Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-04TelsyTelsy
@online{telsy:20220304:legitimate:d46b40c, author = {Telsy}, title = {{Legitimate Sites Used As Cobalt Strike C2s Against Indian Government}}, date = {2022-03-04}, organization = {Telsy}, url = {https://www.telsy.com/legitimate-sites-used-as-cobalt-strike-c2s-against-indian-government/}, language = {English}, urldate = {2022-03-07} } Legitimate Sites Used As Cobalt Strike C2s Against Indian Government
Cobalt Strike
2022-01-05TelsyClaudio Di Giuseppe
@online{giuseppe:20220105:sidecopy:546a0eb, author = {Claudio Di Giuseppe}, title = {{SIDECOPY APT: From Windows to *nix}}, date = {2022-01-05}, organization = {Telsy}, url = {https://www.telsy.com/sidecopy-apt-from-windows-to-nix/}, language = {English}, urldate = {2022-01-10} } SIDECOPY APT: From Windows to *nix
SideCopy
2021-12-22TelsyTelsy Research Team
@online{team:20211222:phishing:ffa707a, author = {Telsy Research Team}, title = {{Phishing Campaign targeting citizens abroad using COVID-19 theme lures}}, date = {2021-12-22}, organization = {Telsy}, url = {https://www.telsy.com/download/5972/?uid=d7c082ba55}, language = {English}, urldate = {2022-01-25} } Phishing Campaign targeting citizens abroad using COVID-19 theme lures
Cobalt Strike
2021-12-07TelsyTelsy Research Team
@online{team:20211207:nobelium:543fe63, author = {Telsy Research Team}, title = {{NOBELIUM again or eCrime operation?}}, date = {2021-12-07}, organization = {Telsy}, url = {https://www.telsy.com/download/5900/?uid=b797afdcfb}, language = {English}, urldate = {2022-01-25} } NOBELIUM again or eCrime operation?
Sliver
2021-11-24TelsyTelsy Research Team
@online{team:20211124:possible:a1df559, author = {Telsy Research Team}, title = {{Possible attack to Telco company in Middle East}}, date = {2021-11-24}, organization = {Telsy}, url = {https://www.telsy.com/download/5776/?uid=aca91e397e}, language = {English}, urldate = {2021-12-06} } Possible attack to Telco company in Middle East
GRUNT
2021-11-03TelsyTelsy Research Team
@online{team:20211103:dissecting:aa23c19, author = {Telsy Research Team}, title = {{Dissecting new AppleSeed backdoor of Kimsuky threat actor}}, date = {2021-11-03}, organization = {Telsy}, url = {https://www.telsy.com/download/5654/?uid=4869868efd}, language = {English}, urldate = {2021-11-08} } Dissecting new AppleSeed backdoor of Kimsuky threat actor
Appleseed
2021-10-13TelsyTelsy Research Team
@online{team:20211013:new:a9866c8, author = {Telsy Research Team}, title = {{New malicious campaign spreading Windows and Linux backdoors}}, date = {2021-10-13}, organization = {Telsy}, url = {https://www.telsy.com/download/5467/?uid=18bf9499fc}, language = {English}, urldate = {2021-12-06} } New malicious campaign spreading Windows and Linux backdoors
2021-10-11TelsyTelsy
@online{telsy:20211011:lazarus:7e07a1e, author = {Telsy}, title = {{Lazarus Group continues AppleJeus Operation}}, date = {2021-10-11}, organization = {Telsy}, url = {https://www.telsy.com/download/5394/?uid=28b0a4577e}, language = {English}, urldate = {2021-10-26} } Lazarus Group continues AppleJeus Operation
AppleJeus
2021-09-29TelsyTelsy Research Team
@online{team:20210929:google:127939e, author = {Telsy Research Team}, title = {{Google Drive abused in document exfiltration operation against Afghanistan}}, date = {2021-09-29}, organization = {Telsy}, url = {https://www.telsy.com/google-drive-abused-in-document-exfiltration-operation-against-afghanistan/}, language = {English}, urldate = {2021-10-11} } Google Drive abused in document exfiltration operation against Afghanistan
2021-09-15TelsyTelsy
@online{telsy:20210915:remcos:83c0670, author = {Telsy}, title = {{REMCOS and Agent Tesla loaded into memory with Rezer0 loader}}, date = {2021-09-15}, organization = {Telsy}, url = {https://www.telsy.com/download/4832/}, language = {English}, urldate = {2021-09-23} } REMCOS and Agent Tesla loaded into memory with Rezer0 loader
Agent Tesla Remcos
2020-12-03TelsyTelsy Research Team
@techreport{team:20201203:when:0269579, author = {Telsy Research Team}, title = {{When a false flagdoesn’t work: Exploring the digital-crimeunderground at campaign preparation stage}}, date = {2020-12-03}, institution = {Telsy}, url = {https://www.telsy.com/wp-content/uploads/ATR_82599-1.pdf}, language = {English}, urldate = {2020-12-14} } When a false flagdoesn’t work: Exploring the digital-crimeunderground at campaign preparation stage
Agent Tesla
2020-11-19TelsyTelsy Research Team
@techreport{team:20201119:qnodeservice:77f4e2d, author = {Telsy Research Team}, title = {{QNodeService stepped up its features while operated in widespread credential-theft campaigns}}, date = {2020-11-19}, institution = {Telsy}, url = {https://www.telsy.com/wp-content/uploads/MAR_93433_WHITE.pdf}, language = {English}, urldate = {2020-11-23} } QNodeService stepped up its features while operated in widespread credential-theft campaigns
QNodeService
2020-11-06TelsyTelsy Research Team
@techreport{team:20201106:malware:7b6dd9d, author = {Telsy Research Team}, title = {{Malware Analysis Report: Trying not to walk in the dark woods. A way out of the Maze}}, date = {2020-11-06}, institution = {Telsy}, url = {https://www.telsy.com/wp-content/uploads/Maze_Vaccine.pdf}, language = {English}, urldate = {2020-11-09} } Malware Analysis Report: Trying not to walk in the dark woods. A way out of the Maze
Maze
2020-10-08TelsyTelsy
@techreport{telsy:20201008:operation:e7388f3, author = {Telsy}, title = {{Operation “Space Race”: Reaching the Stars through Professional Social Networks}}, date = {2020-10-08}, institution = {Telsy}, url = {https://www.telsy.com/wp-content/uploads/Operation_Space_Race.pdf}, language = {English}, urldate = {2020-10-12} } Operation “Space Race”: Reaching the Stars through Professional Social Networks
2020-07-14TelsyTelsy
@online{telsy:20200714:turla:ef6592e, author = {Telsy}, title = {{Turla / Venomous Bear updates its arsenal: “NewPass” appears on the APT threat scene}}, date = {2020-07-14}, organization = {Telsy}, url = {https://www.telsy.com/turla-venomous-bear-updates-its-arsenal-newpass-appears-on-the-apt-threat-scene/}, language = {English}, urldate = {2020-07-16} } Turla / Venomous Bear updates its arsenal: “NewPass” appears on the APT threat scene
NewPass Turla Group
2020-03-02TelsyTelsy
@online{telsy:20200302:apt34:ded8bcd, author = {Telsy}, title = {{APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants}}, date = {2020-03-02}, organization = {Telsy}, url = {https://blog.telsy.com/apt34-aka-oilrig-attacks-lebanon-government-entities-with-maildropper-implant/}, language = {English}, urldate = {2020-03-03} } APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants
Karkoff
2020-02-12TelsyTelsy
@online{telsy:20200212:meeting:085d775, author = {Telsy}, title = {{Meeting POWERBAND: The APT33 .NET POWERTON Variant}}, date = {2020-02-12}, organization = {Telsy}, url = {https://blog.telsy.com/meeting-powerband-the-apt33-net-powerton-variant/}, language = {English}, urldate = {2020-02-14} } Meeting POWERBAND: The APT33 .NET POWERTON Variant
POWERTON POWERBAND
2019-05-19TelsyWebmaster
@online{webmaster:20190519:following:d15ba1c, author = {Webmaster}, title = {{Following the Turla’s Skipper over the ocean of cyber operations}}, date = {2019-05-19}, organization = {Telsy}, url = {https://blog.telsy.com/following-the-turlas-skipper-over-the-ocean-of-cyber-operations/}, language = {English}, urldate = {2020-01-08} } Following the Turla’s Skipper over the ocean of cyber operations
Skipper