Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-08Bleeping ComputerLawrence Abrams
@online{abrams:20220108:trojanized:00522d1, author = {Lawrence Abrams}, title = {{Trojanized dnSpy app drops malware cocktail on researchers, devs}}, date = {2022-01-08}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/}, language = {English}, urldate = {2022-01-18} } Trojanized dnSpy app drops malware cocktail on researchers, devs
Quasar RAT
2021-12-20Bleeping ComputerLawrence Abrams
@online{abrams:20211220:log4j:1a80230, author = {Lawrence Abrams}, title = {{Log4j vulnerability now used to install Dridex banking malware}}, date = {2021-12-20}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/}, language = {English}, urldate = {2021-12-21} } Log4j vulnerability now used to install Dridex banking malware
DoppelDridex Meterpreter
2021-12-07Bleeping ComputerLawrence Abrams
@online{abrams:20211207:emotet:f33c999, author = {Lawrence Abrams}, title = {{Emotet now drops Cobalt Strike, fast forwards ransomware attacks}}, date = {2021-12-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/emotet-now-drops-cobalt-strike-fast-forwards-ransomware-attacks/}, language = {English}, urldate = {2021-12-08} } Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Cobalt Strike Emotet
2021-11-15Bleeping ComputerLawrence Abrams
@online{abrams:20211115:emotet:8de6d81, author = {Lawrence Abrams}, title = {{Emotet malware is back and rebuilding its botnet via TrickBot}}, date = {2021-11-15}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/emotet-malware-is-back-and-rebuilding-its-botnet-via-trickbot/}, language = {English}, urldate = {2021-11-17} } Emotet malware is back and rebuilding its botnet via TrickBot
Emotet
2021-11-03Bleeping ComputerLawrence Abrams
@online{abrams:20211103:blackmatter:5681de9, author = {Lawrence Abrams}, title = {{BlackMatter ransomware moves victims to LockBit after shutdown}}, date = {2021-11-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-moves-victims-to-lockbit-after-shutdown/}, language = {English}, urldate = {2021-11-08} } BlackMatter ransomware moves victims to LockBit after shutdown
BlackMatter BlackMatter LockBit
2021-10-21Bleeping ComputerLawrence Abrams
@online{abrams:20211021:massive:89295e6, author = {Lawrence Abrams}, title = {{Massive campaign uses YouTube to push password-stealing malware}}, date = {2021-10-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/massive-campaign-uses-youtube-to-push-password-stealing-malware/}, language = {English}, urldate = {2021-11-02} } Massive campaign uses YouTube to push password-stealing malware
Raccoon RedLine Stealer
2021-10-17Bleeping ComputerLawrence Abrams
@online{abrams:20211017:revil:b53b66f, author = {Lawrence Abrams}, title = {{REvil ransomware shuts down again after Tor sites were hijacked}}, date = {2021-10-17}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/revil-ransomware-shuts-down-again-after-tor-sites-were-hijacked/}, language = {English}, urldate = {2021-10-25} } REvil ransomware shuts down again after Tor sites were hijacked
REvil REvil
2021-09-07Bleeping ComputerLawrence Abrams
@online{abrams:20210907:revil:121f953, author = {Lawrence Abrams}, title = {{REvil ransomware's servers mysteriously come back online}}, date = {2021-09-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/}, language = {English}, urldate = {2021-09-10} } REvil ransomware's servers mysteriously come back online
REvil
2021-09-06Bleeping ComputerLawrence Abrams
@online{abrams:20210906:trickbot:652a467, author = {Lawrence Abrams}, title = {{TrickBot gang developer arrested when trying to leave Korea}}, date = {2021-09-06}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/trickbot-gang-developer-arrested-when-trying-to-leave-korea/}, language = {English}, urldate = {2021-09-10} } TrickBot gang developer arrested when trying to leave Korea
Diavol TrickBot
2021-08-11BleepingComputerLawrence Abrams
@online{abrams:20210811:kaseyas:93f86e6, author = {Lawrence Abrams}, title = {{Kaseya's universal REvil decryption key leaked on a hacking forum}}, date = {2021-08-11}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/kaseyas-universal-revil-decryption-key-leaked-on-a-hacking-forum/}, language = {English}, urldate = {2021-08-16} } Kaseya's universal REvil decryption key leaked on a hacking forum
REvil
2021-08-05Bleeping ComputerLawrence Abrams
@online{abrams:20210805:linux:d6e65f8, author = {Lawrence Abrams}, title = {{Linux version of BlackMatter ransomware targets VMware ESXi servers}}, date = {2021-08-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/}, language = {English}, urldate = {2021-08-09} } Linux version of BlackMatter ransomware targets VMware ESXi servers
BlackMatter
2021-08-05Bleeping ComputerLawrence Abrams
@online{abrams:20210805:angry:a9916d3, author = {Lawrence Abrams}, title = {{Angry Conti ransomware affiliate leaks gang's attack playbook}}, date = {2021-08-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-gangs-attack-playbook/}, language = {English}, urldate = {2021-08-06} } Angry Conti ransomware affiliate leaks gang's attack playbook
Conti
2021-08-04Bleeping ComputerLawrence Abrams
@online{abrams:20210804:lockbit:c6ab8ec, author = {Lawrence Abrams}, title = {{LockBit ransomware recruiting insiders to breach corporate networks}}, date = {2021-08-04}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/lockbit-ransomware-recruiting-insiders-to-breach-corporate-networks/}, language = {English}, urldate = {2021-08-06} } LockBit ransomware recruiting insiders to breach corporate networks
LockBit
2021-08-03Bleeping ComputerLawrence Abrams
@online{abrams:20210803:ransomware:d1b938f, author = {Lawrence Abrams}, title = {{Ransomware attack hits Italy's Lazio region, affects COVID-19 site}}, date = {2021-08-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/ransomware-attack-hits-italys-lazio-region-affects-covid-19-site/}, language = {English}, urldate = {2021-08-06} } Ransomware attack hits Italy's Lazio region, affects COVID-19 site
LockBit RansomEXX
2021-07-31Bleeping ComputerLawrence Abrams
@online{abrams:20210731:blackmatter:924d440, author = {Lawrence Abrams}, title = {{BlackMatter ransomware gang rises from the ashes of DarkSide, REvil}}, date = {2021-07-31}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-gang-rises-from-the-ashes-of-darkside-revil/}, language = {English}, urldate = {2021-08-02} } BlackMatter ransomware gang rises from the ashes of DarkSide, REvil
DarkSide REvil
2021-07-31Bleeping ComputerLawrence Abrams
@online{abrams:20210731:darkside:1d6ac34, author = {Lawrence Abrams}, title = {{DarkSide ransomware gang returns as new BlackMatter operation}}, date = {2021-07-31}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/darkside-ransomware-gang-returns-as-new-blackmatter-operation/}, language = {English}, urldate = {2021-08-02} } DarkSide ransomware gang returns as new BlackMatter operation
DarkSide
2021-07-27Bleeping ComputerLawrence Abrams
@online{abrams:20210727:lockbit:095b8d6, author = {Lawrence Abrams}, title = {{LockBit ransomware now encrypts Windows domains using group policies}}, date = {2021-07-27}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/lockbit-ransomware-now-encrypts-windows-domains-using-group-policies/}, language = {English}, urldate = {2021-07-29} } LockBit ransomware now encrypts Windows domains using group policies
Egregor LockBit
2021-07-22Bleeping ComputerLawrence Abrams
@online{abrams:20210722:kaseya:7ec0805, author = {Lawrence Abrams}, title = {{Kaseya obtains universal decryptor for REvil ransomware victims}}, date = {2021-07-22}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/kaseya-obtains-universal-decryptor-for-revil-ransomware-victims/}, language = {English}, urldate = {2021-07-26} } Kaseya obtains universal decryptor for REvil ransomware victims
REvil
2021-07-17BleepingComputerLawrence Abrams
@online{abrams:20210717:ecuadors:3940c8e, author = {Lawrence Abrams}, title = {{Ecuador's state-run CNT telco hit by RansomEXX ransomware}}, date = {2021-07-17}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/ecuadors-state-run-cnt-telco-hit-by-ransomexx-ransomware/}, language = {English}, urldate = {2021-07-26} } Ecuador's state-run CNT telco hit by RansomEXX ransomware
RansomEXX RansomEXX
2021-07-15Bleeping ComputerLawrence Abrams
@online{abrams:20210715:linux:87987af, author = {Lawrence Abrams}, title = {{Linux version of HelloKitty ransomware targets VMware ESXi servers}}, date = {2021-07-15}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/linux-version-of-hellokitty-ransomware-targets-vmware-esxi-servers/}, language = {English}, urldate = {2021-08-06} } Linux version of HelloKitty ransomware targets VMware ESXi servers
HelloKitty