Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-21Github (rivitna)Andrey Zhdanov
@online{zhdanov:20230321:blackcat:2da310d, author = {Andrey Zhdanov}, title = {{BlackCat v3 Decryptor Scripts}}, date = {2023-03-21}, organization = {Github (rivitna)}, url = {https://github.com/rivitna/Malware/tree/main/BlackCat/ALPHV3}, language = {English}, urldate = {2023-03-22} } BlackCat v3 Decryptor Scripts
BlackCat BlackCat
2023-03-21Kaspersky LabsLeonid Bezvershenko, Georgy Kucherin, Igor Kuznetsov
@online{bezvershenko:20230321:bad:054dcba, author = {Leonid Bezvershenko and Georgy Kucherin and Igor Kuznetsov}, title = {{Bad magic: new APT found in the area of Russo-Ukrainian conflict}}, date = {2023-03-21}, organization = {Kaspersky Labs}, url = {https://securelist.com/bad-magic-apt/109087/?s=31}, language = {English}, urldate = {2023-03-21} } Bad magic: new APT found in the area of Russo-Ukrainian conflict
PowerMagic CommonMagic
2023-03-21CleafyFrancesco Iubatti, Alessandro Strino, Federico Valentini
@online{iubatti:20230321:nexus:e4a7788, author = {Francesco Iubatti and Alessandro Strino and Federico Valentini}, title = {{Nexus: a new Android botnet?}}, date = {2023-03-21}, organization = {Cleafy}, url = {https://www.cleafy.com/cleafy-labs/nexus-a-new-android-botnet}, language = {English}, urldate = {2023-03-21} } Nexus: a new Android botnet?
Nexus
2023-03-20Medium s2wlabHOTSAUCE, S2W TALON
@online{hotsauce:20230320:detailed:d141765, author = {HOTSAUCE and S2W TALON}, title = {{Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking}}, date = {2023-03-20}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/detailed-analysis-of-cryptocurrency-phishing-through-famous-youtube-channel-hacking-cd40de8dce6f}, language = {Korean}, urldate = {2023-03-21} } Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking
2023-03-20SecurityIntelligenceJohn Dwyer
@online{dwyer:20230320:when:3f1345c, author = {John Dwyer}, title = {{When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule}}, date = {2023-03-20}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/posts/defensive-considerations-lazarus-fudmodule/}, language = {English}, urldate = {2023-03-21} } When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule
FudModule
2023-03-20NVISO LabsMaxime Thiebaut
@online{thiebaut:20230320:icedids:78b47a7, author = {Maxime Thiebaut}, title = {{IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole}}, date = {2023-03-20}, organization = {NVISO Labs}, url = {https://blog.nviso.eu/2023/03/20/icedids-vnc-backdoors-dark-cat-anubis-keyhole/}, language = {English}, urldate = {2023-03-21} } IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole
IcedID
2023-03-20ThreatMonThreatMon Malware Research Team, seyitsec
@online{team:20230320:cybergun:e416155, author = {ThreatMon Malware Research Team and seyitsec}, title = {{Cybergun: Technical Analysis of the Armageddon's Infostealer}}, date = {2023-03-20}, organization = {ThreatMon}, url = {https://threatmon.io/cybergun-technical-analysis-of-the-armageddons-infostealer/}, language = {English}, urldate = {2023-03-21} } Cybergun: Technical Analysis of the Armageddon's Infostealer
Pteranodon
2023-03-20ElasticRemco Sprooten
@online{sprooten:20230320:naplistener:5207e95, author = {Remco Sprooten}, title = {{NAPLISTENER: more bad dreams from developers of SIESTAGRAPH}}, date = {2023-03-20}, organization = {Elastic}, url = {https://www.elastic.co/de/security-labs/naplistener-more-bad-dreams-from-the-developers-of-siestagraph}, language = {English}, urldate = {2023-03-21} } NAPLISTENER: more bad dreams from developers of SIESTAGRAPH
NAPLISTENER SiestaGraph
2023-03-190xToxin Labs@0xToxin
@online{0xtoxin:20230319:gozi:bb7bade, author = {@0xToxin}, title = {{Gozi - Italian ShellCode Dance}}, date = {2023-03-19}, organization = {0xToxin Labs}, url = {https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/gozi-italian-shellcode-dance}, language = {English}, urldate = {2023-03-20} } Gozi - Italian ShellCode Dance
Gozi ISFB
2023-03-19Ilan Duhin
@online{duhin:20230319:vawtrak:1cccd8c, author = {Ilan Duhin}, title = {{Vawtrak Analysis}}, date = {2023-03-19}, url = {https://medium.com/@Ilandu/vawtrak-malware-824818c1837}, language = {English}, urldate = {2023-03-20} } Vawtrak Analysis
Vawtrak
2023-03-190xToxin Labs@0xToxin
@online{0xtoxin:20230319:scrubcrypt:707ec19, author = {@0xToxin}, title = {{ScrubCrypt - The Rebirth of Jlaive}}, date = {2023-03-19}, organization = {0xToxin Labs}, url = {https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/scrubcrypt-the-rebirth-of-jlaive}, language = {English}, urldate = {2023-03-20} } ScrubCrypt - The Rebirth of Jlaive
ScrubCrypter
2023-03-17Medium s2wlabBLKSMTH, S2W TALON
@online{blksmth:20230317:kimsuky:984e133, author = {BLKSMTH and S2W TALON}, title = {{Kimsuky group appears to be exploiting OneNote like the cybercrime group}}, date = {2023-03-17}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/kimsuky-group-appears-to-be-exploiting-onenote-like-the-cybercrime-group-3c96b0b85b9f}, language = {English}, urldate = {2023-03-20} } Kimsuky group appears to be exploiting OneNote like the cybercrime group
2023-03-17AhnLabASEC
@online{asec:20230317:shellbot:93d3ae5, author = {ASEC}, title = {{ShellBot Malware Being Distributed to Linux SSH Servers}}, date = {2023-03-17}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/49769/}, language = {English}, urldate = {2023-03-20} } ShellBot Malware Being Distributed to Linux SSH Servers
PerlBot
2023-03-17ElasticCyril François, Daniel Stepanic
@online{franois:20230317:thawing:b8065d4, author = {Cyril François and Daniel Stepanic}, title = {{Thawing the permafrost of ICEDID Summary}}, date = {2023-03-17}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/thawing-the-permafrost-of-icedid-summary}, language = {English}, urldate = {2023-03-20} } Thawing the permafrost of ICEDID Summary
IcedID PhotoLoader
2023-03-16SentinelOneTom Hegel
@online{hegel:20230316:winter:5e43881, author = {Tom Hegel}, title = {{Winter Vivern | Uncovering a Wave of Global Espionage}}, date = {2023-03-16}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/winter-vivern-uncovering-a-wave-of-global-espionage/}, language = {English}, urldate = {2023-03-20} } Winter Vivern | Uncovering a Wave of Global Espionage
APERETIF
2023-03-16Team CymruS2 Research Team
@online{team:20230316:moqhao:b249827, author = {S2 Research Team}, title = {{MoqHao Part 3: Recent Global Targeting Trends}}, date = {2023-03-16}, organization = {Team Cymru}, url = {https://www.team-cymru.com/post/moqhao-part-3-recent-global-targeting-trends}, language = {English}, urldate = {2023-03-20} } MoqHao Part 3: Recent Global Targeting Trends
MoqHao
2023-03-16Palo Alto Networks Unit 42Frank Lee, Scott Roland
@online{lee:20230316:beeware:1ad83b4, author = {Frank Lee and Scott Roland}, title = {{Bee-Ware of Trigona, An Emerging Ransomware Strain}}, date = {2023-03-16}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/trigona-ransomware-update/}, language = {English}, urldate = {2023-03-20} } Bee-Ware of Trigona, An Emerging Ransomware Strain
Cryakl MimiKatz Trigona
2023-03-16Trend MicroCedric Pernet, Jaromír Hořejší, Loseway Lu
@online{pernet:20230316:ipfs:6f479ce, author = {Cedric Pernet and Jaromír Hořejší and Loseway Lu}, title = {{IPFS: A New Data Frontier or a New Cybercriminal Hideout?}}, date = {2023-03-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ipfs-a-new-data-frontier-or-a-new-cybercriminal-hideout}, language = {English}, urldate = {2023-03-20} } IPFS: A New Data Frontier or a New Cybercriminal Hideout?
Agent Tesla Formbook RedLine Stealer Remcos
2023-03-16SekoiaThreat & Detection Research Team
@online{team:20230316:peeking:347803a, author = {Threat & Detection Research Team}, title = {{Peeking at Reaper’s surveillance operations}}, date = {2023-03-16}, organization = {Sekoia}, url = {https://blog.sekoia.io/peeking-at-reaper-surveillance-operations-against-north-korea-defectors/}, language = {English}, urldate = {2023-03-20} } Peeking at Reaper’s surveillance operations
Chinotto
2023-03-16AkamaiChad Seaman, Larry Cashdollar, Allen West
@online{seaman:20230316:uncovering:8712a1d, author = {Chad Seaman and Larry Cashdollar and Allen West}, title = {{Uncovering HinataBot: A Deep Dive into a Go-Based Threat}}, date = {2023-03-16}, organization = {Akamai}, url = {https://www.akamai.com/blog/security-research/hinatabot-uncovering-new-golang-ddos-botnet}, language = {English}, urldate = {2023-03-20} } Uncovering HinataBot: A Deep Dive into a Go-Based Threat
HinataBot