbloggrouparticleflubotunderthemicroscope636368:a0b25c3, author = {Thomas Barabosch}, title = {{https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368}}, date = {2021-09-14}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368}, language = {English}, urldate = {2021-09-14} } https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
Anatsa FluBot
2021-09-14CSO OnlineChristopher Burgess
@online{burgess:20210914:russia:5afacc3, author = {Christopher Burgess}, title = {{Russia is fully capable of shutting down cybercrime}}, date = {2021-09-14}, organization = {CSO Online}, url = {https://www.csoonline.com/article/3632943/russia-is-fully-capable-of-shutting-down-cybercrime.html}, language = {English}, urldate = {2021-09-14} } Russia is fully capable of shutting down cybercrime
2021-09-14Objective-SeePatrick Wardle
@online{wardle:20210914:osxzuru:926e182, author = {Patrick Wardle}, title = {{OSX.ZuRu: trojanized apps spread malware, via sponsored search results}}, date = {2021-09-14}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x66.html}, language = {English}, urldate = {2021-09-16} } OSX.ZuRu: trojanized apps spread malware, via sponsored search results
ZuRu
2021-09-13McAfeeFernando Ruiz
@online{ruiz:20210913:android:40762d2, author = {Fernando Ruiz}, title = {{Android malware distributed in Mexico uses Covid-19 to steal financial credentials}}, date = {2021-09-13}, organization = {McAfee}, url = {https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/}, language = {English}, urldate = {2021-09-14} } Android malware distributed in Mexico uses Covid-19 to steal financial credentials
2021-09-13ImpervaDaniel Kerman
@online{kerman:20210913:attackers:17a94ae, author = {Daniel Kerman}, title = {{Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers}}, date = {2021-09-13}, organization = {Imperva}, url = {https://www.imperva.com/blog/attackers-exploit-cve-2021-26084-for-xmrig-crypto-mining-on-affected-confluence-servers/}, language = {English}, urldate = {2021-09-14} } Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers
2021-09-13SentinelOneAntonio Pirozzi, Antonio Cocomazzi
@online{pirozzi:20210913:hide:345ced5, author = {Antonio Pirozzi and Antonio Cocomazzi}, title = {{Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms}}, date = {2021-09-13}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/hide-and-seek-new-zloader-infection-chain-comes-with-improved-stealth-and-evasion-mechanisms/}, language = {English}, urldate = {2021-09-14} } Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms
Zloader
2021-09-13IntezerAvigayil Mechtinger, Ryan Robinson, Joakim Kennedy
@online{mechtinger:20210913:vermilion:ff1ee5f, author = {Avigayil Mechtinger and Ryan Robinson and Joakim Kennedy}, title = {{Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike}}, date = {2021-09-13}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/vermilionstrike-reimplementation-cobaltstrike/}, language = {English}, urldate = {2021-09-14} } Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Vermilion Strike Vermilion Strike
2021-09-13CitizenLabBill Marczak, John Scott-Railton, Bahr Abdul Razzak, Noura Al-Jizawi, Siena Anstis, Kristin Berdan, Ron Deibert
@online{marczak:20210913:forcedentry:7427f45, author = {Bill Marczak and John Scott-Railton and Bahr Abdul Razzak and Noura Al-Jizawi and Siena Anstis and Kristin Berdan and Ron Deibert}, title = {{FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)}}, date = {2021-09-13}, organization = {CitizenLab}, url = {https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/}, language = {English}, urldate = {2021-09-14} } FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)
2021-09-13Trend MicroJaromír Hořejší, Daniel Lunghi
@online{hoej:20210913:aptc36:9b97238, author = {Jaromír Hořejší and Daniel Lunghi}, title = {{APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs}}, date = {2021-09-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/apt-c-36-updates-its-long-term-spam-campaign-against-south-ameri.html}, language = {English}, urldate = {2021-09-14} } APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs
AsyncRAT Ave Maria BitRAT Imminent Monitor RAT LimeRAT NjRAT Remcos
2021-09-13The DFIR ReportThe DFIR Report
@online{report:20210913:bazarloader:5073703, author = {The DFIR Report}, title = {{BazarLoader to Conti Ransomware in 32 Hours}}, date = {2021-09-13}, organization = {The DFIR Report}, url = {https://thedfirreport.com/2021/09/13/bazarloader-to-conti-ransomware-in-32-hours/}, language = {English}, urldate = {2021-09-14} } BazarLoader to Conti Ransomware in 32 Hours
BazarBackdoor Cobalt Strike Conti
2021-09-13Trend MicroJaromír Hořejší, Daniel Lunghi
@online{hoej:20210913:aptc36:d6456f8, author = {Jaromír Hořejší and Daniel Lunghi}, title = {{APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs (IOCs)}}, date = {2021-09-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/i/apt-c-36-updates-its-long-term-spam-campaign-against-south-american-entities-with-commodity-rats/BlindEagleIOCList.txt}, language = {English}, urldate = {2021-09-14} } APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs (IOCs)
AsyncRAT Ave Maria BitRAT Imminent Monitor RAT LimeRAT NjRAT Remcos
2021-09-10Palo Alto Networks Unit 42Lucas Hu
@online{hu:20210910:phishingjs:289c504, author = {Lucas Hu}, title = {{PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection}}, date = {2021-09-10}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/javascript-based-phishing/}, language = {English}, urldate = {2021-09-14} } PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection
2021-09-10Seguranca InformaticaPedro Tavares
@online{tavares:20210910:new:2ebd6f3, author = {Pedro Tavares}, title = {{The new maxtrilha trojan is being disseminated and targeting several banks}}, date = {2021-09-10}, organization = {Seguranca Informatica}, url = {https://seguranca-informatica.pt/the-new-maxtrilha-trojan-is-being-disseminated-and-targeting-several-banks/#.YT3_VfwzaKN}, language = {English}, urldate = {2021-09-14} } The new maxtrilha trojan is being disseminated and targeting several banks
Maxtrilha
2021-09-10Cluster25Cluster25
@techreport{cluster25:20210910:rattlesnake:7bbbd1f, author = {Cluster25}, title = {{A rattlesnake in the Navy}}, date = {2021-09-10}, institution = {Cluster25}, url = {https://cluster25.io/wp-content/uploads/2021/09/a_rattlesnake_in_the_navy.pdf}, language = {English}, urldate = {2021-09-12} } A rattlesnake in the Navy
2021-09-10NetskopeGustavo Palazolo
@online{palazolo:20210910:hive:e875859, author = {Gustavo Palazolo}, title = {{Hive Ransomware: Actively Targeting Hospitals}}, date = {2021-09-10}, organization = {Netskope}, url = {https://www.netskope.com/blog/hive-ransomware-actively-targeting-hospitals}, language = {English}, urldate = {2021-09-14} } Hive Ransomware: Actively Targeting Hospitals
hive
2021-09-10GigamonJoe Slowik
@online{slowik:20210910:rendering:59082b0, author = {Joe Slowik}, title = {{Rendering Threats: A Network Perspective}}, date = {2021-09-10}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/09/10/rendering-threats-a-network-perspective/}, language = {English}, urldate = {2021-09-12} } Rendering Threats: A Network Perspective
Cobalt Strike
2021-09-10Seguranca InformaticaPedro Tavares
@online{tavares:20210910:new:262e0ce, author = {Pedro Tavares}, title = {{The new maxtrilha trojan is being disseminated and targeting several banks}}, date = {2021-09-10}, organization = {Seguranca Informatica}, url = {https://seguranca-informatica.pt/the-new-maxtrilha-trojan-is-being-disseminated-and-targeting-several-banks/}, language = {English}, urldate = {2021-09-12} } The new maxtrilha trojan is being disseminated and targeting several banks
2021-09-10FortinetXiaopeng Zhang
@online{zhang:20210910:new:25d8475, author = {Xiaopeng Zhang}, title = {{New Dridex Variant Being Spread By Crafted Excel Document}}, date = {2021-09-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-dridex-variant-being-spread-by-crafted-excel-document?&web_view=true}, language = {English}, urldate = {2021-09-12} } New Dridex Variant Being Spread By Crafted Excel Document
DoppelDridex
2021-09-10The RecordCatalin Cimpanu
@online{cimpanu:20210910:indonesian:fc06998, author = {Catalin Cimpanu}, title = {{Indonesian intelligence agency compromised in suspected Chinese hack}}, date = {2021-09-10}, organization = {The Record}, url = {https://therecord.media/indonesian-intelligence-agency-compromised-in-suspected-chinese-hack/}, language = {English}, urldate = {2021-09-12} } Indonesian intelligence agency compromised in suspected Chinese hack
PlugX
2021-09-10S2W LAB Inc.S2W TALON
@online{talon:20210910:groove:3dab88b, author = {S2W TALON}, title = {{Groove x RAMP : The relation between Groove, Babuk, Payload.bin, RAMP, and BlackMatter}}, date = {2021-09-10}, organization = {S2W LAB Inc.}, url = {https://medium.com/s2wlab/groove-x-ramp-the-relation-between-groove-babuk-ramp-and-blackmatter-f75644f8f92d}, language = {English}, urldate = {2021-09-14} } Groove x RAMP : The relation between Groove, Babuk, Payload.bin, RAMP, and BlackMatter
Babuk BlackMatter Babuk BlackMatter