Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-30F-SecureF-Secure Labs
@techreport{labs:20210330:attack:1d19df0, author = {F-Secure Labs}, title = {{Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks}}, date = {2021-03-30}, institution = {F-Secure}, url = {https://blog-assets.f-secure.com/wp-content/uploads/2021/03/30120359/attack-landscape-update-h1-2021.pdf}, language = {English}, urldate = {2021-03-31} } Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks
2020-11-20F-Secure LabsRiccardo Ancarani
@online{ancarani:20201120:detecting:79afa40, author = {Riccardo Ancarani}, title = {{Detecting Cobalt Strike Default Modules via Named Pipe Analysis}}, date = {2020-11-20}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/detecting-cobalt-strike-default-modules-via-named-pipe-analysis}, language = {English}, urldate = {2020-11-23} } Detecting Cobalt Strike Default Modules via Named Pipe Analysis
Cobalt Strike
2020-10-23F-Secure LabsGuillaume Couchard, Qimin Wang, Thiam Loong Siew
@online{couchard:20201023:catching:5788228, author = {Guillaume Couchard and Qimin Wang and Thiam Loong Siew}, title = {{Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two}}, date = {2020-10-23}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/catching-lazarus-threat-intelligence-to-real-detection-logic-part-two}, language = {English}, urldate = {2020-10-26} } Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two
MimiKatz
2020-09-25F-Secure LabsGuillaume Couchard, Qimin Wang, Thiam Loong Siew
@online{couchard:20200925:catching:f381664, author = {Guillaume Couchard and Qimin Wang and Thiam Loong Siew}, title = {{Catching Lazarus: Threat Intelligence to Real Detection Logic - Part One}}, date = {2020-09-25}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/catching-lazarus-threat-intelligence-to-real-detection-logic}, language = {English}, urldate = {2020-10-05} } Catching Lazarus: Threat Intelligence to Real Detection Logic - Part One
2020-08-18F-Secure LabsF-Secure Labs
@online{labs:20200818:lazarus:f2dadaa, author = {F-Secure Labs}, title = {{Lazarus Group: Campaign Targeting the Cryptocurrency Vertical}}, date = {2020-08-18}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/publications/ti-report-lazarus-group-cryptocurrency-vertical/}, language = {English}, urldate = {2020-08-27} } Lazarus Group: Campaign Targeting the Cryptocurrency Vertical
2020-07-03F-Secure LabsAnartz Martin
@online{martin:20200703:attack:1454a0d, author = {Anartz Martin}, title = {{Attack Detection Fundamentals: Code Execution and Persistence - Lab #1}}, date = {2020-07-03}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/attack-detection-fundamentals-code-execution-and-persistence-lab-1/}, language = {English}, urldate = {2020-09-21} } Attack Detection Fundamentals: Code Execution and Persistence - Lab #1
Astaroth
2020-05-06F-Secure LabsMelissa Michael, Artturi Lehtiö
@online{michael:20200506:039:49d4744, author = {Melissa Michael and Artturi Lehtiö}, title = {{039| Deconstructing the Dukes: A Researcher’s Retrospective of APT29}}, date = {2020-05-06}, organization = {F-Secure Labs}, url = {https://blog.f-secure.com/podcast-dukes-apt29/}, language = {English}, urldate = {2020-07-06} } 039| Deconstructing the Dukes: A Researcher’s Retrospective of APT29
OnionDuke
2017-04-13F-SecureF-Secure Labs
@online{labs:20170413:callisto:3bf4157, author = {F-Secure Labs}, title = {{Callisto Group}}, date = {2017-04-13}, organization = {F-Secure}, url = {https://web.archive.org/web/20170417102235/https://www.f-secure.com/documents/996508/1030745/callisto-group}, language = {English}, urldate = {2023-10-05} } Callisto Group
Callisto
2017-04F-SecureF-Secure Labs
@techreport{labs:201704:callisto:5e97cb4, author = {F-Secure Labs}, title = {{CALLISTO GROUP}}, date = {2017-04}, institution = {F-Secure}, url = {https://www.f-secure.com/content/dam/f-secure/en/labs/whitepapers/Callisto_Group.pdf}, language = {English}, urldate = {2022-03-31} } CALLISTO GROUP
RCS Callisto
2016-08-05F-SecureF-Secure Labs
@techreport{labs:20160805:nanhaishu:cee830d, author = {F-Secure Labs}, title = {{NANHAISHU: RATing the South China Sea}}, date = {2016-08-05}, institution = {F-Secure}, url = {https://www.f-secure.com/documents/996508/1030745/nanhaishu_whitepaper.pdf}, language = {English}, urldate = {2020-01-13} } NANHAISHU: RATing the South China Sea
NanHaiShu
2015-09-17F-SecureF-Secure Labs
@online{labs:20150917:dukes:767fbef, author = {F-Secure Labs}, title = {{The Dukes: 7 Years Of Russian Cyber-Espionage}}, date = {2015-09-17}, organization = {F-Secure}, url = {https://labsblog.f-secure.com/2015/09/17/the-dukes-7-years-of-russian-cyber-espionage/}, language = {English}, urldate = {2020-01-13} } The Dukes: 7 Years Of Russian Cyber-Espionage
APT29
2015-09F-SecureF-Secure Labs
@techreport{labs:201509:dukes:035f864, author = {F-Secure Labs}, title = {{The Dukes - 7 Years of Russian Cyberespionage}}, date = {2015-09}, institution = {F-Secure}, url = {https://blog.f-secure.com/wp-content/uploads/2020/03/F-Secure_Dukes_Whitepaper.pdf}, language = {English}, urldate = {2022-10-20} } The Dukes - 7 Years of Russian Cyberespionage
PinchDuke
2015-08-17F-Secure LabsNoora Hyvärinen, F-Secure Threat Intelligence Team
@techreport{hyvrinen:20150817:dukes:4a0e858, author = {Noora Hyvärinen and F-Secure Threat Intelligence Team}, title = {{THE DUKES 7 YEARS OF RUSSIAN CYBERESPIONAGE}}, date = {2015-08-17}, institution = {F-Secure Labs}, url = {https://blog-assets.f-secure.com/wp-content/uploads/2020/03/18122307/F-Secure_Dukes_Whitepaper.pdf}, language = {English}, urldate = {2022-11-15} } THE DUKES 7 YEARS OF RUSSIAN CYBERESPIONAGE
COZYDUKE GeminiDuke
2014-11-14F-SecureF-Secure Labs
@online{labs:20141114:onionduke:dc56d5c, author = {F-Secure Labs}, title = {{OnionDuke: APT Attacks Via the Tor Network}}, date = {2014-11-14}, organization = {F-Secure}, url = {https://www.f-secure.com/weblog/archives/00002764.html}, language = {English}, urldate = {2020-01-09} } OnionDuke: APT Attacks Via the Tor Network
OnionDuke
2014-09-04F-SecureF-Secure Labs
@online{labs:20140904:pitou:211eac4, author = {F-Secure Labs}, title = {{PITOU: The "silent" resurrection of the notorious Srizbi kernel spambot}}, date = {2014-09-04}, organization = {F-Secure}, url = {http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.565.9211&rep=rep1&type=pdf}, language = {English}, urldate = {2021-09-09} } PITOU: The "silent" resurrection of the notorious Srizbi kernel spambot
Pitou
2014-07-03F-SecureF-Secure Labs
@techreport{labs:20140703:cosmicduke:dbbee08, author = {F-Secure Labs}, title = {{COSMICDUKE: Cosmu with a twist of MiniDuke}}, date = {2014-07-03}, institution = {F-Secure}, url = {https://blog.f-secure.com/wp-content/uploads/2019/10/CosmicDuke.pdf}, language = {English}, urldate = {2022-09-20} } COSMICDUKE: Cosmu with a twist of MiniDuke
CosmicDuke
2013-05-22F-Secure LabsSean
@online{sean:20130522:mac:2142ede, author = {Sean}, title = {{Mac Spyware: OSX/KitM (Kumar in the Mac)}}, date = {2013-05-22}, organization = {F-Secure Labs}, url = {https://www.f-secure.com/weblog/archives/00002558.html}, language = {English}, urldate = {2019-11-28} } Mac Spyware: OSX/KitM (Kumar in the Mac)
Kitmos
2010-06-28F-Secure LabsAce Portuguez
@techreport{portuguez:20100628:case:d50ed65, author = {Ace Portuguez}, title = {{The Case of Trojan DownLoader "TDL3"}}, date = {2010-06-28}, institution = {F-Secure Labs}, url = {https://archive.f-secure.com/weblog/archives/The_Case_of__TDL3.pdf}, language = {English}, urldate = {2022-01-25} } The Case of Trojan DownLoader "TDL3"
Alureon