Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-25ReutersRaphael Satter, James Pearson, Christopher Bing
@online{satter:20220525:russian:0d05639, author = {Raphael Satter and James Pearson and Christopher Bing}, title = {{Russian hackers are linked to new Brexit leak website, Google says}}, date = {2022-05-25}, organization = {Reuters}, url = {https://www.reuters.com/technology/exclusive-russian-hackers-are-linked-new-brexit-leak-website-google-says-2022-05-25/}, language = {English}, urldate = {2022-05-25} } Russian hackers are linked to new Brexit leak website, Google says
2022-05-24ThreatStopOfir Ashman
@online{ashman:20220524:gamaredon:7638a47, author = {Ofir Ashman}, title = {{Gamaredon Group: Understanding the Russian APT}}, date = {2022-05-24}, organization = {ThreatStop}, url = {https://www.threatstop.com/blog/gamaredon-group-understanding-the-russian-apt}, language = {English}, urldate = {2022-05-25} } Gamaredon Group: Understanding the Russian APT
Unidentified 003 (Gamaredon Downloader) Pteranodon
2022-05-24MalwarologyGaetano Pellegrino
@online{pellegrino:20220524:janicab:c04ed61, author = {Gaetano Pellegrino}, title = {{Janicab Series: First Steps in the Infection Chain}}, date = {2022-05-24}, organization = {Malwarology}, url = {https://www.malwarology.com/posts/5-janicab-part_1/}, language = {English}, urldate = {2022-05-24} } Janicab Series: First Steps in the Infection Chain
Janicab
2022-05-24BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220524:yashma:33b80cb, author = {The BlackBerry Research & Intelligence Team}, title = {{Yashma Ransomware, Tracing the Chaos Family Tree}}, date = {2022-05-24}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/05/yashma-ransomware-tracing-the-chaos-family-tree}, language = {English}, urldate = {2022-05-24} } Yashma Ransomware, Tracing the Chaos Family Tree
Chaos
2022-05-24GBHackers on SecurityGurubaran S
@online{s:20220524:twisted:486d7c7, author = {Gurubaran S}, title = {{Twisted Panda: Chinese APT Launch Spy Operation Against Russian Defence Institutes}}, date = {2022-05-24}, organization = {GBHackers on Security}, url = {https://gbhackers.com/twisted-panda-chinese-apt/}, language = {English}, urldate = {2022-05-25} } Twisted Panda: Chinese APT Launch Spy Operation Against Russian Defence Institutes
2022-05-24BitSightJoão Batista, Pedro Umbelino, BitSight
@online{batista:20220524:emotet:cae57f1, author = {João Batista and Pedro Umbelino and BitSight}, title = {{Emotet Botnet Rises Again}}, date = {2022-05-24}, organization = {BitSight}, url = {https://www.bitsight.com/blog/emotet-botnet-rises-again}, language = {English}, urldate = {2022-05-25} } Emotet Botnet Rises Again
Cobalt Strike Emotet QakBot SystemBC
2022-05-23Trend MicroMatsugaya Shingo
@online{shingo:20220523:lockbit:8d0fff2, author = {Matsugaya Shingo}, title = {{LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022}}, date = {2022-05-23}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-by-the-numbers/lockbit-conti-and-blackcat-lead-pack-amid-rise-in-active-raas-and-extortion-groups-ransomware-in-q1-2022}, language = {English}, urldate = {2022-05-24} } LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022
BlackCat Conti LockBit
2022-05-23DCSOJohann Aydinbas, Colin Murphy
@online{aydinbas:20220523:deal:00dc16f, author = {Johann Aydinbas and Colin Murphy}, title = {{A deal with the devil: Analysis of a recent Matanbuchus sample}}, date = {2022-05-23}, organization = {DCSO}, url = {https://medium.com/@DCSO_CyTec/a-deal-with-the-devil-analysis-of-a-recent-matanbuchus-sample-3ce991951d6a}, language = {English}, urldate = {2022-05-24} } A deal with the devil: Analysis of a recent Matanbuchus sample
Matanbuchus
2022-05-22Bleeping ComputerBill Toulas
@online{toulas:20220522:pdf:f2a1ce7, author = {Bill Toulas}, title = {{PDF smuggles Microsoft Word doc to drop Snake Keylogger malware}}, date = {2022-05-22}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/pdf-smuggles-microsoft-word-doc-to-drop-snake-keylogger-malware/}, language = {English}, urldate = {2022-05-24} } PDF smuggles Microsoft Word doc to drop Snake Keylogger malware
404 Keylogger
2022-05-22Bleeping ComputerSergiu Gatlan
@online{gatlan:20220522:google:d2a26d5, author = {Sergiu Gatlan}, title = {{Google: Predator spyware infected Android devices using zero-days}}, date = {2022-05-22}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/google-predator-spyware-infected-android-devices-using-zero-days/}, language = {English}, urldate = {2022-05-24} } Google: Predator spyware infected Android devices using zero-days
Alien Chrysaor
2022-05-21Github (x-junior)Mohamed Ashraf
@online{ashraf:20220521:deep:0e3523b, author = {Mohamed Ashraf}, title = {{Deep Analysis of Mars Stealer}}, date = {2022-05-21}, organization = {Github (x-junior)}, url = {https://x-junior.github.io/malware%20analysis/MarsStealer/}, language = {English}, urldate = {2022-05-23} } Deep Analysis of Mars Stealer
Mars Stealer
2022-05-20The Hacker NewsRavie Lakshmanan
@online{lakshmanan:20220520:cytroxs:64172d5, author = {Ravie Lakshmanan}, title = {{Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits}}, date = {2022-05-20}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html}, language = {English}, urldate = {2022-05-24} } Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits
2022-05-20sonatypeAx Sharma
@online{sharma:20220520:new:15b8bf7, author = {Ax Sharma}, title = {{New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux}}, date = {2022-05-20}, organization = {sonatype}, url = {https://blog.sonatype.com/new-pymafka-malicious-package-drops-cobalt-strike-on-macos-windows-linux}, language = {English}, urldate = {2022-05-24} } New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux
Cobalt Strike
2022-05-20CybleincCyble
@online{cyble:20220520:malware:c20f29f, author = {Cyble}, title = {{Malware Campaign Targets InfoSec Community: Threat Actor Uses Fake Proof Of Concept To Deliver Cobalt-Strike Beacon}}, date = {2022-05-20}, organization = {Cybleinc}, url = {https://blog.cyble.com/2022/05/20/malware-campaign-targets-infosec-community-threat-actor-uses-fake-proof-of-concept-to-deliver-cobalt-strike-beacon/}, language = {English}, urldate = {2022-05-23} } Malware Campaign Targets InfoSec Community: Threat Actor Uses Fake Proof Of Concept To Deliver Cobalt-Strike Beacon
Cobalt Strike
2022-05-20AdvIntelYelisey Boguslavskiy, Vitali Kremez, Marley Smith
@online{boguslavskiy:20220520:discontinued:de13f97, author = {Yelisey Boguslavskiy and Vitali Kremez and Marley Smith}, title = {{DisCONTInued: The End of Conti’s Brand Marks New Chapter For Cybercrime Landscape}}, date = {2022-05-20}, organization = {AdvIntel}, url = {https://www.advintel.io/post/discontinued-the-end-of-conti-s-brand-marks-new-chapter-for-cybercrime-landscape}, language = {English}, urldate = {2022-05-25} } DisCONTInued: The End of Conti’s Brand Marks New Chapter For Cybercrime Landscape
AvosLocker Black Basta BlackByte BlackCat Conti HelloKitty Hive
2022-05-20AhnLabASEC
@online{asec:20220520:why:c6efba7, author = {ASEC}, title = {{Why Remediation Alone Is Not Enough When Infected by Malware}}, date = {2022-05-20}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/34549/}, language = {English}, urldate = {2022-05-24} } Why Remediation Alone Is Not Enough When Infected by Malware
Cobalt Strike DarkSide
2022-05-20nccgroupPeter Gurney
@online{gurney:20220520:metastealer:d3c2f0e, author = {Peter Gurney}, title = {{Metastealer – filling the Racoon void}}, date = {2022-05-20}, organization = {nccgroup}, url = {https://research.nccgroup.com/2022/05/20/metastealer-filling-the-racoon-void/}, language = {English}, urldate = {2022-05-24} } Metastealer – filling the Racoon void
2022-05-20CrowdStrikeVlad Ciuleanu
@online{ciuleanu:20220520:mirai:77360aa, author = {Vlad Ciuleanu}, title = {{Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022}}, date = {2022-05-20}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/linux-mirai-malware-double-on-stronger-chips/}, language = {English}, urldate = {2022-05-25} } Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022
Mirai
2022-05-20SANS ISCXavier Mertens
@online{mertens:20220520:zip:eb3e2f6, author = {Xavier Mertens}, title = {{A 'Zip Bomb' to Bypass Security Controls & Sandboxes}}, date = {2022-05-20}, organization = {SANS ISC}, url = {https://isc.sans.edu/forums/diary/A+Zip+Bomb+to+Bypass+Security+Controls+Sandboxes/28670/}, language = {English}, urldate = {2022-05-25} } A 'Zip Bomb' to Bypass Security Controls & Sandboxes
BitRAT
2022-05-20HPPatrick Schläpfer
@online{schlpfer:20220520:pdf:34ac538, author = {Patrick Schläpfer}, title = {{PDF Malware Is Not Yet Dead}}, date = {2022-05-20}, organization = {HP}, url = {https://threatresearch.ext.hp.com/pdf-malware-is-not-yet-dead/}, language = {English}, urldate = {2022-05-24} } PDF Malware Is Not Yet Dead
404 Keylogger