Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-13Kaspersky LabsSeongsu Park, Vitaly Kamluk
@online{park:20220113:bluenoroff:a3ce5e4, author = {Seongsu Park and Vitaly Kamluk}, title = {{The BlueNoroff cryptocurrency hunt is still on}}, date = {2022-01-13}, organization = {Kaspersky Labs}, url = {https://securelist.com/the-bluenoroff-cryptocurrency-hunt-is-still-on/105488/}, language = {English}, urldate = {2022-01-17} } The BlueNoroff cryptocurrency hunt is still on
SnatchCrypto
2021-12-16Kaspersky Lab ICS CERT
@online{cert:20211216:pseudomanuscrypt:808ef18, author = {Kaspersky Lab ICS CERT}, title = {{PseudoManuscrypt: a mass-scale spyware attack campaign}}, date = {2021-12-16}, url = {https://ics-cert.kaspersky.com/reports/2021/12/16/pseudomanuscrypt-a-mass-scale-spyware-attack-campaign/}, language = {English}, urldate = {2021-12-23} } PseudoManuscrypt: a mass-scale spyware attack campaign
PseudoManuscrypt
2021-12-16KasperskyKaspersky Lab ICS CERT
@online{cert:20211216:pseudomanuscrypt:d59d94e, author = {Kaspersky Lab ICS CERT}, title = {{PseudoManuscrypt: a mass-scale spyware attack campaign}}, date = {2021-12-16}, organization = {Kaspersky}, url = {https://securelist.com/pseudomanuscrypt-a-mass-scale-spyware-attack-campaign/105286/}, language = {English}, urldate = {2021-12-23} } PseudoManuscrypt: a mass-scale spyware attack campaign
2021-12-14Kaspersky LabsPaul Rascagnères, Pierre Delcher
@online{rascagnres:20211214:owowa:4a26756, author = {Paul Rascagnères and Pierre Delcher}, title = {{Owowa: the add-on that turns your OWA into a credential stealer and remote access panel}}, date = {2021-12-14}, organization = {Kaspersky Labs}, url = {https://securelist.com/owowa-credential-stealer-and-remote-access/105219/}, language = {English}, urldate = {2021-12-17} } Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa
2021-11-29KasperskyMaher Yamout
@online{yamout:20211129:wirtes:5a00fe4, author = {Maher Yamout}, title = {{WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019}}, date = {2021-11-29}, organization = {Kaspersky}, url = {https://securelist.com/wirtes-campaign-in-the-middle-east-living-off-the-land-since-at-least-2019/105044/}, language = {English}, urldate = {2021-12-07} } WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
2021-11-29KasperskyGReAT
@online{great:20211129:scarcruft:986e7f4, author = {GReAT}, title = {{ScarCruft surveilling North Korean defectors and human rights activists}}, date = {2021-11-29}, organization = {Kaspersky}, url = {https://securelist.com/scarcruft-surveilling-north-korean-defectors-and-human-rights-activists/105074/}, language = {English}, urldate = {2021-12-07} } ScarCruft surveilling North Korean defectors and human rights activists
Chinotto Chinotto PoorWeb
2021-10-27KasperskyIvan Kwiatkowski
@online{kwiatkowski:20211027:extracting:14de2bc, author = {Ivan Kwiatkowski}, title = {{Extracting type information from Go binaries}}, date = {2021-10-27}, organization = {Kaspersky}, url = {https://securelist.com/extracting-type-information-from-go-binaries/104715/}, language = {English}, urldate = {2021-11-03} } Extracting type information from Go binaries
GoldMax
2021-10-26KasperskyGReAT
@online{great:20211026:trends:d8feedd, author = {GReAT}, title = {{APT trends report Q3 2021}}, date = {2021-10-26}, organization = {Kaspersky}, url = {https://securelist.com/apt-trends-report-q3-2021/104708/}, language = {English}, urldate = {2021-11-03} } APT trends report Q3 2021
2021-10-26KasperskyKaspersky Lab ICS CERT
@techreport{cert:20211026:attacks:6f30d0f, author = {Kaspersky Lab ICS CERT}, title = {{APT attacks on industrial organizations in H1 2021}}, date = {2021-10-26}, institution = {Kaspersky}, url = {https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-APT-attacks-on-industrial-organizations-in-H1-2021-En.pdf}, language = {English}, urldate = {2021-11-08} } APT attacks on industrial organizations in H1 2021
8.t Dropper AllaKore AsyncRAT GoldMax LimeRAT NjRAT NoxPlayer Raindrop ReverseRAT ShadowPad Zebrocy
2021-10-20KasperskyRuslan Sabitov
@online{sabitov:20211020:russianspeaking:8847092, author = {Ruslan Sabitov}, title = {{Russian-speaking cybercrime evolution: What changed from 2016 to 2021}}, date = {2021-10-20}, organization = {Kaspersky}, url = {https://securelist.com/russian-speaking-cybercrime-evolution-2016-2021/104656/}, language = {English}, urldate = {2021-10-26} } Russian-speaking cybercrime evolution: What changed from 2016 to 2021
2021-10-19KasperskyOleg Kupreev
@online{kupreev:20211019:trickbot:f7cfc04, author = {Oleg Kupreev}, title = {{Trickbot module descriptions}}, date = {2021-10-19}, organization = {Kaspersky}, url = {https://securelist.com/trickbot-module-descriptions/104603/}, language = {English}, urldate = {2021-10-24} } Trickbot module descriptions
TrickBot
2021-10-07KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères
@techreport{kayal:20211007:lyceum:395a41f, author = {Aseel Kayal and Mark Lechtik and Paul Rascagnères}, title = {{LYCEUM Reborn: Counterintelligence in the Middle East}}, date = {2021-10-07}, institution = {Kaspersky}, url = {https://vblocalhost.com/uploads/VB2021-Kayal-etal.pdf}, language = {English}, urldate = {2021-10-25} } LYCEUM Reborn: Counterintelligence in the Middle East
danbot
2021-10-07KasperskyFedor Sinitsyn, Yanis Zinchenko
@online{sinitsyn:20211007:ransomware:b5e74a3, author = {Fedor Sinitsyn and Yanis Zinchenko}, title = {{Ransomware in the CIS}}, date = {2021-10-07}, organization = {Kaspersky}, url = {https://securelist.com/cis-ransomware/104452/}, language = {English}, urldate = {2021-10-11} } Ransomware in the CIS
Cryakl Dharma Hakbit Phobos Void
2021-09-30KasperskyMark Lechtik, Aseel Kayal, Paul Rascagnères, Vasily Berdnikov
@online{lechtik:20210930:ghostemperor:f7bdb63, author = {Mark Lechtik and Aseel Kayal and Paul Rascagnères and Vasily Berdnikov}, title = {{GhostEmperor: From ProxyLogon to kernel mode}}, date = {2021-09-30}, organization = {Kaspersky}, url = {https://securelist.com/ghostemperor-from-proxylogon-to-kernel-mode/104407/}, language = {English}, urldate = {2021-10-05} } GhostEmperor: From ProxyLogon to kernel mode
GhostEmperor
2021-09-29Kaspersky LabsIvan Kwiatkowski, Pierre Delcher
@online{kwiatkowski:20210929:darkhalo:d81f7d2, author = {Ivan Kwiatkowski and Pierre Delcher}, title = {{DarkHalo after SolarWinds: the Tomiris connection (UNC2849)}}, date = {2021-09-29}, organization = {Kaspersky Labs}, url = {https://securelist.com/darkhalo-after-solarwinds-the-tomiris-connection/104311/}, language = {English}, urldate = {2021-11-30} } DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris
2021-09-28Kaspersky LabsGReAT
@online{great:20210928:finspy:52097c8, author = {GReAT}, title = {{FinSpy: unseen findings}}, date = {2021-09-28}, organization = {Kaspersky Labs}, url = {https://securelist.com/finspy-unseen-findings/104322/}, language = {English}, urldate = {2021-10-08} } FinSpy: unseen findings
FinFisher FinFisher FinFisher FinFisher RAT
2021-09-27KasperskyLeonid Bezvershenko, Marc Rivero López, Dmitry Galov
@online{bezvershenko:20210927:bloodystealer:5944099, author = {Leonid Bezvershenko and Marc Rivero López and Dmitry Galov}, title = {{BloodyStealer and gaming assets for sale}}, date = {2021-09-27}, organization = {Kaspersky}, url = {https://securelist.com/bloodystealer-and-gaming-assets-for-sale/104319/}, language = {English}, urldate = {2021-10-05} } BloodyStealer and gaming assets for sale
BloodyStealer
2021-09-16KasperskyAMR
@online{amr:20210916:exploitation:f015aee, author = {AMR}, title = {{Exploitation of the CVE-2021-40444 vulnerability in MSHTML}}, date = {2021-09-16}, organization = {Kaspersky}, url = {https://securelist.com/exploitation-of-the-cve-2021-40444-vulnerability-in-mshtml/104218/}, language = {English}, urldate = {2021-09-19} } Exploitation of the CVE-2021-40444 vulnerability in MSHTML
2021-09-02KasperskyAnton Kuzmenko, Oleg Kupreev, Haim Zigel
@online{kuzmenko:20210902:qakbot:219d23c, author = {Anton Kuzmenko and Oleg Kupreev and Haim Zigel}, title = {{QakBot Technical Analysis}}, date = {2021-09-02}, organization = {Kaspersky}, url = {https://securelist.com/qakbot-technical-analysis/103931/}, language = {English}, urldate = {2021-09-06} } QakBot Technical Analysis
QakBot
2021-08-24KasperskyIgor Golovin
@online{golovin:20210824:triada:9c97294, author = {Igor Golovin}, title = {{Triada Trojan in WhatsApp MOD}}, date = {2021-08-24}, organization = {Kaspersky}, url = {https://securelist.com/triada-trojan-in-whatsapp-mod/103679/}, language = {English}, urldate = {2021-08-25} } Triada Trojan in WhatsApp MOD
Triada