Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2018-01-25CrowdStrikeRyan McCombs, Jason Barnes, Karan Sood, Ian Barton
@online{mccombs:20180125:wannamine:4af3a66, author = {Ryan McCombs and Jason Barnes and Karan Sood and Ian Barton}, title = {{WannaMine Cryptomining: Harmless Nuisance or Disruptive Threat?}}, date = {2018-01-25}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/cryptomining-harmless-nuisance-disruptive-threat/}, language = {English}, urldate = {2020-11-25} } WannaMine Cryptomining: Harmless Nuisance or Disruptive Threat?
WannaMine
2018-01-24BitdefenderBogdan Botezatu
@online{botezatu:20180124:new:f993782, author = {Bogdan Botezatu}, title = {{New Hide ‘N Seek IoT Botnet using custom-built Peer-to-Peer communication spotted in the wild}}, date = {2018-01-24}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2018/01/new-hide-n-seek-iot-botnet-using-custom-built-peer-to-peer-communication-spotted-in-the-wild/}, language = {English}, urldate = {2020-01-08} } New Hide ‘N Seek IoT Botnet using custom-built Peer-to-Peer communication spotted in the wild
Hide and Seek
2018-01-23ThreatpostTom Spring
@online{spring:20180123:satori:f08d827, author = {Tom Spring}, title = {{Satori Author Linked to New Mirai Variant Masuta}}, date = {2018-01-23}, organization = {Threatpost}, url = {https://threatpost.com/satori-author-linked-to-new-mirai-variant-masuta/129640/}, language = {English}, urldate = {2020-01-13} } Satori Author Linked to New Mirai Variant Masuta
Masuta
2018-01-16Opcode Security researchntopcode
@online{ntopcode:20180116:anatomy:23e57c1, author = {ntopcode}, title = {{Anatomy of the thread suspension mechanism in Windows (Windows Internals)}}, date = {2018-01-16}, organization = {Opcode Security research}, url = {https://ntopcode.wordpress.com/2018/01/16/anatomy-of-the-thread-suspension-mechanism-in-windows-windows-internals/}, language = {English}, urldate = {2022-04-15} } Anatomy of the thread suspension mechanism in Windows (Windows Internals)
2017-12-13Bleeping ComputerLawrence Abrams
@online{abrams:20171213:work:d439b4b, author = {Lawrence Abrams}, title = {{WORK Cryptomix Ransomware Variant Released}}, date = {2017-12-13}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/work-cryptomix-ransomware-variant-released/}, language = {English}, urldate = {2019-12-20} } WORK Cryptomix Ransomware Variant Released
CryptoMix
2017-11-14Palo Alto Networks Unit 42Tom Lancaster
@online{lancaster:20171114:muddying:aa0467a, author = {Tom Lancaster}, title = {{Muddying the Water: Targeted Attacks in the Middle East}}, date = {2017-11-14}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-muddying-the-water-targeted-attacks-in-the-middle-east/}, language = {English}, urldate = {2020-01-08} } Muddying the Water: Targeted Attacks in the Middle East
POWERSTATS MuddyWater
2017-11-13SecurityIntelligenceLimor Kessem, Maor Wiesen, Tal Darsan, Tomer Agayev
@online{kessem:20171113:new:bb937fd, author = {Limor Kessem and Maor Wiesen and Tal Darsan and Tomer Agayev}, title = {{New Banking Trojan IcedID Discovered by IBM X-Force Research}}, date = {2017-11-13}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/}, language = {English}, urldate = {2019-11-27} } New Banking Trojan IcedID Discovered by IBM X-Force Research
IcedID IcedID Downloader
2017-11Virus BulletinPatrick Wardle
@online{wardle:201711:offensive:6abd0b8, author = {Patrick Wardle}, title = {{Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server}}, date = {2017-11}, organization = {Virus Bulletin}, url = {https://www.virusbulletin.com/virusbulletin/2017/11/vb2017-paper-offensive-malware-analysis-dissecting-osxfruitflyb-custom-cc-server/}, language = {English}, urldate = {2020-01-08} } Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server
FruitFly
2017-10-16401TRGTom Hegel
@online{hegel:20171016:update:9033e56, author = {Tom Hegel}, title = {{An Update on Winnti (LEAD/APT17)}}, date = {2017-10-16}, organization = {401TRG}, url = {https://401trg.pw/an-update-on-winnti/}, language = {English}, urldate = {2019-08-05} } An Update on Winnti (LEAD/APT17)
2017-09-22ThreatpostTom Spring
@online{spring:20170922:eternalblue:a6be32b, author = {Tom Spring}, title = {{EternalBlue Exploit Used in Retefe Banking Trojan Campaign}}, date = {2017-09-22}, organization = {Threatpost}, url = {https://threatpost.com/eternalblue-exploit-used-in-retefe-banking-trojan-campaign/128103/}, language = {English}, urldate = {2020-01-08} } EternalBlue Exploit Used in Retefe Banking Trojan Campaign
Retefe
2017-09-21MalwarebytesJérôme Segura
@online{segura:20170921:fake:5f5963f, author = {Jérôme Segura}, title = {{Fake IRS notice delivers customized spying tool}}, date = {2017-09-21}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2017/09/cve-2017-0199-used-to-deliver-modified-rms-agent-rat/}, language = {English}, urldate = {2019-12-20} } Fake IRS notice delivers customized spying tool
RMS
2017-08-22ESET ResearchTomáš Gardoň
@online{gardo:20170822:gamescom:764a8eb, author = {Tomáš Gardoň}, title = {{Gamescom 2017: It’s all fun and games until black hats step in}}, date = {2017-08-22}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/08/22/gamescom-2017-fun-blackhats/}, language = {English}, urldate = {2019-11-14} } Gamescom 2017: It’s all fun and games until black hats step in
Joao
2017-08-11ThreatpostTom Spring
@online{spring:20170811:ukrainian:eb4451f, author = {Tom Spring}, title = {{Ukrainian Man Arrested, Charged in NotPetya Distribution}}, date = {2017-08-11}, organization = {Threatpost}, url = {https://threatpost.com/ukrainian-man-arrested-charged-in-notpetya-distribution/127391/}, language = {English}, urldate = {2020-01-05} } Ukrainian Man Arrested, Charged in NotPetya Distribution
EternalPetya
2017-08-10botfrei BlogTom Berchem
@online{berchem:20170810:weltweite:5df6bfa, author = {Tom Berchem}, title = {{Weltweite Spamwelle verbreitet teuflische Variante des Locky}}, date = {2017-08-10}, organization = {botfrei Blog}, url = {https://blog.botfrei.de/2017/08/weltweite-spamwelle-verbreitet-teufliche-variante-des-locky/}, language = {German}, urldate = {2019-12-10} } Weltweite Spamwelle verbreitet teuflische Variante des Locky
Locky
2017-08-01Palo Alto Networks Unit 42Tomer Bar, Simon Conant
@online{bar:20170801:prince:db6038a, author = {Tomer Bar and Simon Conant}, title = {{Prince of Persia – Ride the Lightning: Infy returns as “Foudre”}}, date = {2017-08-01}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2017/08/unit42-prince-persia-ride-lightning-infy-returns-foudre/}, language = {English}, urldate = {2019-12-20} } Prince of Persia – Ride the Lightning: Infy returns as “Foudre”
Infy Infy
2017-08-01Palo Alto Networks Unit 42Tomer Bar, Simon Conant
@online{bar:20170801:prince:e7d5542, author = {Tomer Bar and Simon Conant}, title = {{Prince of Persia – Ride the Lightning: Infy returns as “Foudre”}}, date = {2017-08-01}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-prince-persia-ride-lightning-infy-returns-foudre/}, language = {English}, urldate = {2020-01-08} } Prince of Persia – Ride the Lightning: Infy returns as “Foudre”
Infy
2017-07-11401 TRGTom Hegel, Nate Marx
@online{hegel:20170711:winnti:e03c673, author = {Tom Hegel and Nate Marx}, title = {{Winnti (LEAD/APT17) Evolution - Going Open Source}}, date = {2017-07-11}, organization = {401 TRG}, url = {https://401trg.pw/winnti-evolution-going-open-source/}, language = {English}, urldate = {2019-12-18} } Winnti (LEAD/APT17) Evolution - Going Open Source
2017-07-05Bleeping ComputerLawrence Abrams
@online{abrams:20170705:new:f1fc004, author = {Lawrence Abrams}, title = {{New Azer CryptoMix Ransomware Variant Released}}, date = {2017-07-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-azer-cryptomix-ransomware-variant-released/}, language = {English}, urldate = {2023-02-06} } New Azer CryptoMix Ransomware Variant Released
CryptoMix
2017-06-27Palo Alto Networks Unit 42Tom Lancaster, Esmid Idrizovic
@online{lancaster:20170627:paranoid:f933eb4, author = {Tom Lancaster and Esmid Idrizovic}, title = {{Paranoid PlugX}}, date = {2017-06-27}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2017/06/unit42-paranoid-plugx/}, language = {English}, urldate = {2019-12-20} } Paranoid PlugX
PlugX
2017-06-16FireEyeFireEye
@techreport{fireeye:20170616:fin10:aa62677, author = {FireEye}, title = {{FIN10: Anatomy of a Cyber Extortion Operation}}, date = {2017-06-16}, institution = {FireEye}, url = {https://www2.fireeye.com/rs/848-DID-242/images/rpt-fin10.pdf}, language = {English}, urldate = {2020-01-08} } FIN10: Anatomy of a Cyber Extortion Operation
FIN10