Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-04ProofpointProofpoint Threat Research Team
@online{team:20201104:persistent:3090cff, author = {Proofpoint Threat Research Team}, title = {{Persistent Actor Targets Ledger Cryptocurrency Wallets}}, date = {2020-11-04}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/persistent-actor-targets-ledger-cryptocurrency-wallets}, language = {English}, urldate = {2020-11-09} } Persistent Actor Targets Ledger Cryptocurrency Wallets
2020-10-21ProofpointCory Altheide, DAnon, Sam S., Proofpoint Threat Research Team
@online{altheide:20201021:media:fce4b18, author = {Cory Altheide and DAnon and Sam S. and Proofpoint Threat Research Team}, title = {{Media Coverage Doesn’t Deter Actor From Threatening Democratic Voters}}, date = {2020-10-21}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/media-coverage-doesnt-deter-actor-threatening-democratic-voters}, language = {English}, urldate = {2020-10-26} } Media Coverage Doesn’t Deter Actor From Threatening Democratic Voters
2020-10-16ProofpointCassandra A., Proofpoint Threat Research Team
@online{a:20201016:geofenced:8c31198, author = {Cassandra A. and Proofpoint Threat Research Team}, title = {{Geofenced Amazon Japan Credential Phishing Volumes Rival Emotet}}, date = {2020-10-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/geofenced-amazon-japan-credential-phishing-volumes-rival-emotet}, language = {English}, urldate = {2020-10-23} } Geofenced Amazon Japan Credential Phishing Volumes Rival Emotet
Emotet
2020-10-01ProofpointAxel F, Proofpoint Threat Research Team
@online{f:20201001:emotet:59780d9, author = {Axel F and Proofpoint Threat Research Team}, title = {{Emotet Makes Timely Adoption of Political and Elections Lures}}, date = {2020-10-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/emotet-makes-timely-adoption-political-and-elections-lures}, language = {English}, urldate = {2020-10-05} } Emotet Makes Timely Adoption of Political and Elections Lures
Emotet
2020-09-29ProofpointProofpoint Threat Research Team
@online{team:20200929:ta2552:09290fc, author = {Proofpoint Threat Research Team}, title = {{TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks}}, date = {2020-09-29}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta2552-uses-oauth-access-token-phishing-exploit-read-only-risks}, language = {English}, urldate = {2020-10-05} } TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks
2020-09-02ProofpointProofpoint
@online{proofpoint:20200902:chinese:823d99c, author = {Proofpoint}, title = {{Chinese APT TA413 Resumes Targeting of Tibet Following COVID-19 Themed Economic Espionage Campaign Delivering Sepulcher Malware Targeting Europe}}, date = {2020-09-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/chinese-apt-ta413-resumes-targeting-tibet-following-covid-19-themed-economic}, language = {English}, urldate = {2020-09-02} } Chinese APT TA413 Resumes Targeting of Tibet Following COVID-19 Themed Economic Espionage Campaign Delivering Sepulcher Malware Targeting Europe
Sepulcher TA413
2020-08-28ProofpointAxel F, Proofpoint Threat Research Team
@online{f:20200828:comprehensive:df5ff9b, author = {Axel F and Proofpoint Threat Research Team}, title = {{A Comprehensive Look at Emotet’s Summer 2020 Return}}, date = {2020-08-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/comprehensive-look-emotets-summer-2020-return}, language = {English}, urldate = {2020-08-30} } A Comprehensive Look at Emotet’s Summer 2020 Return
Emotet MUMMY SPIDER
2020-08-26ProofpointProofpoint Threat Research Team
@online{team:20200826:threat:e6d1646, author = {Proofpoint Threat Research Team}, title = {{Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages}}, date = {2020-08-26}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/threat-actor-profile-ta2719-uses-colorful-lures-deliver-rats-local-languages}, language = {English}, urldate = {2020-09-01} } Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages
AsyncRAT Nanocore RAT
2020-07-17ProofpointSherrod DeGrippo
@online{degrippo:20200717:ta547:cec93e0, author = {Sherrod DeGrippo}, title = {{TA547 Pivots from Ursnif Banking Trojan to Ransomware in Australian Campaign}}, date = {2020-07-17}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/security-briefs/ta547-pivots-ursnif-banking-trojan-ransomware-australian-campaign}, language = {English}, urldate = {2020-07-23} } TA547 Pivots from Ursnif Banking Trojan to Ransomware in Australian Campaign
Adhubllka
2020-06-22ProofpointSherrod DeGrippo, Proofpoint Threat Research Team
@online{degrippo:20200622:hakbit:4d8be82, author = {Sherrod DeGrippo and Proofpoint Threat Research Team}, title = {{Hakbit Ransomware Campaign Against Germany, Austria, Switzerland}}, date = {2020-06-22}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/hakbit-ransomware-campaign-against-germany-austria-switzerland}, language = {English}, urldate = {2020-06-23} } Hakbit Ransomware Campaign Against Germany, Austria, Switzerland
CloudEyE Hakbit
2020-06-10ProofpointDennis Schwarz
@online{schwarz:20200610:flowcloud:c0b42c0, author = {Dennis Schwarz}, title = {{FlowCloud Version 4.1.3 Malware Analysis}}, date = {2020-06-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/flowcloud-version-413-malware-analysis}, language = {English}, urldate = {2020-06-12} } FlowCloud Version 4.1.3 Malware Analysis
FlowCloud
2020-06-08ProofpointMichael Raggi, Dennis Schwarz, Georgi Mladenov, Proofpoint Threat Research Team
@online{raggi:20200608:ta410:f838522, author = {Michael Raggi and Dennis Schwarz and Georgi Mladenov and Proofpoint Threat Research Team}, title = {{TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware}}, date = {2020-06-08}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta410-group-behind-lookback-attacks-against-us-utilities-sector-returns-new}, language = {English}, urldate = {2020-06-09} } TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware
FlowCloud Lookback TA410
2020-05-20ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
@online{schwarz:20200520:zloader:e3c523e, author = {Dennis Schwarz and Matthew Mesa and Proofpoint Threat Research Team}, title = {{ZLoader Loads Again: New ZLoader Variant Returns}}, date = {2020-05-20}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/zloader-loads-again-new-zloader-variant-returns}, language = {English}, urldate = {2020-05-23} } ZLoader Loads Again: New ZLoader Variant Returns
Zloader
2020-04-23ProofpointProofpoint Threat Research Team
@online{team:20200423:threat:af989e1, author = {Proofpoint Threat Research Team}, title = {{Threat Actors Repurpose Hupigon in Adult Dating Attacks Targeting US Universities}}, date = {2020-04-23}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/threat-actors-repurpose-hupigon-adult-dating-attacks-targeting-us-universities}, language = {English}, urldate = {2020-05-02} } Threat Actors Repurpose Hupigon in Adult Dating Attacks Targeting US Universities
Hupigon
2020-03-18ProofpointAxel F, Sam Scholten
@online{f:20200318:coronavirus:8fe12a3, author = {Axel F and Sam Scholten}, title = {{Coronavirus Threat Landscape Update}}, date = {2020-03-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/coronavirus-threat-landscape-update}, language = {English}, urldate = {2020-03-26} } Coronavirus Threat Landscape Update
Agent Tesla Get2 ISFB Remcos
2020-03-16ProofpointSherrod DeGrippo
@online{degrippo:20200316:ta505:6cfbbb0, author = {Sherrod DeGrippo}, title = {{TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years}}, date = {2020-03-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/ta505-and-others-launch-new-coronavirus-campaigns-now-largest-collection-attack}, language = {English}, urldate = {2020-04-26} } TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years
RedLine Stealer
2020-03-16ProofpointJeremy H, Axel F, Proofpoint Threat Insight Team
@online{h:20200316:new:60f8c3d, author = {Jeremy H and Axel F and Proofpoint Threat Insight Team}, title = {{New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign}}, date = {2020-03-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-redline-stealer-distributed-using-coronavirus-themed-email-campaign}, language = {English}, urldate = {2020-03-17} } New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign
RedLine Stealer
2020-03-05ProofpointProofpoint Threat Research Team
@online{team:20200305:guloader:9972f51, author = {Proofpoint Threat Research Team}, title = {{GuLoader: A Popular New VB6 Downloader that Abuses Cloud Services}}, date = {2020-03-05}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/guloader-popular-new-vb6-downloader-abuses-cloud-services}, language = {English}, urldate = {2020-03-05} } GuLoader: A Popular New VB6 Downloader that Abuses Cloud Services
2019-12-04ProofpointKelsey Merriman, Dennis Schwarz, Kafeine, Axel F
@online{merriman:20191204:buer:6c413aa, author = {Kelsey Merriman and Dennis Schwarz and Kafeine and Axel F}, title = {{Buer, a new loader emerges in the underground marketplace}}, date = {2019-12-04}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/buer-new-loader-emerges-underground-marketplace}, language = {English}, urldate = {2020-01-06} } Buer, a new loader emerges in the underground marketplace
Buer
2019-11-14ProofpointBryan Campbell, Proofpoint Threat Insight Team
@online{campbell:20191114:ta2101:e79f6fb, author = {Bryan Campbell and Proofpoint Threat Insight Team}, title = {{TA2101 plays government imposter to distribute malware to German, Italian, and US organizations}}, date = {2019-11-14}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/ta2101-plays-government-imposter-distribute-malware-german-italian-and-us}, language = {English}, urldate = {2019-11-27} } TA2101 plays government imposter to distribute malware to German, Italian, and US organizations
Maze TA2101