Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2018-03-30360 Threat IntelligenceQi Anxin Threat Intelligence Center
@online{center:20180330:analysis:4f1feb9, author = {Qi Anxin Threat Intelligence Center}, title = {{Analysis of the latest cyber attack activity of the APT organization against sensitive institutions in China}}, date = {2018-03-30}, organization = {360 Threat Intelligence}, url = {https://ti.360.net/blog/articles/analysis-of-apt-c-09-target-china/}, language = {Chinese}, urldate = {2020-01-13} } Analysis of the latest cyber attack activity of the APT organization against sensitive institutions in China
Quasar RAT
2018-03-08AvastThreat Intelligence Team
@online{team:20180308:new:f825c46, author = {Threat Intelligence Team}, title = {{New investigations into the CCleaner incident point to a possible third stage that had keylogger capacities}}, date = {2018-03-08}, organization = {Avast}, url = {https://blog.avast.com/new-investigations-in-ccleaner-incident-point-to-a-possible-third-stage-that-had-keylogger-capacities}, language = {English}, urldate = {2020-01-08} } New investigations into the CCleaner incident point to a possible third stage that had keylogger capacities
CCleaner Backdoor
2018-02-21AvastThreat Intelligence Team
@online{team:20180221:avast:3991fd0, author = {Threat Intelligence Team}, title = {{Avast tracks down Tempting Cedar Spyware}}, date = {2018-02-21}, organization = {Avast}, url = {https://blog.avast.com/avast-tracks-down-tempting-cedar-spyware}, language = {English}, urldate = {2020-01-08} } Avast tracks down Tempting Cedar Spyware
TemptingCedar Spyware
2018FireEyeFireEye
@techreport{fireeye:2018:forrester:ae307d3, author = {FireEye}, title = {{The Forrester New Wave™: External Threat Intelligence Services, Q3 2018.}}, date = {2018}, institution = {FireEye}, url = {http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf}, language = {English}, urldate = {2020-01-08} } The Forrester New Wave™: External Threat Intelligence Services, Q3 2018.
Comment Crew
2017-09-25AvastThreat Intelligence Team
@online{team:20170925:additional:d65b214, author = {Threat Intelligence Team}, title = {{Additional information regarding the recent CCleaner APT security incident}}, date = {2017-09-25}, organization = {Avast}, url = {https://blog.avast.com/additional-information-regarding-the-recent-ccleaner-apt-security-incident}, language = {English}, urldate = {2020-01-10} } Additional information regarding the recent CCleaner APT security incident
CCleaner Backdoor
2017-09-21AvastThreat Intelligence Team
@online{team:20170921:avast:c2efbfe, author = {Threat Intelligence Team}, title = {{Avast Threat Labs analysis of CCleaner incident}}, date = {2017-09-21}, organization = {Avast}, url = {https://blog.avast.com/avast-threat-labs-analysis-of-ccleaner-incident}, language = {English}, urldate = {2020-01-08} } Avast Threat Labs analysis of CCleaner incident
CCleaner Backdoor
2017-07-17MalwarebytesThreat Intelligence Team
@online{team:20170717:its:4b94b0b, author = {Threat Intelligence Team}, title = {{It’s baaaack: Public cyber enemy Emotet has returned}}, date = {2017-07-17}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/}, language = {English}, urldate = {2020-07-17} } It’s baaaack: Public cyber enemy Emotet has returned
Emotet
2016-09-14DeloitteDeloitte
@techreport{deloitte:20160914:evolution:67ad556, author = {Deloitte}, title = {{The evolution of the Nymaim Criminal Enterprise Threat Intelligence & Analytics}}, date = {2016-09-14}, institution = {Deloitte}, url = {https://www2.deloitte.com/content/dam/Deloitte/us/Documents/risk/us-aers-the-evolution-of-the-nymaim-criminal-enterprise.pdf}, language = {English}, urldate = {2022-03-28} } The evolution of the Nymaim Criminal Enterprise Threat Intelligence & Analytics
Nymaim
2016-04-06AvastThreat Intelligence Team
@online{team:20160406:andromeda:4b7f3e6, author = {Threat Intelligence Team}, title = {{Andromeda under the microscope}}, date = {2016-04-06}, organization = {Avast}, url = {https://blog.avast.com/andromeda-under-the-microscope}, language = {English}, urldate = {2020-01-13} } Andromeda under the microscope
Andromeda
2016-01-28FireEyeFireEye Threat Intelligence
@online{intelligence:20160128:centerpos:551f13b, author = {FireEye Threat Intelligence}, title = {{CenterPOS: An Evolving POS Threat}}, date = {2016-01-28}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2016/01/centerpos_an_evolvi.html}, language = {English}, urldate = {2019-12-20} } CenterPOS: An Evolving POS Threat
CenterPOS
2015-12-21FireEyeRyann Winters, FireEye Threat Intelligence
@online{winters:20151221:eps:808808c, author = {Ryann Winters and FireEye Threat Intelligence}, title = {{The EPS Awakens - Part 2}}, date = {2015-12-21}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/12/the-eps-awakens-part-two.html}, language = {English}, urldate = {2019-12-20} } The EPS Awakens - Part 2
ELMER IRONHALO EvilPost
2015-12-01FireEyeFireEye Threat Intelligence
@online{intelligence:20151201:chinabased:8836a81, author = {FireEye Threat Intelligence}, title = {{China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets}}, date = {2015-12-01}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html}, language = {English}, urldate = {2019-12-20} } China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets
BUBBLEWRAP LOWBALL Temper Panda
2015-07FireEyeFireEye Threat Intelligence
@techreport{intelligence:201507:hammertoss:9275999, author = {FireEye Threat Intelligence}, title = {{HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat Group}}, date = {2015-07}, institution = {FireEye}, url = {https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf}, language = {English}, urldate = {2019-10-23} } HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat Group
tDiscoverer APT 29
2014-05Arbor NetworksASERT Threat Intelligence
@techreport{intelligence:201405:into:e8ffc24, author = {ASERT Threat Intelligence}, title = {{Into the Light of Day:Uncovering Ongoing and Historical Point of Sale Malware and Attack Campaigns}}, date = {2014-05}, institution = {Arbor Networks}, url = {http://pages.arbornetworks.com/rs/arbor/images/ASERT%20Threat%20Intelligence%20Brief%202014-06%20Uncovering%20PoS%20Malware%20and%20Attack%20Campaigns.pdf}, language = {English}, urldate = {2020-01-06} } Into the Light of Day:Uncovering Ongoing and Historical Point of Sale Malware and Attack Campaigns
poscardstealer
2013-05-20AvastThreat Intelligence Team
@online{team:20130520:lockscreen:22b0503, author = {Threat Intelligence Team}, title = {{Lockscreen Win32:Lyposit displayed as a fake MacOs app}}, date = {2013-05-20}, organization = {Avast}, url = {https://blog.avast.com/2013/05/20/lockscreen-win32lyposit-displayed-as-a-fake-macos-app/}, language = {English}, urldate = {2020-01-10} } Lockscreen Win32:Lyposit displayed as a fake MacOs app
Lyposit