Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-21Sentinel LABSTom Hegel
@online{hegel:20230921:cyber:9a6bb38, author = {Tom Hegel}, title = {{Cyber Soft Power | China’s Continental Takeover}}, date = {2023-09-21}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/labs/cyber-soft-power-chinas-continental-takeover/}, language = {English}, urldate = {2023-09-22} } Cyber Soft Power | China’s Continental Takeover
2023-09-20ProofpointProofpoint Threat Research Team
@online{team:20230920:chinese:25abe7e, author = {Proofpoint Threat Research Team}, title = {{Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape}}, date = {2023-09-20}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/chinese-malware-appears-earnest-across-cybercrime-threat-landscape}, language = {English}, urldate = {2023-09-22} } Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
FatalRat PurpleFox ValleyRAT
2023-09-19Recorded FutureInsikt Group
@techreport{group:20230919:multiyear:84b50f8, author = {Insikt Group}, title = {{Multi-year Chinese APT Campaign Targets South Korean Academic, Government, and Political Entities}}, date = {2023-09-19}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0919.pdf}, language = {English}, urldate = {2023-09-20} } Multi-year Chinese APT Campaign Targets South Korean Academic, Government, and Political Entities
Korlia
2023-09-19Cisco TalosAsheer Malhotra, Caitlin Huey, Sean Taylor, Vitor Ventura, Arnaud Zobec
@online{malhotra:20230919:new:a39af36, author = {Asheer Malhotra and Caitlin Huey and Sean Taylor and Vitor Ventura and Arnaud Zobec}, title = {{New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants}}, date = {2023-09-19}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/introducing-shrouded-snooper/}, language = {English}, urldate = {2023-09-20} } New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
HTTPSnoop PipeSnoop
2023-09-19Medium (@DCSO_CyTec)Johann Aydinbas
@online{aydinbas:20230919:shortandmalicious:a0cff0b, author = {Johann Aydinbas}, title = {{#ShortAndMalicious — DarkGate}}, date = {2023-09-19}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/shortandmalicious-darkgate-d9102a457232}, language = {English}, urldate = {2023-09-20} } #ShortAndMalicious — DarkGate
DarkGate
2023-09-19CheckpointAlexey Bukhteyev, Arie Olshtein
@online{bukhteyev:20230919:unveiling:1ebf179, author = {Alexey Bukhteyev and Arie Olshtein}, title = {{Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos}}, date = {2023-09-19}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/unveiling-the-shadows-the-dark-alliance-between-guloader-and-remcos/}, language = {English}, urldate = {2023-09-20} } Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos
CloudEyE Remcos
2023-09-18Trend MicroJoseph Chen, Jaromír Hořejší
@online{chen:20230918:earth:e01f24c, author = {Joseph Chen and Jaromír Hořejší}, title = {{Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement}}, date = {2023-09-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html}, language = {English}, urldate = {2023-09-18} } Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
SprySOCKS
2023-09-18KrebsOnSecurityBrian Krebs
@online{krebs:20230918:whos:a141b00, author = {Brian Krebs}, title = {{Who's Behind the 8Base Ransomware Website?}}, date = {2023-09-18}, organization = {KrebsOnSecurity}, url = {https://krebsonsecurity.com/2023/09/whos-behind-the-8base-ransomware-website/}, language = {English}, urldate = {2023-09-22} } Who's Behind the 8Base Ransomware Website?
8Base
2023-09-18SentinelOneAlex Delamotte
@online{delamotte:20230918:capratube:77604c8, author = {Alex Delamotte}, title = {{CapraTube | Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones}}, date = {2023-09-18}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/capratube-transparent-tribes-caprarat-mimics-youtube-to-hijack-android-phones/}, language = {English}, urldate = {2023-09-20} } CapraTube | Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones
CapraRAT
2023-09-15Migeel.skMichal Strehovský
@online{strehovsk:20230915:reverse:c34ac82, author = {Michal Strehovský}, title = {{Reverse engineering natively-compiled .NET apps}}, date = {2023-09-15}, organization = {Migeel.sk}, url = {https://migeel.sk/blog/2023/09/15/reverse-engineering-natively-compiled-dotnet-apps/}, language = {English}, urldate = {2023-09-20} } Reverse engineering natively-compiled .NET apps
2023-09-15CyberCXPhill Moore, Zach Stanford, Suyash Tripathi, Yogesh Khatri
@online{moore:20230915:weaponising:debcaf2, author = {Phill Moore and Zach Stanford and Suyash Tripathi and Yogesh Khatri}, title = {{Weaponising VMs to bypass EDR – Akira ransomware}}, date = {2023-09-15}, organization = {CyberCX}, url = {https://cybercx.com.au/blog/akira-ransomware/}, language = {English}, urldate = {2023-09-15} } Weaponising VMs to bypass EDR – Akira ransomware
Akira
2023-09-14Deep instinctMark Vaitzman, Ron Ben Yizhak, Simon Kenin
@online{vaitzman:20230914:operation:0b13a33, author = {Mark Vaitzman and Ron Ben Yizhak and Simon Kenin}, title = {{Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets}}, date = {2023-09-14}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/operation-rusty-flag-a-malicious-campaign-against-azerbaijanian-targets}, language = {English}, urldate = {2023-09-19} } Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets
Unidentified 110 (RustyFlag)
2023-09-13SecurityScorecardVlad Pasca
@online{pasca:20230913:detailed:e8e910b, author = {Vlad Pasca}, title = {{A detailed analysis of the Money Message Ransomware}}, date = {2023-09-13}, organization = {SecurityScorecard}, url = {https://resources.securityscorecard.com/research/analysis-money-message-ransomware}, language = {English}, urldate = {2023-09-20} } A detailed analysis of the Money Message Ransomware
Money Message
2023-09-12MicrosoftMicrosoft Threat Intelligence
@online{intelligence:20230912:malware:3a31afc, author = {Microsoft Threat Intelligence}, title = {{Malware distributor Storm-0324 facilitates ransomware access}}, date = {2023-09-12}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/security/blog/2023/09/12/malware-distributor-storm-0324-facilitates-ransomware-access/}, language = {English}, urldate = {2023-09-13} } Malware distributor Storm-0324 facilitates ransomware access
JSSLoader
2023-09-12ANSSIANSSI
@techreport{anssi:20230912:fin12:b0a08e2, author = {ANSSI}, title = {{FIN12: A Cybercriminal Group with Multiple Ransomware}}, date = {2023-09-12}, institution = {ANSSI}, url = {https://www.cert.ssi.gouv.fr/uploads/CERTFR-2023-CTI-007.pdf}, language = {French}, urldate = {2023-09-20} } FIN12: A Cybercriminal Group with Multiple Ransomware
BlackCat Cobalt Strike Conti Hive MimiKatz Nokoyawa Ransomware PLAY Royal Ransom Ryuk SystemBC
2023-09-12ZscalerSudeep Singh
@online{singh:20230912:peek:6769a87, author = {Sudeep Singh}, title = {{A peek into APT36’s updated arsenal}}, date = {2023-09-12}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/peek-apt36-s-updated-arsenal}, language = {English}, urldate = {2023-09-18} } A peek into APT36’s updated arsenal
ElizaRAT
2023-09-11SymantecSymantec Threat Intelligence
@online{intelligence:20230911:about:e53f947, author = {Symantec Threat Intelligence}, title = {{Tweet about Symantec discovering a new variant of SiestaGraph}}, date = {2023-09-11}, organization = {Symantec}, url = {https://x.com/threatintel/status/1701259256199090217}, language = {English}, urldate = {2023-09-18} } Tweet about Symantec discovering a new variant of SiestaGraph
SiestaGraph
2023-09-11KasperskyAlexander Kirichenko, Gleb Ivanov
@online{kirichenko:20230911:from:7fe2d83, author = {Alexander Kirichenko and Gleb Ivanov}, title = {{From Caribbean shores to your devices: analyzing Cuba ransomware}}, date = {2023-09-11}, organization = {Kaspersky}, url = {https://securelist.com/cuba-ransomware/110533/}, language = {English}, urldate = {2023-09-13} } From Caribbean shores to your devices: analyzing Cuba ransomware
Cuba
2023-09-08ZscalerZscaler
@online{zscaler:20230908:technical:32525b9, author = {Zscaler}, title = {{Technical Analysis of HijackLoader}}, date = {2023-09-08}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/technical-analysis-hijackloader}, language = {English}, urldate = {2023-09-13} } Technical Analysis of HijackLoader
HijackLoader
2023-09-08K7 SecuritySudeep Waingankar
@online{waingankar:20230908:romcom:2c93c76, author = {Sudeep Waingankar}, title = {{RomCom RAT: Not Your Typical Love Story}}, date = {2023-09-08}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/romcom-rat-not-your-typical-love-story/}, language = {English}, urldate = {2023-09-13} } RomCom RAT: Not Your Typical Love Story
ROMCOM RAT