Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-02-04Trend MicroPeter Girnus
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks
SmokeLoader
2025-01-29SocketKirill Boychenko, Peter van der Zee
North Korean APT Lazarus Targets Developers with Malicious npm Package
BeaverTail InvisibleFerret
2024-11-27ESET ResearchMartin Smolár, Peter Strýček
Bootkitty: Analyzing the first UEFI bootkit for Linux
Bootkitty
2024-07-15TrendmicroAliakbar Zahravi, Peter Girnus
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks
Void Banshee
2024-07-15Trend MicroAliakbar Zahravi, Peter Girnus
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks
2024-06-19Trend MicroAhmed Mohamed Ibrahim, Aliakbar Zahravi, Peter Girnus
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework
ValleyRAT Void Arachne
2024-03-13Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
DarkGate
2024-02-13Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
DarkMe
2024-01-30AT&T CybersecurityPeter Boyle
DarkGate malware delivered via Microsoft Teams - detection and response
DarkGate
2024-01-12Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
Phemedrone Stealer
2023-11-23Trend MicroAliakbar Zahravi, Peter Girnus
ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil
ParaSiteSnatcher
2023-11-20Trend MicroPeter Girnus
CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits
2023-10-04Virus BulletinPeter Kálnai
Lazarus Campaigns and Backdoors in 2022-23
SimpleTea POOLRAT 3CX Backdoor BLINDINGCAN CLOUDBURST DRATzarus ForestTiger ImprudentCook LambLoad LightlessCan miniBlindingCan PostNapTea SnatchCrypto wAgentTea WebbyTea WinInetLoader
2023-09-29ESET ResearchPeter Kálnai
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
CLOUDBURST LightlessCan miniBlindingCan sRDI
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-04-20ESET ResearchMarc-Etienne M.Léveillé, Peter Kálnai
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL SimpleTea POOLRAT 3CX Backdoor BADCALL IconicStealer
2023-02-09Trend MicroAliakbar Zahravi, Peter Girnus
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
Enigma Loader
2023-01-17Trend MicroAliakbar Zahravi, Peter Girnus
Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
NjRAT
2022-09-30ESET ResearchPeter Kálnai
Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium
BLINDINGCAN FudModule HTTP(S) uploader LambLoad TOUCHMOVE
2022-09-30Virus BulletinMatěj Havránek, Peter Kálnai
Lazarus & BYOVD: evil to the Windows core
FudModule