Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-19CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220119:technical:8a81c7e, author = {CrowdStrike Intelligence Team}, title = {{Technical Analysis of the WhisperGate Malicious Bootloader}}, date = {2022-01-19}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/technical-analysis-of-whispergate-malware/}, language = {English}, urldate = {2022-01-20} } Technical Analysis of the WhisperGate Malicious Bootloader
WhisperGate
2022-01-15MicrosoftMicrosoft, Microsoft Security Intelligence, Microsoft Digital Security Unit (DSU), Microsoft Detection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team
@online{microsoft:20220115:destructive:77ac2f5, author = {Microsoft and Microsoft Security Intelligence and Microsoft Digital Security Unit (DSU) and Microsoft Detection and Response Team (DART) and Microsoft 365 Defender Threat Intelligence Team}, title = {{Destructive malware targeting Ukrainian organizations (DEV-0586)}}, date = {2022-01-15}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/}, language = {English}, urldate = {2022-01-18} } Destructive malware targeting Ukrainian organizations (DEV-0586)
WhisperGate
2021-12-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211216:threat:c968a64, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Warzone RAT Breeds a Litter of ScriptKiddies}}, date = {2021-12-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/12/threat-thursday-warzone-rat-breeds-a-litter-of-scriptkiddies}, language = {English}, urldate = {2021-12-17} } Threat Thursday: Warzone RAT Breeds a Litter of ScriptKiddies
Ave Maria
2021-12-10CrowdStrikeCrowdStrike Intelligence Team
@online{team:20211210:log4j2:cd1787f, author = {CrowdStrike Intelligence Team}, title = {{Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)}}, date = {2021-12-10}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/log4j2-vulnerability-analysis-and-mitigation-recommendations/}, language = {English}, urldate = {2022-01-05} } Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)
2021-12-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20211209:closer:bace4ec, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{A closer look at Qakbot’s latest building blocks (and how to knock them down)}}, date = {2021-12-09}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/12/09/a-closer-look-at-qakbots-latest-building-blocks-and-how-to-knock-them-down/}, language = {English}, urldate = {2021-12-13} } A closer look at Qakbot’s latest building blocks (and how to knock them down)
QakBot
2021-12-02MalwarebytesHossein Jazi, Threat Intelligence Team
@online{jazi:20211202:sidecopy:9e7363c, author = {Hossein Jazi and Threat Intelligence Team}, title = {{SideCopy APT: Connecting lures to victims, payloads to infrastructure}}, date = {2021-12-02}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure/}, language = {English}, urldate = {2021-12-06} } SideCopy APT: Connecting lures to victims, payloads to infrastructure
SideCopy
2021-11-18BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211118:threat:7fd07f8, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks}}, date = {2021-11-18}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-danabot-malware-as-a-service}, language = {English}, urldate = {2021-11-25} } Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks
DanaBot
2021-11-16MalwarebytesMalwarebytes Threat Intelligence Team
@online{team:20211116:trickbot:b624694, author = {Malwarebytes Threat Intelligence Team}, title = {{TrickBot helps Emotet come back from the dead}}, date = {2021-11-16}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2021/11/trickbot-helps-emotet-come-back-from-the-dead/}, language = {English}, urldate = {2021-11-17} } TrickBot helps Emotet come back from the dead
Emotet TrickBot
2021-11-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20211111:html:410a27f, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks}}, date = {2021-11-11}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/11/11/html-smuggling-surges-highly-evasive-loader-technique-increasingly-used-in-banking-malware-targeted-attacks/}, language = {English}, urldate = {2021-11-12} } HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT
2021-11-11BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211111:threat:7b2544e, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts}}, date = {2021-11-11}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-squirrelwaffle-loader}, language = {English}, urldate = {2021-11-17} } Threat Thursday: SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts
Squirrelwaffle
2021-11-10SekoiaCyber Threat Intelligence team
@online{team:20211110:walking:cc41f24, author = {Cyber Threat Intelligence team}, title = {{Walking on APT31 infrastructure footprints}}, date = {2021-11-10}, organization = {Sekoia}, url = {https://www.sekoia.io/en/walking-on-apt31-infrastructure-footprints/}, language = {English}, urldate = {2021-11-11} } Walking on APT31 infrastructure footprints
Rekoobe Unidentified ELF 004 Cobalt Strike
2021-11-05BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211105:hunter:3c7bab9, author = {The BlackBerry Research & Intelligence Team}, title = {{Hunter Becomes Hunted: Zebra2104 Hides a Herd of Malware}}, date = {2021-11-05}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/zebra2104}, language = {English}, urldate = {2021-11-08} } Hunter Becomes Hunted: Zebra2104 Hides a Herd of Malware
Cobalt Strike DoppelDridex Mount Locker Phobos StrongPity
2021-11-04BlackberryBlackBerry Research & Intelligence Team
@online{team:20211104:threat:41a70b2, author = {BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Karma Ransomware}}, date = {2021-11-04}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-karma-ransomware}, language = {English}, urldate = {2021-11-08} } Threat Thursday: Karma Ransomware
karma
2021-10-21MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20211021:frankenphish:0b9f2e9, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{Franken-phish: TodayZoo built from other phishing kits}}, date = {2021-10-21}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/10/21/franken-phish-todayzoo-built-from-other-phishing-kits/}, language = {English}, urldate = {2021-10-26} } Franken-phish: TodayZoo built from other phishing kits
2021-10-12CrowdStrikeCrowdStrike Intelligence Team
@online{team:20211012:ecx:5540ee9, author = {CrowdStrike Intelligence Team}, title = {{ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity}}, date = {2021-10-12}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/big-game-hunting-on-the-rise-again-according-to-ecrime-index/}, language = {English}, urldate = {2021-11-02} } ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity
Babuk BlackMatter DarkSide REvil Avaddon Babuk BlackMatter DarkSide LockBit Mailto REvil
2021-10-07BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211007:threat:f124dbd, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: BluStealer Infostealer}}, date = {2021-10-07}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/10/threat-thursday-blustealer-infostealer}, language = {English}, urldate = {2021-10-11} } Threat Thursday: BluStealer Infostealer
BluStealer
2021-10-05BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211005:drawing:e53477d, author = {The BlackBerry Research & Intelligence Team}, title = {{Drawing a Dragon: Connecting the Dots to Find APT41}}, date = {2021-10-05}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/10/drawing-a-dragon-connecting-the-dots-to-find-apt41}, language = {English}, urldate = {2021-10-11} } Drawing a Dragon: Connecting the Dots to Find APT41
Cobalt Strike Ghost RAT
2021-09-30BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20210930:threat:d31cc55, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: xLoader Infostealer}}, date = {2021-09-30}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/09/threat-thursday-xloader-infostealer}, language = {English}, urldate = {2021-10-11} } Threat Thursday: xLoader Infostealer
Xloader Formbook
2021-09-23BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20210923:threat:e44c44f, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: BlackMatter RaaS - Darker Than DarkSide?}}, date = {2021-09-23}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/09/threat-thursday-blackmatter-ransomware-as-a-service}, language = {English}, urldate = {2021-10-11} } Threat Thursday: BlackMatter RaaS - Darker Than DarkSide?
BlackMatter DarkSide BlackMatter DarkSide
2021-09-21MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20210921:catching:4621a10, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{Catching the big fish: Analyzing a large-scale phishing-as-a-service operation}}, date = {2021-09-21}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/09/21/catching-the-big-fish-analyzing-a-large-scale-phishing-as-a-service-operation/}, language = {English}, urldate = {2021-09-22} } Catching the big fish: Analyzing a large-scale phishing-as-a-service operation