Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-24DragosDragos
@techreport{dragos:20210224:ics:772b80b, author = {Dragos}, title = {{ICS Cybersecurity Year in Review 2020}}, date = {2021-02-24}, institution = {Dragos}, url = {https://hub.dragos.com/hubfs/Year-in-Review/Dragos_2020_ICS_Cybersecurity_Year_In_Review.pdf}, language = {English}, urldate = {2021-02-25} } ICS Cybersecurity Year in Review 2020
2021-02-24Github (AmnestyTech)Amnesty International
@online{international:20210224:overview:95b80e0, author = {Amnesty International}, title = {{Overview of Ocean Lotus Samples used to target Vietnamese Human Rights Defenders}}, date = {2021-02-24}, organization = {Github (AmnestyTech)}, url = {https://github.com/AmnestyTech/investigations/tree/master/2021-02-24_vietnam}, language = {English}, urldate = {2021-02-25} } Overview of Ocean Lotus Samples used to target Vietnamese Human Rights Defenders
OceanLotus Cobalt Strike KerrDown
2021-02-24McAfeeAlexandre Mundo, Thibault Seret, Thomas Roccia, John Fokker
@techreport{mundo:20210224:technical:4d09445, author = {Alexandre Mundo and Thibault Seret and Thomas Roccia and John Fokker}, title = {{Technical Analysis of Babuk Ransomware}}, date = {2021-02-24}, institution = {McAfee}, url = {https://www.mcafee.com/enterprise/en-us/assets/reports/rp-babuk-ransomware.pdf}, language = {English}, urldate = {2021-02-25} } Technical Analysis of Babuk Ransomware
Babuk Ransomware
2021-02-24Amnesty InternationalAmnesty International
@techreport{international:20210224:click:aec5095, author = {Amnesty International}, title = {{Click and Bait: Vietnamese Human Rights Defenders Targeted with Spyware Attacks}}, date = {2021-02-24}, institution = {Amnesty International}, url = {https://www.amnesty.de/sites/default/files/2021-02/Amnesty-Bericht-Vietnam-Click-And-Bait-Blogger-Deutschland-Spionage-Menschenrechtsverteidiger-Februar-2021.pdf}, language = {English}, urldate = {2021-02-25} } Click and Bait: Vietnamese Human Rights Defenders Targeted with Spyware Attacks
KerrDown
2021-02-23CUJOAIAlbert Zsigovits
@online{zsigovits:20210223:dns:2690097, author = {Albert Zsigovits}, title = {{DNS Hijacking Attacks on Home Routers in Brazil}}, date = {2021-02-23}, organization = {CUJOAI}, url = {https://cujo.com/dns-hijacking-attacks-on-home-routers-in-brazil/}, language = {English}, urldate = {2021-02-25} } DNS Hijacking Attacks on Home Routers in Brazil
2021-02-23Trend MicroByron Gelera, Janus Agcaoili
@online{gelera:20210223:analysis:a4c0c51, author = {Byron Gelera and Janus Agcaoili}, title = {{An Analysis of the Nefilim Ransomware}}, date = {2021-02-23}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/b/nefilim-ransomware.html}, language = {English}, urldate = {2021-02-25} } An Analysis of the Nefilim Ransomware
Nefilim Ransomware
2021-02-23TalosVitor Ventura, Warren Mercer
@online{ventura:20210223:gamaredon:3fbfa9b, author = {Vitor Ventura and Warren Mercer}, title = {{Gamaredon - When nation states don’t pay all the bills}}, date = {2021-02-23}, organization = {Talos}, url = {https://blog.talosintelligence.com/2021/02/gamaredonactivities.html}, language = {English}, urldate = {2021-02-25} } Gamaredon - When nation states don’t pay all the bills
2021-02-23PhishLabsJessica Ellis
@online{ellis:20210223:surge:ceb4d8d, author = {Jessica Ellis}, title = {{Surge in ZLoader Attacks Observed}}, date = {2021-02-23}, organization = {PhishLabs}, url = {https://info.phishlabs.com/blog/surge-in-zloader-attacks-observed}, language = {English}, urldate = {2021-02-25} } Surge in ZLoader Attacks Observed
Zloader
2021-02-23TwitterTwitter Safety
@online{safety:20210223:disclosing:bdbc667, author = {Twitter Safety}, title = {{Disclosing networks of state-linked information operations}}, date = {2021-02-23}, organization = {Twitter}, url = {https://blog.twitter.com/en_us/topics/company/2021/disclosing-networks-of-state-linked-information-operations-.html}, language = {English}, urldate = {2021-02-25} } Disclosing networks of state-linked information operations
2021-02-23Medium (Katie’s Five Cents)Katie Nickels
@online{nickels:20210223:cyber:974230c, author = {Katie Nickels}, title = {{A Cyber Threat Intelligence Self-Study Plan: Part 1}}, date = {2021-02-23}, organization = {Medium (Katie’s Five Cents)}, url = {https://medium.com/katies-five-cents/a-cyber-threat-intelligence-self-study-plan-part-1-968b5a8daf9a}, language = {English}, urldate = {2021-02-25} } A Cyber Threat Intelligence Self-Study Plan: Part 1
2021-02-23CrowdStrikeCrowdStrike
@techreport{crowdstrike:20210223:2021:bf5bc4f, author = {CrowdStrike}, title = {{2021 Global Threat Report}}, date = {2021-02-23}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf}, language = {English}, urldate = {2021-02-25} } 2021 Global Threat Report
RansomEXX Amadey Anchor Avaddon Ransomware BazarBackdoor Clop Cobalt Strike Conti Ransomware Cutwail DanaBot DarkSide DoppelPaymer Dridex Egregor Emotet Hakbit IcedID JSOutProx KerrDown LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker NedDnLoader Nemty Pay2Key PlugX Pushdo PwndLocker PyXie QakBot Quasar RAT RagnarLocker Ragnarok RansomEXX REvil Ryuk Sekhmet Ransomware ShadowPad SmokeLoader Snake Ransomware SUNBURST SunCrypt TEARDROP TrickBot WastedLocker Winnti Zloader
2021-02-23ZscalerSudeep Singh, Sahil Antil
@online{singh:20210223:return:fed533a, author = {Sudeep Singh and Sahil Antil}, title = {{Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures}}, date = {2021-02-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-minebridge-rat-new-ttps-and-social-engineering-lures}, language = {English}, urldate = {2021-02-25} } Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures
MINEBRIDGE
2021-02-23FlashpointFlashpoint
@online{flashpoint:20210223:new:4f8b993, author = {Flashpoint}, title = {{New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”}}, date = {2021-02-23}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/new-mysterious-operators-usurp-elite-russian-hacker-forum-verified/}, language = {English}, urldate = {2021-02-25} } New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”
2021-02-22tccontre Blogtcontre
@online{tcontre:20210222:gh0strat:9f98308, author = {tcontre}, title = {{Gh0stRat Anti-Debugging: Nested SEH (try - catch) to Decrypt and Load its Payload}}, date = {2021-02-22}, organization = {tccontre Blog}, url = {https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html}, language = {English}, urldate = {2021-02-25} } Gh0stRat Anti-Debugging: Nested SEH (try - catch) to Decrypt and Load its Payload
Ghost RAT
2021-02-22Avast DecodedAnh ho
@online{ho:20210222:masslogger:632f622, author = {Anh ho}, title = {{MassLogger v3: a .NET stealer with serious obfuscation}}, date = {2021-02-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/masslogger-v3-a-net-stealer-with-serious-obfuscation/}, language = {English}, urldate = {2021-02-25} } MassLogger v3: a .NET stealer with serious obfuscation
MASS Logger
2021-02-22National Security and Defense Council of UkraineOrganization of the National Security and Defense Council of Ukraine
@online{ukraine:20210222:nccc:f04316b, author = {Organization of the National Security and Defense Council of Ukraine}, title = {{The NCCC at the NSDC of Ukraine warns of a new mechanism of attacks on Ukrainian infrastructure}}, date = {2021-02-22}, organization = {National Security and Defense Council of Ukraine}, url = {https://www.rnbo.gov.ua/en/Diialnist/4820.html}, language = {English}, urldate = {2021-02-25} } The NCCC at the NSDC of Ukraine warns of a new mechanism of attacks on Ukrainian infrastructure
2021-02-22Check Point ResearchEyal Itkin, Itay Cohen
@online{itkin:20210222:story:6f59f06, author = {Eyal Itkin and Itay Cohen}, title = {{The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day}}, date = {2021-02-22}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/the-story-of-jian/}, language = {English}, urldate = {2021-02-25} } The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day
2021-02-22FireEyeAndrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta, Kimberly Goody
@online{moore:20210222:cyber:a641e26, author = {Andrew Moore and Genevieve Stark and Isif Ibrahima and Van Ta and Kimberly Goody}, title = {{Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion}}, date = {2021-02-22}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html}, language = {English}, urldate = {2021-02-25} } Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion
DEWMODE Clop
2021-02-22YouTube ( Malware_Analyzing_&_RE_Tips_Tricks)Jiří Vinopal
@online{vinopal:20210222:ryuk:e9c5fb4, author = {Jiří Vinopal}, title = {{Ryuk Ransomware API Resolving in 10 minutes}}, date = {2021-02-22}, organization = {YouTube ( Malware_Analyzing_&_RE_Tips_Tricks)}, url = {https://www.youtube.com/watch?v=7xxRunBP5XA}, language = {English}, urldate = {2021-02-25} } Ryuk Ransomware API Resolving in 10 minutes
Ryuk
2021-02-21AntiyAntiy CERT
@online{cert:20210221:analysis:84134cb, author = {Antiy CERT}, title = {{Analysis report on the attack activities of the "Baby Elephant" against Pakistani defense manufacturers}}, date = {2021-02-21}, organization = {Antiy}, url = {https://mp.weixin.qq.com/s/y2kRbYCt94yPu-5jtcZ_AA}, language = {Chinese}, urldate = {2021-02-25} } Analysis report on the attack activities of the "Baby Elephant" against Pakistani defense manufacturers