Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-25DarktraceEmma Foulger, Max Heinemeyer
@online{foulger:20220825:detecting:95564b0, author = {Emma Foulger and Max Heinemeyer}, title = {{Detecting the Unknown: Revealing Uncategorized Ransomware Using Darktrace}}, date = {2022-08-25}, organization = {Darktrace}, url = {https://de.darktrace.com/blog/detecting-the-unknown-revealing-uncategorised-ransomware-using-darktrace}, language = {English}, urldate = {2022-08-30} } Detecting the Unknown: Revealing Uncategorized Ransomware Using Darktrace
BlackByte
2022-08-23DarktraceEugene Chua, Paul Jennings, Hanah Darley
@online{chua:20220823:emotet:8e4522c, author = {Eugene Chua and Paul Jennings and Hanah Darley}, title = {{Emotet Resurgence: Cross-Industry Campaign Analysis}}, date = {2022-08-23}, organization = {Darktrace}, url = {https://de.darktrace.com/blog/emotet-resurgence-cross-industry-campaign-analysis}, language = {English}, urldate = {2022-08-30} } Emotet Resurgence: Cross-Industry Campaign Analysis
Emotet
2022-07-27DarktraceSam Lister, Shuh Chin Goh
@online{lister:20220727:privateloader:e408698, author = {Sam Lister and Shuh Chin Goh}, title = {{PrivateLoader: Network-Based Indicators of Compromise}}, date = {2022-07-27}, organization = {Darktrace}, url = {https://de.darktrace.com/blog/privateloader-network-based-indicators-of-compromise}, language = {English}, urldate = {2022-08-30} } PrivateLoader: Network-Based Indicators of Compromise
PrivateLoader SmokeLoader
2022-05-26DarktraceDarkTrace
@online{darktrace:20220526:wormlike:26a9da3, author = {DarkTrace}, title = {{Worm-like propagation of Sysrv-hello crypto-jacking botnet: Network traffic analysis and latest TTPs}}, date = {2022-05-26}, organization = {Darktrace}, url = {https://darktrace.com/blog/worm-like-propagation-of-sysrv-hello-crypto-jacking-botnet}, language = {English}, urldate = {2022-09-06} } Worm-like propagation of Sysrv-hello crypto-jacking botnet: Network traffic analysis and latest TTPs
Sysrv-hello Sysrv-hello
2022-02-14DarktraceOakley Cox
@online{cox:20220214:staying:16693dd, author = {Oakley Cox}, title = {{Staying ahead of REvil’s Ransomware-as-a-Service business model}}, date = {2022-02-14}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/staying-ahead-of-r-evils-ransomware-as-a-service-business-model/}, language = {English}, urldate = {2022-03-01} } Staying ahead of REvil’s Ransomware-as-a-Service business model
REvil REvil
2021-12-08DarktraceJustin Fier
@online{fier:20211208:double:d7f9207, author = {Justin Fier}, title = {{The double extortion business: Conti Ransomware Gang finds new avenues of negotiation}}, date = {2021-12-08}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/the-double-extortion-business-conti-ransomware-gang-finds-new-avenues-of-negotiation/}, language = {English}, urldate = {2021-12-09} } The double extortion business: Conti Ransomware Gang finds new avenues of negotiation
Conti
2021-07-20DarktraceMax Heinemeyer
@online{heinemeyer:20210720:data:ae1a230, author = {Max Heinemeyer}, title = {{Data exfiltration in Latin America}}, date = {2021-07-20}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/data-exfiltration-in-latin-america/}, language = {English}, urldate = {2021-07-26} } Data exfiltration in Latin America
2021-06-22DarktraceOakley Cox
@online{cox:20210622:cryptomining:13a5fec, author = {Oakley Cox}, title = {{Crypto-mining on a DNS server}}, date = {2021-06-22}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/crypto-mining-on-a-dns-server/}, language = {English}, urldate = {2021-06-24} } Crypto-mining on a DNS server
2021-05-10DarkTracerDarkTracer
@online{darktracer:20210510:intelligence:b9d1c3f, author = {DarkTracer}, title = {{Intelligence Report on Ransomware Gangs on the DarkWeb: List of victim organizations attacked by ransomware gangs released on the DarkWeb}}, date = {2021-05-10}, organization = {DarkTracer}, url = {https://docs.google.com/spreadsheets/d/1MI8Z2tBhmqQ5X8Wf_ozv3dVjz5sJOs-3}, language = {English}, urldate = {2021-05-13} } Intelligence Report on Ransomware Gangs on the DarkWeb: List of victim organizations attacked by ransomware gangs released on the DarkWeb
RansomEXX Avaddon Babuk Clop Conti Cuba DarkSide DoppelPaymer Egregor Hades LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker Nefilim Nemty Pay2Key PwndLocker RagnarLocker Ragnarok RansomEXX REvil Sekhmet SunCrypt ThunderX
2021-04-23DarktraceMax Heinemeyer
@online{heinemeyer:20210423:apt35:24eeaad, author = {Max Heinemeyer}, title = {{APT35 ‘Charming Kitten' discovered in a pre-infected environment}}, date = {2021-04-23}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/apt-35-charming-kitten-discovered-in-a-pre-infected-environment/}, language = {English}, urldate = {2021-04-29} } APT35 ‘Charming Kitten' discovered in a pre-infected environment
2020-07-23DarktraceMax Heinemeyer
@online{heinemeyer:20200723:resurgence:75f36ef, author = {Max Heinemeyer}, title = {{The resurgence of the Ursnif banking trojan}}, date = {2020-07-23}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/the-resurgence-of-the-ursnif-banking-trojan/}, language = {English}, urldate = {2021-06-29} } The resurgence of the Ursnif banking trojan
ISFB Snifula
2020-04-02DarktraceMax Heinemeyer
@online{heinemeyer:20200402:catching:b7f137d, author = {Max Heinemeyer}, title = {{Catching APT41 exploiting a zero-day vulnerability}}, date = {2020-04-02}, organization = {Darktrace}, url = {https://www.darktrace.com/en/blog/catching-apt-41-exploiting-a-zero-day-vulnerability/}, language = {English}, urldate = {2020-04-13} } Catching APT41 exploiting a zero-day vulnerability
Cobalt Strike