Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-05Cisco TalosJung soo An, Asheer Malhotra, Justin Thattil, Aliza Berk, Kendall McKay
@online{an:20220505:mustang:cbc06e9, author = {Jung soo An and Asheer Malhotra and Justin Thattil and Aliza Berk and Kendall McKay}, title = {{Mustang Panda deploys a new wave of malware targeting Europe}}, date = {2022-05-05}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/05/mustang-panda-targets-europe.html}, language = {English}, urldate = {2022-05-05} } Mustang Panda deploys a new wave of malware targeting Europe
Cobalt Strike Meterpreter PlugX
2022-05-03CiscoKendall McKay, Paul Eubanks., JAIME FILSON
@online{mckay:20220503:conti:c764c61, author = {Kendall McKay and Paul Eubanks. and JAIME FILSON}, title = {{Conti and Hive ransomware operations: Leveraging victim chats for insights}}, date = {2022-05-03}, organization = {Cisco}, url = {https://s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/787/original/ransomware-chats.pdf?1651576098}, language = {English}, urldate = {2022-05-04} } Conti and Hive ransomware operations: Leveraging victim chats for insights
Conti Hive
2022-05-02Cisco TalosKendall McKay, Paul Eubanks, JAIME FILSON
@techreport{mckay:20220502:conti:330e34b, author = {Kendall McKay and Paul Eubanks and JAIME FILSON}, title = {{Conti and Hive ransomware operations: Leveraging victim chats for insights}}, date = {2022-05-02}, institution = {Cisco Talos}, url = {https://s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/787/original/ransomware-chats.pdf}, language = {English}, urldate = {2022-05-04} } Conti and Hive ransomware operations: Leveraging victim chats for insights
Cobalt Strike Conti Hive
2022-03-29Cisco TalosAsheer Malhotra, Justin Thattil, Kendall McKay
@online{malhotra:20220329:transparent:dcf66a7, author = {Asheer Malhotra and Justin Thattil and Kendall McKay}, title = {{Transparent Tribe campaign uses new bespoke malware to target Indian government officials}}, date = {2022-03-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/03/transparent-tribe-new-campaign.html?m=1}, language = {English}, urldate = {2022-03-30} } Transparent Tribe campaign uses new bespoke malware to target Indian government officials
Crimson RAT
2021-11-10Cisco TalosJungsoo An, Asheer Malhotra, Kendall McKay
@online{an:20211110:north:feab945, author = {Jungsoo An and Asheer Malhotra and Kendall McKay}, title = {{North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets}}, date = {2021-11-10}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2021/11/kimsuky-abuses-blogs-delivers-malware.html}, language = {English}, urldate = {2021-11-17} } North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon
2021-06-03TalosVanja Svajcer, Caitlin Huey, Kendall McKay
@online{svajcer:20210603:necro:acd2fdf, author = {Vanja Svajcer and Caitlin Huey and Kendall McKay}, title = {{Necro Python bot adds new exploits and Tezos mining to its bag of tricks}}, date = {2021-06-03}, organization = {Talos}, url = {https://blog.talosintelligence.com/2021/06/necro-python-bot-adds-new-tricks.html}, language = {English}, urldate = {2021-06-16} } Necro Python bot adds new exploits and Tezos mining to its bag of tricks
N3Cr0m0rPh
2021-05-13TalosAsheer Malhotra, Justin Thattil, Kendall McKay
@online{malhotra:20210513:transparent:9993964, author = {Asheer Malhotra and Justin Thattil and Kendall McKay}, title = {{Transparent Tribe APT expands its Windows malware arsenal}}, date = {2021-05-13}, organization = {Talos}, url = {https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html}, language = {English}, urldate = {2021-05-13} } Transparent Tribe APT expands its Windows malware arsenal
Crimson RAT Oblique RAT
2021-01-04Cisco TalosAzim Khodjibaev, Dmytro Korzhevin, Kendall McKay
@techreport{khodjibaev:20210104:interview:6735752, author = {Azim Khodjibaev and Dmytro Korzhevin and Kendall McKay}, title = {{Interview with a LockBit ransomware operator}}, date = {2021-01-04}, institution = {Cisco Talos}, url = {https://talos-intelligence-site.s3.amazonaws.com/production/document_files/files/000/095/481/original/010421_LockBit_Interview.pdf}, language = {English}, urldate = {2021-02-17} } Interview with a LockBit ransomware operator
LockBit
2020-06-11Talos IntelligenceKendall McKay, Joe Marshall
@online{mckay:20200611:tor2mine:ee5dda6, author = {Kendall McKay and Joe Marshall}, title = {{Tor2Mine is up to their old tricks — and adds a few new ones}}, date = {2020-06-11}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2020/06/tor2mine-is-up-to-their-old-tricks-and_11.html}, language = {English}, urldate = {2020-06-12} } Tor2Mine is up to their old tricks — and adds a few new ones
Azorult Remcos
2019-05-20CiscoDanny Adamitis, David Maynor, Kendall McKay
@online{adamitis:20190520:recent:4bb543f, author = {Danny Adamitis and David Maynor and Kendall McKay}, title = {{Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques}}, date = {2019-05-20}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html}, language = {English}, urldate = {2020-01-07} } Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
MuddyWater