Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-15Kaspersky LabsKonstantin Zykov, Jornt van der Wiel
@online{zykov:20221115:dtrack:9f8ed2a, author = {Konstantin Zykov and Jornt van der Wiel}, title = {{DTrack activity targeting Europe and Latin America}}, date = {2022-11-15}, organization = {Kaspersky Labs}, url = {https://securelist.com/dtrack-targeting-europe-latin-america/107798/}, language = {English}, urldate = {2022-11-18} } DTrack activity targeting Europe and Latin America
Dtrack
2022-10-17KasperskyKurt Baumgartner, Georgy Kucherin
@online{baumgartner:20221017:diceyf:8aa2bed, author = {Kurt Baumgartner and Georgy Kucherin}, title = {{DiceyF deploys GamePlayerFramework in online casino development studio}}, date = {2022-10-17}, organization = {Kaspersky}, url = {https://securelist.com/diceyf-deploys-gameplayerframework-in-online-casino-development-studio/107723/}, language = {English}, urldate = {2022-10-25} } DiceyF deploys GamePlayerFramework in online casino development studio
GamePlayerFramework
2022-10-03Kaspersky LabsGReAT
@online{great:20221003:defttorero:da8a03c, author = {GReAT}, title = {{DeftTorero: tactics, techniques and procedures of intrusions revealed}}, date = {2022-10-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/defttorero-tactics-techniques-and-procedures/107610/}, language = {English}, urldate = {2022-10-07} } DeftTorero: tactics, techniques and procedures of intrusions revealed
Nightrunner Tunna ASPXSpy LaZagne ExplosiveRAT reGeorg Volatile Cedar
2022-09-28KasperskyGReAT
@online{great:20220928:prilex:63ddfb7, author = {GReAT}, title = {{Prilex: the pricey prickle credit card complex}}, date = {2022-09-28}, organization = {Kaspersky}, url = {https://securelist.com/prilex-atm-pos-malware-evolution/107551/}, language = {English}, urldate = {2022-09-30} } Prilex: the pricey prickle credit card complex
2022-09-26KasperskyHaim Zigel, Oleg Kupreev, Artem Ushkov
@online{zigel:20220926:nullmixer:c623b01, author = {Haim Zigel and Oleg Kupreev and Artem Ushkov}, title = {{NullMixer: oodles of Trojans in a single dropper}}, date = {2022-09-26}, organization = {Kaspersky}, url = {https://securelist.com/nullmixer-oodles-of-trojans-in-a-single-dropper/107498/}, language = {English}, urldate = {2022-10-05} } NullMixer: oodles of Trojans in a single dropper
ColdStealer DanaBot GCleaner PrivateLoader PseudoManuscrypt RedLine Stealer SmokeLoader Vidar
2022-09-23KasperskyRoman Dedenok, Artem Ushkov
@online{dedenok:20220923:mass:217302e, author = {Roman Dedenok and Artem Ushkov}, title = {{Mass email campaign with a pinch of targeted spam}}, date = {2022-09-23}, organization = {Kaspersky}, url = {https://securelist.com/agent-tesla-malicious-spam-campaign/107478/}, language = {English}, urldate = {2022-09-27} } Mass email campaign with a pinch of targeted spam
Agent Tesla
2022-09-15KasperskyOleg Kupreev
@online{kupreev:20220915:selfspreading:a51b997, author = {Oleg Kupreev}, title = {{Self-spreading stealer attacks gamers via YouTube}}, date = {2022-09-15}, organization = {Kaspersky}, url = {https://securelist.com/self-spreading-stealer-attacks-gamers-via-youtube/107407/}, language = {English}, urldate = {2022-09-16} } Self-spreading stealer attacks gamers via YouTube
RedLine Stealer
2022-08-25KasperskySeongsu Park
@online{park:20220825:kimsukys:8ae4c1f, author = {Seongsu Park}, title = {{Kimsuky’s GoldDragon cluster and its C2 operations}}, date = {2022-08-25}, organization = {Kaspersky}, url = {https://securelist.com/kimsukys-golddragon-cluster-and-its-c2-operations/107258/}, language = {English}, urldate = {2022-08-28} } Kimsuky’s GoldDragon cluster and its C2 operations
2022-08-16KasperskyLeonid Bezvershenko, Igor Kuznetsov
@online{bezvershenko:20220816:two:89002d5, author = {Leonid Bezvershenko and Igor Kuznetsov}, title = {{Two more malicious Python packages in the PyPI}}, date = {2022-08-16}, organization = {Kaspersky}, url = {https://securelist.com/two-more-malicious-python-packages-in-the-pypi/107218/}, language = {English}, urldate = {2022-08-28} } Two more malicious Python packages in the PyPI
W4SP Stealer
2022-08-16KasperskyKaspersky
@online{kaspersky:20220816:threat:80d718e, author = {Kaspersky}, title = {{Threat in your browser: what dangers innocent-looking extensions hold for users}}, date = {2022-08-16}, organization = {Kaspersky}, url = {https://securelist.com/threat-in-your-browser-extensions/107181}, language = {English}, urldate = {2022-08-17} } Threat in your browser: what dangers innocent-looking extensions hold for users
DealPly
2022-08-10KasperskyPierre Delcher, Giampaolo Dedola
@online{delcher:20220810:vilerat:a47ce21, author = {Pierre Delcher and Giampaolo Dedola}, title = {{VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges}}, date = {2022-08-10}, organization = {Kaspersky}, url = {https://securelist.com/vilerat-deathstalkers-continuous-strike/107075/}, language = {English}, urldate = {2022-08-12} } VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges
2022-08-09KasperskyKurt Baumgartner, Seongsu Park
@online{baumgartner:20220809:andariel:89d6b24, author = {Kurt Baumgartner and Seongsu Park}, title = {{Andariel deploys DTrack and Maui ransomware}}, date = {2022-08-09}, organization = {Kaspersky}, url = {https://securelist.com/andariel-deploys-dtrack-and-maui-ransomware/107063/}, language = {English}, urldate = {2022-08-11} } Andariel deploys DTrack and Maui ransomware
Dtrack Maui Ransomware
2022-08-08KasperskyKaspersky Lab ICS CERT
@techreport{cert:20220808:targeted:61c5617, author = {Kaspersky Lab ICS CERT}, title = {{Targeted attack on industrial enterprises and public institutions}}, date = {2022-08-08}, institution = {Kaspersky}, url = {https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-Targeted-attack-on-industrial-enterprises-and-public-institutions-En.pdf}, language = {English}, urldate = {2022-08-11} } Targeted attack on industrial enterprises and public institutions
Cotx RAT Logtu nccTrojan PortDoor
2022-07-28KasperskyIgor Kuznetsov, Leonid Bezvershenko
@online{kuznetsov:20220728:lofylife:44645c7, author = {Igor Kuznetsov and Leonid Bezvershenko}, title = {{LofyLife: malicious npm packages steal Discord tokens and bank card data}}, date = {2022-07-28}, organization = {Kaspersky}, url = {https://securelist.com/lofylife-malicious-npm-packages/107014}, language = {English}, urldate = {2022-08-28} } LofyLife: malicious npm packages steal Discord tokens and bank card data
2022-07-28Kaspersky LabsIgor Kuznetsov, Leonid Bezvershenko
@online{kuznetsov:20220728:lofylife:0d316b3, author = {Igor Kuznetsov and Leonid Bezvershenko}, title = {{LofyLife: malicious npm packages steal Discord tokens and bank card data}}, date = {2022-07-28}, organization = {Kaspersky Labs}, url = {https://securelist.com/lofylife-malicious-npm-packages/107014/}, language = {English}, urldate = {2022-08-28} } LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy
2022-07-25KasperskyGReAT
@online{great:20220725:cosmicstrand:c1e791b, author = {GReAT}, title = {{CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit}}, date = {2022-07-25}, organization = {Kaspersky}, url = {https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/}, language = {English}, urldate = {2022-07-25} } CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
2022-07-20KasperskyMarc Rivero López, Jornt van der Wiel, Dmitry Galov, Sergey Lozhkin
@online{lpez:20220720:luna:176a613, author = {Marc Rivero López and Jornt van der Wiel and Dmitry Galov and Sergey Lozhkin}, title = {{Luna and Black Basta — new ransomware for Windows, Linux and ESXi}}, date = {2022-07-20}, organization = {Kaspersky}, url = {https://securelist.com/luna-black-basta-ransomware/106950}, language = {English}, urldate = {2022-07-25} } Luna and Black Basta — new ransomware for Windows, Linux and ESXi
Black Basta Conti
2022-06-30KasperskyPierre Delcher
@online{delcher:20220630:sessionmanager:f171df2, author = {Pierre Delcher}, title = {{The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact}}, date = {2022-06-30}, organization = {Kaspersky}, url = {https://securelist.com/the-sessionmanager-iis-backdoor/106868/}, language = {English}, urldate = {2022-07-05} } The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
MimiKatz Owlproxy SessionManager
2022-06-27Kaspersky ICS CERTArtem Snegirev, Kirill Kruglov
@online{snegirev:20220627:attacks:100c151, author = {Artem Snegirev and Kirill Kruglov}, title = {{Attacks on industrial control systems using ShadowPad}}, date = {2022-06-27}, organization = {Kaspersky ICS CERT}, url = {https://ics-cert.kaspersky.com/publications/reports/2022/06/27/attacks-on-industrial-control-systems-using-shadowpad/}, language = {English}, urldate = {2022-06-29} } Attacks on industrial control systems using ShadowPad
Cobalt Strike PlugX ShadowPad
2022-06-23KasperskyNikita Nazarov, Vasily Davydov, Natalya Shornikova, Vladislav Burtsev, Danila Nasonov
@techreport{nazarov:20220623:hateful:bae0681, author = {Nikita Nazarov and Vasily Davydov and Natalya Shornikova and Vladislav Burtsev and Danila Nasonov}, title = {{The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs}}, date = {2022-06-23}, institution = {Kaspersky}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/06/23093553/Common-TTPs-of-the-modern-ransomware_low-res.pdf}, language = {English}, urldate = {2022-06-27} } The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok