Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-12-08FortinetShunichi Imano, Fred Gutierrez
@online{imano:20221208:ransomware:b3584f6, author = {Shunichi Imano and Fred Gutierrez}, title = {{Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants}}, date = {2022-12-08}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-vohuk-scarecrow-and-aerst-variants}, language = {English}, urldate = {2022-12-19} } Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants
AESRT ScareCrow Vohuk
2022-08-22FortinetShunichi Imano, Fred Gutierrez
@online{imano:20220822:tale:9a74924, author = {Shunichi Imano and Fred Gutierrez}, title = {{A Tale of PivNoxy and Chinoxy Puppeteer}}, date = {2022-08-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/pivnoxy-and-chinoxy-puppeteer-analysis}, language = {English}, urldate = {2022-08-28} } A Tale of PivNoxy and Chinoxy Puppeteer
Chinoxy Poison Ivy
2022-06-02FortiGuard LabsFred Gutierrez, Shunichi Imano, James Slaughter, Gergely Revay
@online{gutierrez:20220602:threat:6713237, author = {Fred Gutierrez and Shunichi Imano and James Slaughter and Gergely Revay}, title = {{Threat Actors Prey on Eager Travelers}}, date = {2022-06-02}, organization = {FortiGuard Labs}, url = {https://www.fortinet.com/blog/threat-research/threat-actors-prey-on-eager-travelers}, language = {English}, urldate = {2022-06-15} } Threat Actors Prey on Eager Travelers
AsyncRAT NetWire RC Quasar RAT
2022-06-01FortinetShunichi Imano, James Slaughter, Fred Gutierrez
@online{imano:20220601:cve202230190:e43f2d3, author = {Shunichi Imano and James Slaughter and Fred Gutierrez}, title = {{CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”}}, date = {2022-06-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/analysis-of-follina-zero-day}, language = {English}, urldate = {2022-06-07} } CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”
turian
2022-05-11FortinetFred Gutierrez
@online{gutierrez:20220511:please:f67f45c, author = {Fred Gutierrez}, title = {{Please Confirm You Received Our APT}}, date = {2022-05-11}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/please-confirm-you-received-our-apt}, language = {English}, urldate = {2022-05-17} } Please Confirm You Received Our APT
Saitama Backdoor
2022-03-28FortinetJames Slaughter, Val Saengphaibul, Fred Gutierrez
@online{slaughter:20220328:spoofed:0cd6f0e, author = {James Slaughter and Val Saengphaibul and Fred Gutierrez}, title = {{Spoofed Invoice Used to Drop IcedID}}, date = {2022-03-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spoofed-invoice-drops-iced-id}, language = {English}, urldate = {2022-03-31} } Spoofed Invoice Used to Drop IcedID
IcedID
2022-03-07FortinetJames Slaughter, Fred Gutierrez, Val Saengphaibul
@online{slaughter:20220307:fake:8999835, author = {James Slaughter and Fred Gutierrez and Val Saengphaibul}, title = {{Fake Purchase Order Used to Deliver Agent Tesla}}, date = {2022-03-07}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/fake-purchase-order-used-to-deliver-agent-tesla}, language = {English}, urldate = {2022-03-08} } Fake Purchase Order Used to Deliver Agent Tesla
Agent Tesla
2022-02-24FortinetFred Gutierrez
@online{gutierrez:20220224:nobelium:46d943e, author = {Fred Gutierrez}, title = {{Nobelium Returns to the Political World Stage}}, date = {2022-02-24}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/nobelium-returns-to-the-political-world-stage}, language = {English}, urldate = {2022-03-02} } Nobelium Returns to the Political World Stage
Cobalt Strike
2022-02-14FortinetShunichi Imano, James Slaughter, Fred Gutierrez
@online{imano:20220214:nft:eedc95b, author = {Shunichi Imano and James Slaughter and Fred Gutierrez}, title = {{NFT Lure Used to Distribute BitRAT}}, date = {2022-02-14}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/nft-lure-used-to-distribute-bitrat}, language = {English}, urldate = {2022-11-21} } NFT Lure Used to Distribute BitRAT
BitRAT
2022-01-10FortinetShunichi Imano, Fred Gutierrez
@online{imano:20220110:covid:c51ead7, author = {Shunichi Imano and Fred Gutierrez}, title = {{COVID Omicron Variant Lure Used to Distribute RedLine Stealer}}, date = {2022-01-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/omicron-variant-lure-used-to-distribute-redline-stealer}, language = {English}, urldate = {2022-01-18} } COVID Omicron Variant Lure Used to Distribute RedLine Stealer
RedLine Stealer
2021-11-11FortinetShunichi Imano, Fred Gutierrez
@online{imano:20211111:to:52e0c90, author = {Shunichi Imano and Fred Gutierrez}, title = {{To Joke or Not to Joke: COVID-22 Brings Disaster to MBR}}, date = {2021-11-11}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/to-joke-or-not-to-joke-covid-22-brings-disaster-to-mbr}, language = {English}, urldate = {2021-11-17} } To Joke or Not to Joke: COVID-22 Brings Disaster to MBR
Covid22
2021-10-28FortinetShunichi Imano, Fred Gutierrez
@online{imano:20211028:chaos:7725fa9, author = {Shunichi Imano and Fred Gutierrez}, title = {{Chaos Ransomware Variant in Fake Minecraft Alt List Brings Destruction to Japanese Gamers}}, date = {2021-10-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/chaos-ransomware-variant-in-fake-minecraft-alt-list-brings-destruction}, language = {English}, urldate = {2021-11-03} } Chaos Ransomware Variant in Fake Minecraft Alt List Brings Destruction to Japanese Gamers
Chaos
2021-09-30FortinetShunichi Imano, Fred Gutierrez
@online{imano:20210930:ranion:f6137ac, author = {Shunichi Imano and Fred Gutierrez}, title = {{Ranion Ransomware - Quiet and Persistent RaaS}}, date = {2021-09-30}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ranion-ransomware-quiet-and-persistent-raas}, language = {English}, urldate = {2021-10-24} } Ranion Ransomware - Quiet and Persistent RaaS
Ranion
2021-07-26FortninetShunichi Imano, Fred Gutierrez
@online{imano:20210726:wiper:cc926ab, author = {Shunichi Imano and Fred Gutierrez}, title = {{Wiper Malware Riding the 2021 Tokyo Olympic Games}}, date = {2021-07-26}, organization = {Fortninet}, url = {https://www.fortinet.com/blog/threat-research/wiper-malware-riding-tokyo-olympic-games}, language = {English}, urldate = {2021-08-20} } Wiper Malware Riding the 2021 Tokyo Olympic Games
VIGILANT CLEANER
2021-07-19FortinetVal Saengphaibul, Fred Gutierrez
@online{saengphaibul:20210719:signed:d9f809c, author = {Val Saengphaibul and Fred Gutierrez}, title = {{Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader}}, date = {2021-07-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/signed-sealed-and-delivered-signed-xll-file-delivers-buer-loader}, language = {English}, urldate = {2021-07-26} } Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader
Buer
2021-05-17FortinetFred Gutierrez, Gayathri Thirugnanasambandam, Val Saengphaibul
@online{gutierrez:20210517:newly:65d872f, author = {Fred Gutierrez and Gayathri Thirugnanasambandam and Val Saengphaibul}, title = {{Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions}}, date = {2021-05-17}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/newly-discovered-function-in-darkside-ransomware-variant-targets-disk-partitions}, language = {English}, urldate = {2021-05-19} } Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions
DarkSide
2021-05-03FortinetFred Gutierrez, Val Saengphaibul
@online{gutierrez:20210503:spearphishing:4dced65, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government}}, date = {2021-05-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spearphishing-attack-uses-covid-21-lure-to-target-ukrainian-government}, language = {English}, urldate = {2021-05-04} } Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government
2020-12-16FortinetFred Gutierrez, Val Saengphaibul
@online{gutierrez:20201216:adversary:3b3781a, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Adversary Playbook: JavaScript RAT Looking for that Government Cheese}}, date = {2020-12-16}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/adversary-playbook-javascript-rat-looking-for-that-government-cheese}, language = {English}, urldate = {2021-01-18} } Adversary Playbook: JavaScript RAT Looking for that Government Cheese
JSOutProx
2020-07-01FortinetBen Hunter, Fred Gutierrez
@online{hunter:20200701:ekans:46605bc, author = {Ben Hunter and Fred Gutierrez}, title = {{EKANS Ransomware Targeting OT ICS Systems}}, date = {2020-07-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ekans-ransomware-targeting-ot-ics-systems}, language = {English}, urldate = {2020-07-06} } EKANS Ransomware Targeting OT ICS Systems
Snake
2020-06-15FortinetVal Saengphaibul, Fred Gutierrez
@online{saengphaibul:20200615:global:5c4be18, author = {Val Saengphaibul and Fred Gutierrez}, title = {{Global Malicious Spam Campaign Using Black Lives Matter as a Lure}}, date = {2020-06-15}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/global-malicious-spam-campaign-using-black-lives-matter-as-a-lure}, language = {English}, urldate = {2020-06-16} } Global Malicious Spam Campaign Using Black Lives Matter as a Lure
TrickBot