Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-10KasperskyPierre Delcher, Giampaolo Dedola
@online{delcher:20220810:vilerat:a47ce21, author = {Pierre Delcher and Giampaolo Dedola}, title = {{VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges}}, date = {2022-08-10}, organization = {Kaspersky}, url = {https://securelist.com/vilerat-deathstalkers-continuous-strike/107075/}, language = {English}, urldate = {2022-08-12} } VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges
2022-08-09KasperskyKurt Baumgartner, Seongsu Park
@online{baumgartner:20220809:andariel:89d6b24, author = {Kurt Baumgartner and Seongsu Park}, title = {{Andariel deploys DTrack and Maui ransomware}}, date = {2022-08-09}, organization = {Kaspersky}, url = {https://securelist.com/andariel-deploys-dtrack-and-maui-ransomware/107063/}, language = {English}, urldate = {2022-08-11} } Andariel deploys DTrack and Maui ransomware
Dtrack Maui Ransomware
2022-08-08KasperskyKaspersky Lab ICS CERT
@techreport{cert:20220808:targeted:61c5617, author = {Kaspersky Lab ICS CERT}, title = {{Targeted attack on industrial enterprises and public institutions}}, date = {2022-08-08}, institution = {Kaspersky}, url = {https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-Targeted-attack-on-industrial-enterprises-and-public-institutions-En.pdf}, language = {English}, urldate = {2022-08-11} } Targeted attack on industrial enterprises and public institutions
Cotx RAT Logtu nccTrojan PortDoor
2022-07-25KasperskyGReAT
@online{great:20220725:cosmicstrand:c1e791b, author = {GReAT}, title = {{CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit}}, date = {2022-07-25}, organization = {Kaspersky}, url = {https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/}, language = {English}, urldate = {2022-07-25} } CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
2022-07-20KasperskyMarc Rivero López, Jornt van der Wiel, Dmitry Galov, Sergey Lozhkin
@online{lpez:20220720:luna:176a613, author = {Marc Rivero López and Jornt van der Wiel and Dmitry Galov and Sergey Lozhkin}, title = {{Luna and Black Basta — new ransomware for Windows, Linux and ESXi}}, date = {2022-07-20}, organization = {Kaspersky}, url = {https://securelist.com/luna-black-basta-ransomware/106950}, language = {English}, urldate = {2022-07-25} } Luna and Black Basta — new ransomware for Windows, Linux and ESXi
Black Basta Conti
2022-06-30KasperskyPierre Delcher
@online{delcher:20220630:sessionmanager:f171df2, author = {Pierre Delcher}, title = {{The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact}}, date = {2022-06-30}, organization = {Kaspersky}, url = {https://securelist.com/the-sessionmanager-iis-backdoor/106868/}, language = {English}, urldate = {2022-07-05} } The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
MimiKatz Owlproxy SessionManager
2022-06-27Kaspersky ICS CERTArtem Snegirev, Kirill Kruglov
@online{snegirev:20220627:attacks:100c151, author = {Artem Snegirev and Kirill Kruglov}, title = {{Attacks on industrial control systems using ShadowPad}}, date = {2022-06-27}, organization = {Kaspersky ICS CERT}, url = {https://ics-cert.kaspersky.com/publications/reports/2022/06/27/attacks-on-industrial-control-systems-using-shadowpad/}, language = {English}, urldate = {2022-06-29} } Attacks on industrial control systems using ShadowPad
Cobalt Strike PlugX ShadowPad
2022-06-23KasperskyNikita Nazarov, Vasily Davydov, Natalya Shornikova, Vladislav Burtsev, Danila Nasonov
@online{nazarov:20220623:hateful:9c6bf9a, author = {Nikita Nazarov and Vasily Davydov and Natalya Shornikova and Vladislav Burtsev and Danila Nasonov}, title = {{The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form)}}, date = {2022-06-23}, organization = {Kaspersky}, url = {https://securelist.com/modern-ransomware-groups-ttps/106824/}, language = {English}, urldate = {2022-06-27} } The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form)
BlackByte BlackCat Clop Conti Hive LockBit Mespinoza RagnarLocker
2022-06-23KasperskyNikita Nazarov, Vasily Davydov, Natalya Shornikova, Vladislav Burtsev, Danila Nasonov
@techreport{nazarov:20220623:hateful:bae0681, author = {Nikita Nazarov and Vasily Davydov and Natalya Shornikova and Vladislav Burtsev and Danila Nasonov}, title = {{The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs}}, date = {2022-06-23}, institution = {Kaspersky}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/06/23093553/Common-TTPs-of-the-modern-ransomware_low-res.pdf}, language = {English}, urldate = {2022-06-27} } The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok
2022-06-21KasperskyGiampaolo Dedola
@online{dedola:20220621:toddycat:20bf8db, author = {Giampaolo Dedola}, title = {{APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia}}, date = {2022-06-21}, organization = {Kaspersky}, url = {https://securelist.com/toddycat/106799/}, language = {English}, urldate = {2022-06-22} } APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
ToddyCat
2022-06-02Kaspersky LabsGReAT
@online{great:20220602:windealer:a54c8c9, author = {GReAT}, title = {{WinDealer dealing on the side}}, date = {2022-06-02}, organization = {Kaspersky Labs}, url = {https://securelist.com/windealer-dealing-on-the-side/105946}, language = {English}, urldate = {2022-07-25} } WinDealer dealing on the side
WinDealer Red Nue
2022-06-02Kaspersky LabsGReAT
@online{great:20220602:windealer:04ad2d0, author = {GReAT}, title = {{WinDealer dealing on the side}}, date = {2022-06-02}, organization = {Kaspersky Labs}, url = {https://securelist.com/windealer-dealing-on-the-side/105946/}, language = {English}, urldate = {2022-06-04} } WinDealer dealing on the side
WinDealer
2022-05-16KasperskyRoman Dedenok
@online{dedenok:20220516:html:b44d1c9, author = {Roman Dedenok}, title = {{HTML attachments in phishing e-mails}}, date = {2022-05-16}, organization = {Kaspersky}, url = {https://securelist.com/html-attachments-in-phishing-e-mails/106481/}, language = {English}, urldate = {2022-05-17} } HTML attachments in phishing e-mails
2022-05-11KasperskyGReAT
@online{great:20220511:new:a56bc90, author = {GReAT}, title = {{New ransomware trends in 2022}}, date = {2022-05-11}, organization = {Kaspersky}, url = {https://securelist.com/new-ransomware-trends-in-2022/106457/}, language = {English}, urldate = {2022-05-17} } New ransomware trends in 2022
BlackCat Conti DEADBOLT DoubleZero LockBit PartyTicket StealBit
2022-05-06KasperskyIgor Golovin
@online{golovin:20220506:mobile:a4d0859, author = {Igor Golovin}, title = {{Mobile subscription Trojans and their little tricks}}, date = {2022-05-06}, organization = {Kaspersky}, url = {https://securelist.com/mobile-subscription-trojans-and-their-tricks/106412/}, language = {English}, urldate = {2022-05-08} } Mobile subscription Trojans and their little tricks
2022-05-05Youtube (Kaspersky)Denis Legezo
@online{legezo:20220505:new:2825dcc, author = {Denis Legezo}, title = {{New secret stash for "fileless" malware}}, date = {2022-05-05}, organization = {Youtube (Kaspersky)}, url = {https://www.youtube.com/watch?v=FT5hVGaR0YI}, language = {English}, urldate = {2022-05-25} } New secret stash for "fileless" malware
2022-05-04KasperskyDenis Legezo
@online{legezo:20220504:new:02f705f, author = {Denis Legezo}, title = {{A new secret stash for “fileless” malware}}, date = {2022-05-04}, organization = {Kaspersky}, url = {https://securelist.com/a-new-secret-stash-for-fileless-malware/106393/}, language = {English}, urldate = {2022-05-09} } A new secret stash for “fileless” malware
Cobalt Strike
2022-04-18KasperskyAMR
@online{amr:20220418:how:6783da1, author = {AMR}, title = {{How to recover files encrypted by Yanlouwang}}, date = {2022-04-18}, organization = {Kaspersky}, url = {https://securelist.com/how-to-recover-files-encrypted-by-yanlouwang/106332/}, language = {English}, urldate = {2022-04-20} } How to recover files encrypted by Yanlouwang
Yanluowang
2022-04-13KasperskyAMR
@online{amr:20220413:emotet:113c0db, author = {AMR}, title = {{Emotet modules and recent attacks}}, date = {2022-04-13}, organization = {Kaspersky}, url = {https://securelist.com/emotet-modules-and-recent-attacks/106290/}, language = {English}, urldate = {2022-04-15} } Emotet modules and recent attacks
Emotet
2022-04-12KasperskyKaspersky
@online{kaspersky:20220412:state:9e364f8, author = {Kaspersky}, title = {{The State of Stalkerware in 2021}}, date = {2022-04-12}, organization = {Kaspersky}, url = {https://securelist.com/the-state-of-stalkerware-in-2021/106193/}, language = {English}, urldate = {2022-05-04} } The State of Stalkerware in 2021
Cerberus