Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-10-25ESET ResearchMatthieu Faou
Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers
Unidentified JS 006 (Winter Wyvern) Winter Vivern
2023-08-10ESET ResearchMatthieu Faou
MoustachedBouncer AitM-powered surveillance via Belarus ISPs
NightClub
2023-08-10ESET ResearchMatthieu Faou
MoustachedBouncer: Espionage against foreign diplomats in Belarus
NightClub MoustachedBouncer
2022-04-27ESET ResearchAlexandre Côté Cyr, Matthieu Faou
A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity
FlowCloud Lookback Witchetty
2021-11-16ESET ResearchMatthieu Faou
Strategic web compromises in the Middle East with a pinch of Candiru
Caramel Tsunami Karkadann
2021-09-23ESET ResearchMatthieu Faou, Tahseen Bin Taj
FamousSparrow: A suspicious hotel guest
SparrowDoor GhostEmperor
2021-06-09ESET ResearchMatthieu Faou, Thomas Dupuy
Gelsemium: When threat actors go gardening
Gelsemium
2021-06-09ESET ResearchMatthieu Faou, Thomas Dupuy
Gelsemium: When threat actors go gardening
Owlproxy
2021-04-29ESET ResearchAndy Garth, Daniel Chromek, Matthieu Faou, Robert Lipovsky, Tony Anscombe
ESET Industry Report on Government: Targeted but not alone
Exaramel Crutch Exaramel HyperBro HyperSSL InvisiMole XDSpy
2021-03-10ESET ResearchMathieu Tartare, Matthieu Faou, Thomas Dupuy
Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda
2021-02-01ESET ResearchIgnacio Sanmillan, Matthieu Faou
Operation NightScout: Supply‑chain attack targets online gaming in Asia
Ghost RAT NoxPlayer Poison Ivy Red Dev 17
2020-12-17ESET ResearchIgnacio Sanmillan, Matthieu Faou
Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
SManager
2020-12-02ESET ResearchMatthieu Faou
Turla Crutch: Keeping the “back door” open
Crutch Gazer Turla
2020-10-02ESET ResearchMatthieu Faou
XDSpy: Stealing government secrets since 2011
XDSpy XDSpy
2020-10-01Github (eset)Matthieu Faou
XDSpy Indicators of Compromise
XDSpy XDSpy
2020-09-30Virus BulletinFrancis Labelle, Matthieu Faou
XDSPY: STEALING GOVERNMENT SECRETS SINCE 2011
XDSpy XDSpy
2020-09-02ESET ResearchAlexandre Côté Cyr, Matthieu Faou
KryptoCibule: The multitasking multicurrency cryptostealer
KryptoCibule
2020-05-26ESET ResearchMatthieu Faou
From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper)
Agent.BTZ
2020-05-26ESET ResearchMatthieu Faou
From Agent.BTZ to ComRAT v4: A ten‑year journey
Agent.BTZ
2020-03-12ESET ResearchMatthieu Faou
Tracking Turla: New backdoor delivered via Armenian watering holes
LightNeuron Mosquito NetFlash Skipper
2019-10-17ESET ResearchMathieu Tartare, Matthieu Faou, Thomas Dupuy
OPERATION GHOST The Dukes aren’t back — they never left
FatDuke
2019-05-29ESET ResearchMatthieu Faou, Romain Dumont
A dive into Turla PowerShell usage
PowerShellRunner TurlaRPC
2019-05-07ESET ResearchMatthieu Faou
Turla LightNeuron: An email too far
LightNeuron
2019-05-01ESET ResearchMatthieu Faou
TURLA LIGHTNEURON: One email away from remote code execution
LightNeuron
2018-09-05ESET ResearchMatthieu Faou
PowerPool malware exploits ALPC LPE zero‑day vulnerability
ALPC Local PrivEsc PowerPool
2017-07-20ESET ResearchFrédéric Vachon, Matthieu Faou
Stantinko: A massive adware campaign operating covertly since 2012
Stantinko
2017-02-01ESET ResearchJean-Ian Boutin, Matthieu Faou
Read The Manual: A Guide to the RTM Banking Trojan
RTM RTM