Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2017-07-31ProofpointDarien Huss, Matthew Mesa
FIN7/Carbanak threat actor unleashes Bateleur JScript backdoor
Bateleur FIN7
2017-07-20ESET ResearchFrédéric Vachon, Matthieu Faou
Stantinko: A massive adware campaign operating covertly since 2012
Stantinko
2017-07-05Cisco TalosAleksandar Nikolic, David Maynor, Matt Olney, Yves Younan
The MeDoc Connection
TeleDoor
2017-06-28ComaeMatt Suiche
Petya.2017 is a wiper not a ransomware
2017-06-21CiscoAlex Chiu, Jaeson Schultz, Matthew Molyett, Sean Baird, Warren Mercer
Player 1 Limps Back Into the Ring - Hello again, Locky!
Locky
2017-06-01ProofpointAxel F, Matthew Mesa, Pierre T, Travis Green
Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions
Cobalt
2017-05-19ComaeMatt Suiche
WannaCry — Decrypting files with WanaKiwi + Demos
WannaCryptor
2017-05-14ComaeMatt Suiche
WannaCry — New Variants Detected!
WannaCryptor
2017-05-12ComaeMatt Suiche
WannaCry — The largest ransom-ware infection in History
WannaCryptor
2017-05-03FireEyeDJ Palombo, Jon Erickson, Matthew McWhirt
To SDB, Or Not To SDB: FIN7 Leveraging Shim Databases for Persistence
FIN7
2017-04-04GitHub (matthewdunwoody)Matthew Dunwoody
POSHSPY backdoor code
POSHSPY
2017-04-03Cisco TalosMatthew Molyett, Paul Rascagnères, Warren Mercer
Introducing ROKRAT
RokRAT
2017-04-03FireEyeMatthew Dunwoody
Dissecting One of APT29’s Fileless WMI and PowerShell Backdoors (POSHSPY)
POSHSPY APT29
2017-02-01ESET ResearchJean-Ian Boutin, Matthieu Faou
Read The Manual: A Guide to the RTM Banking Trojan
RTM RTM
2016-11-17CitizenLabAdam Hulcoop, Etienne Maynier, John Scott-Railton, Masashi Crete-Nishihata, Matt Brooks
It’s Parliamentary - KeyBoy and the targeting of the Tibetan Community
KeyBoy
2016-10-07FireEyeMatt Bromiley, Preston Lewis
Attacking the Hospitality and Gaming Industries: Tracking an Attacker Around the World in 7 Years
RawPOS
2016-05-12ProofpointAxel F, Matthew Mesa
Hancitor and Ruckguv Reappear, Updated and With Vawtrak On Deck
Hancitor Ruckguv
2016-05-10ProofpointDarien Huss, Matthew Mesa
Setting Sights On Retail: AbaddonPOS Now Targeting Specific POS Software
AbaddonPOS TinyLoader
2015-08-24DarkMattersBev Robb
Sphinx: New Zeus Variant for Sale on the Black Market
Zeus Sphinx
2015-01-01RuxconMatt McCormack
WHY ATTACKER TOOLSETS DO WHAT THEY DO
Winnti
2014-11-24CrowdStrikeMatt Dahl
I am Ironman: DEEP PANDA Uses Sakula Malware to Target Organizations in Multiple Sectors
APT19
2014-05-13CrowdStrikeMatt Dahl
Cat Scratch Fever: CrowdStrike Tracks Newly Reported Iranian Actor as FLYING KITTEN
Flying Kitten
2014-03-12Blog (Artem Baranov)Andrzej Dereszowski, Matthieu Kaczmarek
Uroburos: the snake rootkit
Uroburos
2013-10-10CrowdStrikeMatt Dahl
Regional Conflict and Cyber Blowback
Corsair Jackal
2013-05-03CrowdStrikeMatt Dahl
Department of Labor Strategic Web Compromise
APT19
2011-08-27MicrosoftMatt McCormack
Morto.A
Morto
2009-10-08Defence Intelligence, Ministry of Defence UKMatt Thompson
Mariposa Botnet Analysis
Mariposa
2009-07-08The GuardianMatthew Weaver
Cyber attackers target South Korea and US
Lazarus Group
2004-04-15SANS GIACMatt Goldencrown
MyDoom is Your Doom: An Analysis of the MyDoom Virus
MyDoom