Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-23AnomaliAnomali Threat Research
@online{research:20211123:mummy:8cffd4e, author = {Anomali Threat Research}, title = {{Mummy Spider’s Emotet Malware is Back After a Year Hiatus; Wizard Spider’s TrickBot Observed in Its Return}}, date = {2021-11-23}, organization = {Anomali}, url = {https://www.anomali.com/blog/mummy-spiders-emotet-malware-is-back-after-a-year-hiatus-wizard-spiders-trickbot-observed-in-its-return}, language = {English}, urldate = {2021-11-26} } Mummy Spider’s Emotet Malware is Back After a Year Hiatus; Wizard Spider’s TrickBot Observed in Its Return
Emotet
2021-10-06AnomaliTara Gould
@online{gould:20211006:inside:9391014, author = {Tara Gould}, title = {{Inside TeamTNT’s Impressive Arsenal: A Look Into A TeamTNT Server}}, date = {2021-10-06}, organization = {Anomali}, url = {https://www.anomali.com/blog/inside-teamtnts-impressive-arsenal-a-look-into-a-teamtnt-server}, language = {English}, urldate = {2021-10-11} } Inside TeamTNT’s Impressive Arsenal: A Look Into A TeamTNT Server
TeamTNT
2021-09-02AnomaliGage Mele, Tara Gould, Rory Gould, Sean Townsend
@online{mele:20210902:cybercrime:335c7cb, author = {Gage Mele and Tara Gould and Rory Gould and Sean Townsend}, title = {{Cybercrime Group FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor}}, date = {2021-09-02}, organization = {Anomali}, url = {https://www.anomali.com/blog/cybercrime-group-fin7-using-windows-11-alpha-themed-docs-to-drop-javascript-backdoor}, language = {English}, urldate = {2021-09-09} } Cybercrime Group FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor
2021-07-27GigamonJoe Slowik
@online{slowik:20210727:ghosts:af3dc18, author = {Joe Slowik}, title = {{Ghosts on the Wire: Expanding Conceptions of Network Anomalies}}, date = {2021-07-27}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/07/27/ghosts-on-the-wire-expanding-conceptions-of-network-anomalies/}, language = {English}, urldate = {2021-08-02} } Ghosts on the Wire: Expanding Conceptions of Network Anomalies
SUNBURST
2021-05-13AnomaliTara Gould, Gage Mele
@online{gould:20210513:threat:6115cfb, author = {Tara Gould and Gage Mele}, title = {{Threat Actors Use MSBuild to Deliver RATs Filelessly}}, date = {2021-05-13}, organization = {Anomali}, url = {https://www.anomali.com/blog/threat-actors-use-msbuild-to-deliver-rats-filelessly}, language = {English}, urldate = {2021-05-17} } Threat Actors Use MSBuild to Deliver RATs Filelessly
Remcos
2021-05-10AnomaliA J Nash
@online{nash:20210510:rise:2ec5f2e, author = {A J Nash}, title = {{Rise of the Chief Intelligence Officer (CINO)}}, date = {2021-05-10}, organization = {Anomali}, url = {https://www.anomali.com/blog/rise-of-the-chief-intelligence-officer-cino}, language = {English}, urldate = {2021-05-13} } Rise of the Chief Intelligence Officer (CINO)
2021-04-19AnomaliGage Mele, Yury Polozov, Tara Gould
@online{mele:20210419:primitive:25a3c2c, author = {Gage Mele and Yury Polozov and Tara Gould}, title = {{PRIMITIVE BEAR (Gamaredon) Targets Ukraine with Timely Themes}}, date = {2021-04-19}, organization = {Anomali}, url = {https://www.anomali.com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes}, language = {English}, urldate = {2021-04-20} } PRIMITIVE BEAR (Gamaredon) Targets Ukraine with Timely Themes
2021-03-31AnomaliGage Mele, Tara Gould, Winston Marydasan, Yury Polozov
@online{mele:20210331:bahamut:2f5dcae, author = {Gage Mele and Tara Gould and Winston Marydasan and Yury Polozov}, title = {{Bahamut Possibly Responsible for Multi-Stage Infection Chain Campaign}}, date = {2021-03-31}, organization = {Anomali}, url = {https://www.anomali.com/blog/bahamut-possibly-responsible-for-multi-stage-infection-chain-campaign}, language = {English}, urldate = {2021-04-06} } Bahamut Possibly Responsible for Multi-Stage Infection Chain Campaign
2021-02-10AnomaliGage Mele, Winston Marydasan, Yury Polozov, Anomali Threat Research
@online{mele:20210210:probable:0e70381, author = {Gage Mele and Winston Marydasan and Yury Polozov and Anomali Threat Research}, title = {{Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies}}, date = {2021-02-10}, organization = {Anomali}, url = {https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies}, language = {English}, urldate = {2023-06-19} } Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies
2020-09-01Piotr Białczak, Wojciech Mazurczyk
@online{biaczak:20200901:characterizing:422e6a1, author = {Piotr Białczak and Wojciech Mazurczyk}, title = {{Characterizing Anomalies in Malware-Generated HTTP Traffic}}, date = {2020-09-01}, url = {https://www.hindawi.com/journals/scn/2020/8848863/}, language = {English}, urldate = {2020-09-03} } Characterizing Anomalies in Malware-Generated HTTP Traffic
2020-08-10AnomaliJoakim Kennedy, Rory Gould
@online{kennedy:20200810:anomali:241a19b, author = {Joakim Kennedy and Rory Gould}, title = {{Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service}}, date = {2020-08-10}, organization = {Anomali}, url = {https://www.anomali.com/blog/anomali-threat-research-releases-first-public-analysis-of-smaug-ransomware-as-a-service}, language = {English}, urldate = {2020-09-15} } Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service
SMAUG
2020-06-25AnomaliParthiban Rajendran, Gage Mele
@online{rajendran:20200625:unknown:33474d3, author = {Parthiban Rajendran and Gage Mele}, title = {{Unknown China-Based APT Targeting Myanmarese Entities}}, date = {2020-06-25}, organization = {Anomali}, url = {https://www.anomali.com/blog/unknown-china-based-apt-targeting-myanmarese-entities}, language = {English}, urldate = {2020-06-29} } Unknown China-Based APT Targeting Myanmarese Entities
2020-04-30AnomaliSara Moore, Joakim Kennedy, Parthiban R, Rory Gould
@online{moore:20200430:anomali:a12ce9e, author = {Sara Moore and Joakim Kennedy and Parthiban R and Rory Gould}, title = {{Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center}}, date = {2020-04-30}, organization = {Anomali}, url = {https://www.anomali.com/blog/anomali-suspects-that-china-backed-apt-pirate-panda-may-be-seeking-access-to-vietnam-government-data-center}, language = {English}, urldate = {2020-05-04} } Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center
2019-07-10AnomaliThreat Research Team
@online{team:20190710:ech0raix:b334de7, author = {Threat Research Team}, title = {{The eCh0raix Ransomware}}, date = {2019-07-10}, organization = {Anomali}, url = {https://www.anomali.com/blog/the-ech0raix-ransomware}, language = {English}, urldate = {2020-01-10} } The eCh0raix Ransomware
QNAPCrypt
2019-06-11AnomaliAnomali Threat Research
@online{research:20190611:interplanetary:8cdea99, author = {Anomali Threat Research}, title = {{The InterPlanetary Storm: New Malware in Wild Using InterPlanetary File System’s (IPFS) p2p network}}, date = {2019-06-11}, organization = {Anomali}, url = {https://www.anomali.com/blog/the-interplanetary-storm-new-malware-in-wild-using-interplanetary-file-systems-ipfs-p2p-network}, language = {English}, urldate = {2020-10-05} } The InterPlanetary Storm: New Malware in Wild Using InterPlanetary File System’s (IPFS) p2p network
IPStorm
2019-03-15AnomaliThreat Research Team
@online{team:20190315:rocke:a64a1b3, author = {Threat Research Team}, title = {{Rocke Evolves Its Arsenal With a New Malware Family Written in Golang}}, date = {2019-03-15}, organization = {Anomali}, url = {https://www.anomali.com/blog/rocke-evolves-its-arsenal-with-a-new-malware-family-written-in-golang}, language = {English}, urldate = {2020-01-08} } Rocke Evolves Its Arsenal With a New Malware Family Written in Golang
kerberods
2017-11-02AnomaliAnomali
@techreport{anomali:20171102:country:853fdd8, author = {Anomali}, title = {{Country Profile: Russian Federation}}, date = {2017-11-02}, institution = {Anomali}, url = {https://www.anomali.com/files/white-papers/russian-federation-country-profile.pdf}, language = {English}, urldate = {2020-09-23} } Country Profile: Russian Federation
Zeus
2016-05-27AnomaliAaron Shelmire
@online{shelmire:20160527:evidence:963d016, author = {Aaron Shelmire}, title = {{Evidence of Stronger Ties Between North Korea and SWIFT Banking Attacks}}, date = {2016-05-27}, organization = {Anomali}, url = {https://www.anomali.com/blog/evidence-of-stronger-ties-between-north-korea-and-swift-banking-attacks}, language = {English}, urldate = {2023-08-21} } Evidence of Stronger Ties Between North Korea and SWIFT Banking Attacks
DYEPACK Sierra(Alfa,Bravo, ...)
2016-04-14AnomaliAaron Shelmire
@online{shelmire:20160414:targeted:62c52fb, author = {Aaron Shelmire}, title = {{Targeted Ransomware Activity}}, date = {2016-04-14}, organization = {Anomali}, url = {https://www.anomali.com/blog/targeted-ransomware-activity}, language = {English}, urldate = {2019-12-06} } Targeted Ransomware Activity
Mikoponi