Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-23BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221023:unattributed:b83a409, author = {The BlackBerry Research & Intelligence Team}, title = {{Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries}}, date = {2022-10-23}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/unattributed-romcom-threat-actor-spoofing-popular-apps-now-hits-ukrainian-militaries}, language = {English}, urldate = {2022-10-30} } Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries
ROMCOM RAT
2022-10-13BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221013:bianlian:76ad15a, author = {The BlackBerry Research & Intelligence Team}, title = {{BianLian Ransomware Encrypts Files in the Blink of an Eye}}, date = {2022-10-13}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/bianlian-ransomware-encrypts-files-in-the-blink-of-an-eye}, language = {English}, urldate = {2022-10-24} } BianLian Ransomware Encrypts Files in the Blink of an Eye
BianLian
2022-10-06BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221006:mustang:a7e981c, author = {The BlackBerry Research & Intelligence Team}, title = {{Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims}}, date = {2022-10-06}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/mustang-panda-abuses-legitimate-apps-to-target-myanmar-based-victims}, language = {English}, urldate = {2022-10-24} } Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims
PlugX
2022-08-31Intel 471Intel 471 Malware Intelligence team
@online{team:20220831:ermac:09848eb, author = {Intel 471 Malware Intelligence team}, title = {{ERMAC 2.0: Perfecting the Account Takeover}}, date = {2022-08-31}, organization = {Intel 471}, url = {https://intel471.com/blog/rmac-2-0-perfecting-the-art-of-account-takeover}, language = {English}, urldate = {2022-09-01} } ERMAC 2.0: Perfecting the Account Takeover
ERMAC
2022-08-25MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Microsoft 365 Defender Research Team, Microsoft 365 Defender Threat Intelligence Team
@online{mstic:20220825:mercury:a02a670, author = {Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team and Microsoft 365 Defender Threat Intelligence Team}, title = {{MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations}}, date = {2022-08-25}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/08/25/mercury-leveraging-log4j-2-vulnerabilities-in-unpatched-systems-to-target-israeli-organizations}, language = {English}, urldate = {2022-08-30} } MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
MimiKatz
2022-08-18BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220818:luca:4650d1f, author = {The BlackBerry Research & Intelligence Team}, title = {{Luca Stealer Targets Password Managers and Cryptocurrency Wallets}}, date = {2022-08-18}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/08/luca-stealer-targets-password-managers-and-cryptocurrency-wallets}, language = {English}, urldate = {2022-08-22} } Luca Stealer Targets Password Managers and Cryptocurrency Wallets
Luca Stealer
2022-08-15MalwarebytesThreat Intelligence Team
@online{team:20220815:threat:791daf7, author = {Threat Intelligence Team}, title = {{Threat Intelligence - JSSLoader: the shellcode edition}}, date = {2022-08-15}, organization = {Malwarebytes}, url = {https://malwarebytes.app.box.com/s/ym6r7o5hq0rx2nxjbctfv2sw5vx386ni}, language = {English}, urldate = {2022-08-19} } Threat Intelligence - JSSLoader: the shellcode edition
JSSLoader
2022-08-15MalwarebytesThreat Intelligence Team
@online{team:20220815:jssloader:8dde76b, author = {Threat Intelligence Team}, title = {{JSSLoader: the shellcode edition}}, date = {2022-08-15}, organization = {Malwarebytes}, url = {https://www.malwarebytes.com/blog/threat-intelligence/2022/08/jssloader-the-shellcode-edition}, language = {English}, urldate = {2022-08-19} } JSSLoader: the shellcode edition
JSSLoader
2022-08-04BlackberryBlackBerry Research & Intelligence Team
@online{team:20220804:north:395b87f, author = {BlackBerry Research & Intelligence Team}, title = {{North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics}}, date = {2022-08-04}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/08/h0lygh0st-ransomware}, language = {English}, urldate = {2022-08-22} } North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics
SiennaBlue SiennaPurple
2022-07-29BlackberryBlackBerry Research & Intelligence Team
@online{team:20220729:smokeloader:628912d, author = {BlackBerry Research & Intelligence Team}, title = {{SmokeLoader Malware Used to Augment Amadey Infostealer}}, date = {2022-07-29}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/07/smokeloader-malware-used-to-augment-amadey-infostealer}, language = {English}, urldate = {2022-08-22} } SmokeLoader Malware Used to Augment Amadey Infostealer
Amadey SmokeLoader
2022-07-20MalwarebytesThreat Intelligence Team
@online{team:20220720:google:562a515, author = {Threat Intelligence Team}, title = {{Google Ads Lead to Major Malvertising Campaign}}, date = {2022-07-20}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/07/google-ads-lead-to-major-malvertising-campaign}, language = {English}, urldate = {2022-07-25} } Google Ads Lead to Major Malvertising Campaign
2022-07-14BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220714:gootloader:5b31240, author = {The BlackBerry Research & Intelligence Team}, title = {{GootLoader, From SEO Poisoning to Multi-Stage Downloader}}, date = {2022-07-14}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/07/gootloader-from-seo-poisoning-to-multi-stage-downloader}, language = {English}, urldate = {2022-07-18} } GootLoader, From SEO Poisoning to Multi-Stage Downloader
GootLoader
2022-06-30BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220630:threat:555a16b, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware}}, date = {2022-06-30}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-thursday-china-based-apt-plays-auto-updater-card-to-deliver-windealer-malware}, language = {English}, urldate = {2022-07-18} } Threat Thursday: China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware
WinDealer Red Nue
2022-06-27BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220627:threat:57f2bf9, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Spotlight: Eternity Project MaaS Goes On and On}}, date = {2022-06-27}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-spotlight-eternity-project-maas-goes-on-and-on}, language = {English}, urldate = {2022-07-18} } Threat Spotlight: Eternity Project MaaS Goes On and On
Eternity Stealer
2022-06-21Malwarebytes LabsThreat Intelligence Team
@online{team:20220621:russias:a934a10, author = {Threat Intelligence Team}, title = {{Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine}}, date = {2022-06-21}, organization = {Malwarebytes Labs}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/06/russias-apt28-uses-fear-of-nuclear-war-to-spread-follina-docs-in-ukraine/}, language = {English}, urldate = {2022-06-22} } Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine
2022-06-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220616:threat:1ef26f6, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Unique Delivery Method for Snake Keylogger}}, date = {2022-06-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-thursday-unique-delivery-method-for-snake-keylogger}, language = {English}, urldate = {2022-07-18} } Threat Thursday: Unique Delivery Method for Snake Keylogger
404 Keylogger
2022-06-13MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20220613:many:7681eda, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{The many lives of BlackCat ransomware}}, date = {2022-06-13}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/06/13/the-many-lives-of-blackcat-ransomware/}, language = {English}, urldate = {2022-06-15} } The many lives of BlackCat ransomware
BlackCat
2022-06-09BlackberryJoakim Kennedy, The BlackBerry Research & Intelligence Team
@online{kennedy:20220609:symbiote:fcc031b, author = {Joakim Kennedy and The BlackBerry Research & Intelligence Team}, title = {{Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat}}, date = {2022-06-09}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat}, language = {English}, urldate = {2022-06-09} } Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Symbiote
2022-06-08Malwarebytes LabsThreat Intelligence Team
@online{team:20220608:makemoney:a8f6163, author = {Threat Intelligence Team}, title = {{MakeMoney malvertising campaign adds fake update template}}, date = {2022-06-08}, organization = {Malwarebytes Labs}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/06/makemoney-malvertising-campaign-adds-fake-update-template/}, language = {English}, urldate = {2022-06-15} } MakeMoney malvertising campaign adds fake update template
FAKEUPDATES
2022-06-03Avast DecodedThreat Intelligence Team
@online{team:20220603:outbreak:f121601, author = {Threat Intelligence Team}, title = {{Outbreak of Follina in Australia}}, date = {2022-06-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia}, language = {English}, urldate = {2022-08-30} } Outbreak of Follina in Australia
AsyncRAT APT40