Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-03-30One Night in NorfolkKevin Perlow
@online{perlow:20200330:new:a5c6c8b, author = {Kevin Perlow}, title = {{A New Look at Old Dragonfly Malware (Goodor)}}, date = {2020-03-30}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/a-new-look-at-old-dragonfly-malware-goodor/}, language = {English}, urldate = {2020-03-30} } A New Look at Old Dragonfly Malware (Goodor)
Goodor
2020-03-27ZDNetCatalin Cimpanu
@online{cimpanu:20200327:booz:90c4f8d, author = {Catalin Cimpanu}, title = {{Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics}}, date = {2020-03-27}, organization = {ZDNet}, url = {https://www.zdnet.com/article/booz-allen-analyzed-200-russian-hacking-operations-to-better-understand-their-tactics/}, language = {English}, urldate = {2020-03-27} } Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics
2020-03-26Kaspersky LabsAlexey Firsh, Kurt Baumgartner, Brian Bartholomew
@online{firsh:20200326:ios:9898c0f, author = {Alexey Firsh and Kurt Baumgartner and Brian Bartholomew}, title = {{iOS exploit chain deploys LightSpy feature-rich malware}}, date = {2020-03-26}, organization = {Kaspersky Labs}, url = {https://securelist.com/ios-exploit-chain-deploys-lightspy-malware/96407/}, language = {English}, urldate = {2020-03-27} } iOS exploit chain deploys LightSpy feature-rich malware
dmsSpy lightSpy
2020-03-26BitdefenderLiviu Arsene
@online{arsene:20200326:android:946032b, author = {Liviu Arsene}, title = {{Android Apps and Malware Capitalize on Coronavirus}}, date = {2020-03-26}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/03/android-apps-and-malware-capitalize-on-coronavirus}, language = {English}, urldate = {2020-03-26} } Android Apps and Malware Capitalize on Coronavirus
Anubis Joker
2020-03-26Max Kersten's BlogMax Kersten
@online{kersten:20200326:azorult:5d5ee1f, author = {Max Kersten}, title = {{Azorult loader stages}}, date = {2020-03-26}, organization = {Max Kersten's Blog}, url = {https://maxkersten.nl/binary-analysis-course/malware-analysis/azorult-loader-stages/}, language = {English}, urldate = {2020-03-26} } Azorult loader stages
Azorult
2020-03-26McAfeeAlexandre Mundo
@online{mundo:20200326:ransomware:05f2b18, author = {Alexandre Mundo}, title = {{Ransomware Maze}}, date = {2020-03-26}, organization = {McAfee}, url = {https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/}, language = {English}, urldate = {2020-03-26} } Ransomware Maze
Maze
2020-03-26VMWare Carbon BlackScott Knight
@online{knight:20200326:dukes:df85f94, author = {Scott Knight}, title = {{The Dukes of Moscow}}, date = {2020-03-26}, organization = {VMWare Carbon Black}, url = {https://www.carbonblack.com/2020/03/26/the-dukes-of-moscow/}, language = {English}, urldate = {2020-03-27} } The Dukes of Moscow
Cobalt Strike MiniDuke OnionDuke PolyglotDuke PowerDuke
2020-03-26TelekomThomas Barabosch
@online{barabosch:20200326:ta505s:24d9805, author = {Thomas Barabosch}, title = {{TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer}}, date = {2020-03-26}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/cybersecurity-ta505-s-box-of-chocolate-597672}, language = {English}, urldate = {2020-03-27} } TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer
Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet
2020-03-26TechCrunchZack Whittaker
@online{whittaker:20200326:cyber:4b23d0a, author = {Zack Whittaker}, title = {{Cyber insurer Chubb had data stolen in Maze ransomware attack}}, date = {2020-03-26}, organization = {TechCrunch}, url = {https://techcrunch.com/2020/03/26/chubb-insurance-breach-ransomware/}, language = {English}, urldate = {2020-03-27} } Cyber insurer Chubb had data stolen in Maze ransomware attack
Maze
2020-03-26SpiderLabs BlogAlejandro Baca, Rodel Mendrez
@online{baca:20200326:would:a184711, author = {Alejandro Baca and Rodel Mendrez}, title = {{Would You Exchange Your Security for a Gift Card?}}, date = {2020-03-26}, organization = {SpiderLabs Blog}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/would-you-exchange-your-security-for-a-gift-card/}, language = {English}, urldate = {2020-03-30} } Would You Exchange Your Security for a Gift Card?
Griffon
2020-03-25Wilbur SecurityJW
@online{jw:20200325:trickbot:17b0dc3, author = {JW}, title = {{Trickbot to Ryuk in Two Hours}}, date = {2020-03-25}, organization = {Wilbur Security}, url = {https://www.wilbursecurity.com/2020/03/trickbot-to-ryuk-in-two-hours/}, language = {English}, urldate = {2020-03-26} } Trickbot to Ryuk in Two Hours
Cobalt Strike Ryuk TrickBot
2020-03-25Team CymruTeam Cymru
@online{cymru:20200325:how:b1d8c31, author = {Team Cymru}, title = {{How the Iranian Cyber Security Agency Detects Emissary Panda Malware}}, date = {2020-03-25}, organization = {Team Cymru}, url = {https://blog.team-cymru.com/2020/03/25/how-the-iranian-cyber-security-agency-detects-emissary-panda-malware/}, language = {English}, urldate = {2020-03-25} } How the Iranian Cyber Security Agency Detects Emissary Panda Malware
HyperBro
2020-03-25Reversing LabsKarlo Zanki
@online{zanki:20200325:unpacking:0d7085a, author = {Karlo Zanki}, title = {{Unpacking the Kwampirs RAT}}, date = {2020-03-25}, organization = {Reversing Labs}, url = {https://blog.reversinglabs.com/blog/unpacking-kwampirs-rat}, language = {English}, urldate = {2020-03-26} } Unpacking the Kwampirs RAT
Kwampirs
2020-03-25FireEyeChristopher Glyer, Dan Perez, Sarah Jones, Steve Miller
@online{glyer:20200325:this:0bc322f, author = {Christopher Glyer and Dan Perez and Sarah Jones and Steve Miller}, title = {{This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits}}, date = {2020-03-25}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/03/apt41-initiates-global-intrusion-campaign-using-multiple-exploits.html}, language = {English}, urldate = {2020-03-26} } This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits
Cobalt Strike
2020-03-25BitdefenderLiviu Arsene
@online{arsene:20200325:new:51ce027, author = {Liviu Arsene}, title = {{New Router DNS Hijacking Attacks Abuse Bitbucket to Host Infostealer}}, date = {2020-03-25}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/03/new-router-dns-hijacking-attacks-abuse-bitbucket-to-host-infostealer/}, language = {English}, urldate = {2020-03-30} } New Router DNS Hijacking Attacks Abuse Bitbucket to Host Infostealer
Oski Stealer
2020-03-24Kaspersky LabsAlexander Eremin
@online{eremin:20200324:people:752ed0f, author = {Alexander Eremin}, title = {{People infected with coronavirus are all around you, says Ginp Trojan}}, date = {2020-03-24}, organization = {Kaspersky Labs}, url = {https://www.kaspersky.com/blog/ginp-trojan-coronavirus-finder/34338/}, language = {English}, urldate = {2020-03-26} } People infected with coronavirus are all around you, says Ginp Trojan
Ginp
2020-03-24Bleeping ComputerLawrence Abrams
@online{abrams:20200324:three:fb92d03, author = {Lawrence Abrams}, title = {{Three More Ransomware Families Create Sites to Leak Stolen Data}}, date = {2020-03-24}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/three-more-ransomware-families-create-sites-to-leak-stolen-data/}, language = {English}, urldate = {2020-03-26} } Three More Ransomware Families Create Sites to Leak Stolen Data
Clop DoppelPaymer Maze Nefilim Ransomware Nemty REvil
2020-03-24Trend MicroElliot Cao, Joseph Chen, William Gamazo Sanchez, Lilang Wu, Ecular Xu
@techreport{cao:20200324:technical:dc23839, author = {Elliot Cao and Joseph Chen and William Gamazo Sanchez and Lilang Wu and Ecular Xu}, title = {{Technical Brief: Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links}}, date = {2020-03-24}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/Tech-Brief-Operation-Poisoned-News-Hong-Kong-Users-Targeted-with-Mobile-Malware-via-Local-News-Links.pdf}, language = {English}, urldate = {2020-03-25} } Technical Brief: Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links
dmsSpy lightSpy
2020-03-24Kaspersky LabsDenis Legezo
@online{legezo:20200324:wildpressure:add6905, author = {Denis Legezo}, title = {{WildPressure targets industrial-related entities in the Middle East}}, date = {2020-03-24}, organization = {Kaspersky Labs}, url = {https://securelist.com/wildpressure-targets-industrial-in-the-middle-east/96360/}, language = {English}, urldate = {2020-03-26} } WildPressure targets industrial-related entities in the Middle East
Milum
2020-03-24ID RansomwareAndrew Ivanov
@online{ivanov:20200324:kekw:ef9d6a6, author = {Andrew Ivanov}, title = {{KEKW Ransomware KEKW-Locker Ransomware}}, date = {2020-03-24}, organization = {ID Ransomware}, url = {https://id-ransomware.blogspot.com/2020/03/kekw-ransomware.html}, language = {Russian}, urldate = {2020-03-28} } KEKW Ransomware KEKW-Locker Ransomware
KEKW Ransomware