Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-21adluminadlumin
@online{adlumin:20231121:playcrypt:a3455dc, author = {adlumin}, title = {{PlayCrypt Ransomware-as-a-Service Expands Threat from Script Kiddies and Sophisticated Attackers}}, date = {2023-11-21}, organization = {adlumin}, url = {https://adlumin.com/post/playcrypt-ransomware-as-a-service-expands-threat-from-script-kiddies-and-sophisticated-attackers/}, language = {English}, urldate = {2023-11-22} } PlayCrypt Ransomware-as-a-Service Expands Threat from Script Kiddies and Sophisticated Attackers
PLAY
2023-11-21TrellixErnesto Fernández Provecho, Pham Duy Phuc, Ciana Driscoll, Vinoo Thomas
@online{provecho:20231121:continued:8a0bc28, author = {Ernesto Fernández Provecho and Pham Duy Phuc and Ciana Driscoll and Vinoo Thomas}, title = {{The Continued Evolution of the DarkGate Malware-as-a-Service}}, date = {2023-11-21}, organization = {Trellix}, url = {https://www.trellix.com/about/newsroom/stories/research/the-continued-evolution-of-the-darkgate-malware-as-a-service/}, language = {English}, urldate = {2023-11-27} } The Continued Evolution of the DarkGate Malware-as-a-Service
DarkGate
2023-11-14Department of JusticeU.S. Attorney's Office District of Puerto Rico
@online{rico:20231114:russian:e22cda5, author = {U.S. Attorney's Office District of Puerto Rico}, title = {{Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World}}, date = {2023-11-14}, organization = {Department of Justice}, url = {https://www.justice.gov/usao-pr/pr/russian-and-moldovan-national-pleads-guilty-operating-illegal-botnet-proxy-service}, language = {English}, urldate = {2023-11-14} } Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World
IPStorm IPStorm
2023-11-02BitSightBitSight
@online{bitsight:20231102:unveiling:26ed4db, author = {BitSight}, title = {{Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey}}, date = {2023-11-02}, organization = {BitSight}, url = {https://bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey}, language = {English}, urldate = {2023-11-13} } Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey
Amadey PrivateLoader Socks5 Systemz
2023-11-02BitSightBitSight
@online{bitsight:20231102:unveiling:747482a, author = {BitSight}, title = {{Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey}}, date = {2023-11-02}, organization = {BitSight}, url = {https://www.bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey}, language = {English}, urldate = {2023-11-13} } Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey
Amadey PrivateLoader Socks5 Systemz
2023-10-31InfobloxInfoblox Threat Intelligence Group
@online{group:20231031:prolific:e4f06e8, author = {Infoblox Threat Intelligence Group}, title = {{Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime}}, date = {2023-10-31}, organization = {Infoblox}, url = {https://blogs.infoblox.com/cyber-threat-intelligence/prolific-puma-shadowy-link-shortening-service-enables-cybercrime/}, language = {English}, urldate = {2023-11-13} } Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime
Prolific Puma
2023-10-30MSSPAlertJim Masters
@online{masters:20231030:managed:29df3dd, author = {Jim Masters}, title = {{Managed Security Services Provider (MSSP) Market News: 30 October 2023}}, date = {2023-10-30}, organization = {MSSPAlert}, url = {https://www.msspalert.com/news/managed-security-services-provider-mssp-market-news-30-october-2023}, language = {English}, urldate = {2023-11-17} } Managed Security Services Provider (MSSP) Market News: 30 October 2023
2023-09-28CIPState Service of Special Communication and Information Protection of Ukraine (CIP)
@online{cip:20230928:russias:25b9ce0, author = {State Service of Special Communication and Information Protection of Ukraine (CIP)}, title = {{Russia's Cyber Tactics H1' 2023}}, date = {2023-09-28}, organization = {CIP}, url = {https://cip.gov.ua/services/cm/api/attachment/download?id=60068}, language = {English}, urldate = {2023-10-09} } Russia's Cyber Tactics H1' 2023
2023-09-11KasperskyAlexander Kirichenko, Gleb Ivanov
@online{kirichenko:20230911:from:7fe2d83, author = {Alexander Kirichenko and Gleb Ivanov}, title = {{From Caribbean shores to your devices: analyzing Cuba ransomware}}, date = {2023-09-11}, organization = {Kaspersky}, url = {https://securelist.com/cuba-ransomware/110533/}, language = {English}, urldate = {2023-09-13} } From Caribbean shores to your devices: analyzing Cuba ransomware
Cuba
2023-09-04Cert-UACert-UA
@online{certua:20230904:apt28:5db5c7c, author = {Cert-UA}, title = {{APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)}}, date = {2023-09-04}, organization = {Cert-UA}, url = {https://cert.gov.ua/article/5702579}, language = {Ukrainian}, urldate = {2023-09-07} } APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)
2023-08-23EclecticIQAleksander W. Jarosz
@online{jarosz:20230823:malwareasaservice:020b650, author = {Aleksander W. Jarosz}, title = {{Malware-as-a-Service: Redline Stealer Variants Demonstrate a Low-Barrier-to-Entry Threat}}, date = {2023-08-23}, organization = {EclecticIQ}, url = {https://blog.eclecticiq.com/redline-stealer-variants-demonstrate-a-low-barrier-to-entry-threat}, language = {English}, urldate = {2023-08-25} } Malware-as-a-Service: Redline Stealer Variants Demonstrate a Low-Barrier-to-Entry Threat
RedLine Stealer
2023-08-22AhnLabSanseo
@online{sanseo:20230822:analysis:2df9da0, author = {Sanseo}, title = {{Analysis of APT Attack Cases Targeting Web Services of Korean Corporations}}, date = {2023-08-22}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/56236/}, language = {English}, urldate = {2023-11-17} } Analysis of APT Attack Cases Targeting Web Services of Korean Corporations
Ladon Meterpreter MimiKatz
2023-08-08Security Service of UkraineSecurity Service of Ukraine
@techreport{ukraine:20230808:cyber:8bbe546, author = {Security Service of Ukraine}, title = {{Cyber Operation of Russian Intelligence Services as a Component of Confrontation on the Battlefield}}, date = {2023-08-08}, institution = {Security Service of Ukraine}, url = {https://ssu.gov.ua/uploads/files/DKIB/technical-report.pdf}, language = {English}, urldate = {2023-08-09} } Cyber Operation of Russian Intelligence Services as a Component of Confrontation on the Battlefield
2023-08-08Security Service of UkraineSecurity Service of Ukraine
@online{ukraine:20230808:sbu:3a0ed3b, author = {Security Service of Ukraine}, title = {{SBU exposes russian intelligence attempts to penetrate Armed Forces' planning operations system}}, date = {2023-08-08}, organization = {Security Service of Ukraine}, url = {https://ssu.gov.ua/en/novyny/sbu-exposes-russian-intelligence-attempts-to-penetrate-armed-forces-planning-operations-system}, language = {English}, urldate = {2023-08-09} } SBU exposes russian intelligence attempts to penetrate Armed Forces' planning operations system
2023-08-08CheckpointCheckpoint Research
@online{research:20230808:rhysida:d28daad, author = {Checkpoint Research}, title = {{THE RHYSIDA RANSOMWARE: ACTIVITY ANALYSIS AND TIES TO VICE SOCIETY}}, date = {2023-08-08}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/the-rhysida-ransomware-activity-analysis-and-ties-to-vice-society/}, language = {English}, urldate = {2023-08-10} } THE RHYSIDA RANSOMWARE: ACTIVITY ANALYSIS AND TIES TO VICE SOCIETY
Rhysida
2023-08LinkedIn (PRODAFT)PRODAFT
@online{prodaft:202308:organic:4714845, author = {PRODAFT}, title = {{An organic relationship between the #Rhysida and #ViceSociety ransomware teams}}, date = {2023-08}, organization = {LinkedIn (PRODAFT)}, url = {https://www.linkedin.com/posts/prodaft_organic-relationship-between-rhysida-vice-activity-7091777236663427072-NQEs}, language = {English}, urldate = {2023-08-10} } An organic relationship between the #Rhysida and #ViceSociety ransomware teams
Rhysida
2023-07-26SPURRiley Kilmer
@online{kilmer:20230726:christmas:5221879, author = {Riley Kilmer}, title = {{Christmas in July: A finely wrapped Malware Proxy Service}}, date = {2023-07-26}, organization = {SPUR}, url = {https://spur.us/2023/07/christmas-in-july-a-finely-wrapped-proxy-service/}, language = {English}, urldate = {2023-07-31} } Christmas in July: A finely wrapped Malware Proxy Service
AVrecon
2023-07-25KrebsOnSecurityBrian Krebs
@online{krebs:20230725:who:55175fa, author = {Brian Krebs}, title = {{Who and What is Behind the Malware Proxy Service SocksEscort?}}, date = {2023-07-25}, organization = {KrebsOnSecurity}, url = {https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/}, language = {English}, urldate = {2023-07-31} } Who and What is Behind the Malware Proxy Service SocksEscort?
AVrecon
2023-07-24MandiantRyan Serabian, Daniel Kapellmann Zafra, Conor Quigley, David Mainor
@online{serabian:20230724:proprc:500b383, author = {Ryan Serabian and Daniel Kapellmann Zafra and Conor Quigley and David Mainor}, title = {{Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C.}}, date = {2023-07-24}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/pro-prc-haienergy-us-news}, language = {English}, urldate = {2023-07-31} } Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C.
2023-07-10MandiantMatthew McWhirt, Thirumalai Natarajan Muthiah, Phil Pearce, Jennifer Guzzetta
@online{mcwhirt:20230710:defend:9fcdf9f, author = {Matthew McWhirt and Thirumalai Natarajan Muthiah and Phil Pearce and Jennifer Guzzetta}, title = {{Defend Against the Latest Active Directory Certificate Services Threats}}, date = {2023-07-10}, organization = {Mandiant}, url = {https://www.mandiant.com/blog/resources/defend-ad-cs-threats}, language = {English}, urldate = {2023-07-31} } Defend Against the Latest Active Directory Certificate Services Threats