Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-05-23Daniel Frank, Lior Rochberger
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia
SweetSpecter TunnelSpecter
2024-02-12Palo Alto Networks Unit 42Dan Yashnik, Lior Rochberger
Diving Into Glupteba's UEFI Bootkit
Glupteba
2023-09-22Palo Alto Networks Unit 42Lior Rochberger, Robert Falcone, Tom Fakterman
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda
Cobalt Strike MimiKatz RemCom ShadowPad TONESHELL
2023-09-22Palo Alto Networks Unit 42Lior Rochberger, Robert Falcone, Tom Fakterman
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus
Reshell GALLIUM
2023-08-01Palo Alto Networks Unit 42Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm
2023-07-20paloalto Netoworks: Unit42Lior Rochberger, Shimi Cohen
Threat Group Assessment: Mallox Ransomware
TargetCompany
2023-06-16Palo Alto Networks: Cortex Threat ResearchLior Rochberger
Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa
CHINACHOPPER Ladon Yasso CL-STA-0043
2022-05-09CybereasonLior Rochberger
Cybereason vs. Quantum Locker Ransomware
IcedID Mount Locker
2022-02-08CybereasonLior Rochberger
Cybereason vs. Lorenz Ransomware
Lorenz
2021-08-03CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
CHINACHOPPER Cobalt Strike MimiKatz Nebulae
2021-04-22CybereasonLior Rochberger
Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
Prometei Prometei
2021-01-12CybereasonLior Rochberger
Cybereason vs. Conti Ransomware
BazarBackdoor Conti
2020-11-26CybereasonCybereason Nocturnus, Lior Rochberger
Cybereason vs. Egregor Ransomware
Cobalt Strike Egregor IcedID ISFB QakBot
2020-11-02CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
Back to the Future: Inside the Kimsuky KGH Spyware Suite
BabyShark GoldDragon KGH_SPY Kimsuky
2020-05-28CybereasonAssaf Dahan, Eli Salem, Lior Rochberger
Valak: More than Meets the Eye
Valak
2020-04-30CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Yaron Rimmer
EVENTBOT: A NEW MOBILE BANKING TROJAN IS BORN
Eventbot
2020-02-05CybereasonAssaf Dahan, Lior Rochberger
The Hole in the Bucket: Attackers Abuse Bitbucket to Deliver an Arsenal of Malware
Amadey Azorult Predator The Thief STOP Vidar
2019-12-11CybereasonAssaf Dahan, Eli Salem, Lior Rochberger, Mary Zhao, Matt Hart, Niv Yona, Omer Yampel
Dropping Anchor: From a TrickBot Infection to the Discovery of the Anchor Malware
Anchor WIZARD SPIDER
2019-10-24CybereasonAssaf Dahan, Cybereason Nocturnus, Lior Rochberger
Hunting Raccoon: The new Masked Bandit on the Block
Raccoon
2019-04-02CybereasonLior Rochberger, Matan Zatz, Noa Pinkas
Triple Threat: Emotet Deploys Trickbot to Steal Data & Spread Ryuk
Ryuk TrickBot
2019-01-03CybereasonEli Salem, Lior Rochberger, Niv Yona
LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack
sLoad