Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-11SymantecSymantec Threat Intelligence
@online{intelligence:20230911:about:e53f947, author = {Symantec Threat Intelligence}, title = {{Tweet about Symantec discovering a new variant of SiestaGraph}}, date = {2023-09-11}, organization = {Symantec}, url = {https://x.com/threatintel/status/1701259256199090217}, language = {English}, urldate = {2023-09-18} } Tweet about Symantec discovering a new variant of SiestaGraph
SiestaGraph
2023-09-11KasperskyAlexander Kirichenko, Gleb Ivanov
@online{kirichenko:20230911:from:7fe2d83, author = {Alexander Kirichenko and Gleb Ivanov}, title = {{From Caribbean shores to your devices: analyzing Cuba ransomware}}, date = {2023-09-11}, organization = {Kaspersky}, url = {https://securelist.com/cuba-ransomware/110533/}, language = {English}, urldate = {2023-09-13} } From Caribbean shores to your devices: analyzing Cuba ransomware
Cuba
2023-09-08Gi7w0rm
@online{gi7w0rm:20230908:uncovering:e0089d9, author = {Gi7w0rm}, title = {{Uncovering DDGroup — A long-time threat actor}}, date = {2023-09-08}, url = {https://gi7w0rm.medium.com/uncovering-ddgroup-a-long-time-threat-actor-d3b3020625a4}, language = {English}, urldate = {2023-09-08} } Uncovering DDGroup — A long-time threat actor
AsyncRAT Ave Maria BitRAT DBatLoader NetWire RC Quasar RAT XWorm
2023-09-08ZscalerZscaler
@online{zscaler:20230908:technical:32525b9, author = {Zscaler}, title = {{Technical Analysis of HijackLoader}}, date = {2023-09-08}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/technical-analysis-hijackloader}, language = {English}, urldate = {2023-09-13} } Technical Analysis of HijackLoader
HijackLoader
2023-09-08K7 SecuritySudeep Waingankar
@online{waingankar:20230908:romcom:2c93c76, author = {Sudeep Waingankar}, title = {{RomCom RAT: Not Your Typical Love Story}}, date = {2023-09-08}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/romcom-rat-not-your-typical-love-story/}, language = {English}, urldate = {2023-09-13} } RomCom RAT: Not Your Typical Love Story
ROMCOM RAT
2023-09-07Twitter (@Intrisec)CTI Intrinsec
@online{intrinsec:20230907:tweets:c954acb, author = {CTI Intrinsec}, title = {{Tweets on Bumblebee campaign spreading via Html smuggling downloading RAR archive with European Central Bank PDF lure and folder containing Bumblebee EXE payload.}}, date = {2023-09-07}, organization = {Twitter (@Intrisec)}, url = {https://twitter.com/Intrinsec/status/1699779830294970856}, language = {English}, urldate = {2023-09-12} } Tweets on Bumblebee campaign spreading via Html smuggling downloading RAR archive with European Central Bank PDF lure and folder containing Bumblebee EXE payload.
BumbleBee
2023-09-07eSentireeSentire
@online{esentire:20230907:case:fd86e6b, author = {eSentire}, title = {{The Case of LummaC2 v4.0}}, date = {2023-09-07}, organization = {eSentire}, url = {https://www.esentire.com/blog/the-case-of-lummac2-v4-0}, language = {English}, urldate = {2023-09-12} } The Case of LummaC2 v4.0
Lumma Stealer
2023-09-07CISACISA
@techreport{cisa:20230907:multiple:e867413, author = {CISA}, title = {{Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475}}, date = {2023-09-07}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/2023-09/aa23-250a-apt-actors-exploit-cve-2022-47966-and-cve-2022-42475.pdf}, language = {English}, urldate = {2023-09-11} } Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Meterpreter MimiKatz
2023-09-07GoogleClement Lecigne, Maddie Stone, Google Threat Analysis Group
@online{lecigne:20230907:active:d42dacb, author = {Clement Lecigne and Maddie Stone and Google Threat Analysis Group}, title = {{Active North Korean campaign targeting security researchers}}, date = {2023-09-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/}, language = {English}, urldate = {2023-09-08} } Active North Korean campaign targeting security researchers
2023-09-07abuse.chabuse.ch
@online{abusech:20230907:whitesnake:22eaec8, author = {abuse.ch}, title = {{WhiteSnake Stealer malware sample on MalwareBazaar}}, date = {2023-09-07}, organization = {abuse.ch}, url = {https://bazaar.abuse.ch/sample/5066eca9c7309af16c882ffae79ceee93d5c8a8bcfe3726455c9b5589a492553/}, language = {English}, urldate = {2023-09-07} } WhiteSnake Stealer malware sample on MalwareBazaar
WhiteSnake Stealer
2023-09-07CISACISA
@online{cisa:20230907:mar10454006r5v1:3dce99f, author = {CISA}, title = {{MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors}}, date = {2023-09-07}, organization = {CISA}, url = {https://www.cisa.gov/news-events/analysis-reports/ar23-250a-0}, language = {English}, urldate = {2023-09-08} } MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors
WHIRLPOOL
2023-09-07Silent PushSilent Push
@online{push:20230907:from:455edff, author = {Silent Push}, title = {{'From Russia with a 71': Uncovering Gamaredon's fast flux infrastructure. New apex domains and ASN/IP diversity patterns discovered}}, date = {2023-09-07}, organization = {Silent Push}, url = {https://www.silentpush.com/blog/from-russia-with-a-71}, language = {English}, urldate = {2023-09-08} } 'From Russia with a 71': Uncovering Gamaredon's fast flux infrastructure. New apex domains and ASN/IP diversity patterns discovered
2023-09-07Medium (@simone.kraus)Simone Kraus
@online{kraus:20230907:critical:0746f72, author = {Simone Kraus}, title = {{Critical Energy Infrastructure Facility Attack In Ukraine}}, date = {2023-09-07}, organization = {Medium (@simone.kraus)}, url = {https://medium.com/@simone.kraus/critical-engergy-infrastructure-facility-in-ukraine-attack-b15638f6a402}, language = {English}, urldate = {2023-09-11} } Critical Energy Infrastructure Facility Attack In Ukraine
2023-09-07Department of JusticeOffice of Public Affairs
@online{affairs:20230907:multiple:8952f60, author = {Office of Public Affairs}, title = {{Multiple Foreign Nationals Charged in Connection with Trickbot Malware and Conti Ransomware Conspiracies}}, date = {2023-09-07}, organization = {Department of Justice}, url = {https://www.justice.gov/opa/pr/multiple-foreign-nationals-charged-connection-trickbot-malware-and-conti-ransomware}, language = {English}, urldate = {2023-09-08} } Multiple Foreign Nationals Charged in Connection with Trickbot Malware and Conti Ransomware Conspiracies
Conti Conti TrickBot
2023-09-07Huntress LabsHarlan Carvey
@online{carvey:20230907:evolution:4432f0b, author = {Harlan Carvey}, title = {{Evolution of USB-Borne Malware, Raspberry Robin}}, date = {2023-09-07}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/evolution-of-usb-borne-malware-raspberry-robin}, language = {English}, urldate = {2023-09-11} } Evolution of USB-Borne Malware, Raspberry Robin
Raspberry Robin
2023-09-07SekoiaJamila B.
@online{b:20230907:my:de66f96, author = {Jamila B.}, title = {{My Tea’s not cold. An overview of China’s cyber threat}}, date = {2023-09-07}, organization = {Sekoia}, url = {https://blog.sekoia.io/my-teas-not-cold-an-overview-of-china-cyber-threat/}, language = {English}, urldate = {2023-09-08} } My Tea’s not cold. An overview of China’s cyber threat
Melofee PingPull SoWaT Sword2033 MgBot MQsTTang PlugX TONESHELL
2023-09-07MicrosoftMicrosoft Threat Analysis Center (MTAC)
@online{mtac:20230907:sophistication:0ef654f, author = {Microsoft Threat Analysis Center (MTAC)}, title = {{Sophistication, scope, and scale: Digital threats from East Asia increase in breadth and effectiveness}}, date = {2023-09-07}, organization = {Microsoft}, url = {https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RW1aFyW}, language = {English}, urldate = {2023-09-11} } Sophistication, scope, and scale: Digital threats from East Asia increase in breadth and effectiveness
2023-09-07DeformDeform Team
@online{team:20230907:infamous:fc56fcd, author = {Deform Team}, title = {{The Infamous Mirai Trojan Evolves: New “Pandora” Variant Targets Android TVs}}, date = {2023-09-07}, organization = {Deform}, url = {https://deform.co/the-infamous-mirai-trojan-evolves-new-pandora-variant-targets-android-tvs/}, language = {English}, urldate = {2023-09-11} } The Infamous Mirai Trojan Evolves: New “Pandora” Variant Targets Android TVs
Mirai
2023-09-07PRODAFTPRODAFT
@online{prodaft:20230907:pti257:051897c, author = {PRODAFT}, title = {{PTI-257 (ex-Wizard Spider) - IOCs}}, date = {2023-09-07}, organization = {PRODAFT}, url = {https://github.com/prodaft/malware-ioc/tree/master/PTI-257}, language = {English}, urldate = {2023-09-18} } PTI-257 (ex-Wizard Spider) - IOCs
LockBit LockBit
2023-09-07MicrosoftClint Watts
@online{watts:20230907:china:1b6c403, author = {Clint Watts}, title = {{China, North Korea pursue new targets while honing cyber capabilities}}, date = {2023-09-07}, organization = {Microsoft}, url = {https://blogs.microsoft.com/on-the-issues/2023/09/07/digital-threats-cyberattacks-east-asia-china-north-korea/}, language = {English}, urldate = {2023-09-08} } China, North Korea pursue new targets while honing cyber capabilities