Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2016-05-22Palo Alto Networks Unit 42Micah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn, Tom Keigher
@online{yates:20160522:operation:2e8f4a8, author = {Micah Yates and Mike Scott and Brandon Levene and Jen Miller-Osborn and Tom Keigher}, title = {{Operation Ke3chang Resurfaces With New TidePool Malware}}, date = {2016-05-22}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/}, language = {English}, urldate = {2019-12-20} } Operation Ke3chang Resurfaces With New TidePool Malware
Tidepool
2016-05-20ReutersTom Bergin, Nathan Layne
@online{bergin:20160520:special:46b3cc4, author = {Tom Bergin and Nathan Layne}, title = {{Special Report: Cyber thieves exploit banks' faith in SWIFT transfer network}}, date = {2016-05-20}, organization = {Reuters}, url = {https://www.reuters.com/article/us-cyber-heist-swift-specialreport-idUSKCN0YB0DD}, language = {English}, urldate = {2019-12-17} } Special Report: Cyber thieves exploit banks' faith in SWIFT transfer network
Lazarus Group
2016-05-02Palo Alto Networks Unit 42Tomer Bar, Simon Conant
@online{bar:20160502:prince:cfd5940, author = {Tomer Bar and Simon Conant}, title = {{Prince of Persia: Infy Malware Active In Decade of Targeted Attacks}}, date = {2016-05-02}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/05/prince-of-persia-infy-malware-active-in-decade-of-targeted-attacks/}, language = {English}, urldate = {2020-04-06} } Prince of Persia: Infy Malware Active In Decade of Targeted Attacks
Infy Infy
2016-05-02Palo Alto Networks Unit 42Tomer Bar, Simon Conant
@online{bar:20160502:prince:8b14d7f, author = {Tomer Bar and Simon Conant}, title = {{Prince of Persia: Infy Malware Active In Decade of Targeted Attacks}}, date = {2016-05-02}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2016/05/prince-of-persia-infy-malware-active-in-decade-of-targeted-attacks/}, language = {English}, urldate = {2019-12-20} } Prince of Persia: Infy Malware Active In Decade of Targeted Attacks
Infy
2016-05-02Palo Alto Networks Unit 42Tomer Bar, Simon Conant
@online{bar:20160502:prince:7769673, author = {Tomer Bar and Simon Conant}, title = {{Prince of Persia: Infy Malware Active In Decade of Targeted Attacks}}, date = {2016-05-02}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/prince-of-persia-infy-malware-active-in-decade-of-targeted-attacks/}, language = {English}, urldate = {2020-01-06} } Prince of Persia: Infy Malware Active In Decade of Targeted Attacks
Infy
2016-04-21ThreatpostTom Spring
@online{spring:20160421:pos:008ddcb, author = {Tom Spring}, title = {{PoS Attacks Net Crooks 20 Million Stolen Bank Cards}}, date = {2016-04-21}, organization = {Threatpost}, url = {https://threatpost.com/pos-attacks-net-crooks-20-million-stolen-bank-cards/117595/}, language = {English}, urldate = {2020-01-10} } PoS Attacks Net Crooks 20 Million Stolen Bank Cards
Vawtrak
2016-04-07ThreatpostTom Spring
@online{spring:20160407:fbi:2f6e04d, author = {Tom Spring}, title = {{FBI Quietly Admits to Multi-Year APT Attack, Sensitive Data Stolen}}, date = {2016-04-07}, organization = {Threatpost}, url = {https://threatpost.com/fbi-quietly-admits-to-multi-year-apt-attack-sensitive-data-stolen/117267/}, language = {English}, urldate = {2020-01-06} } FBI Quietly Admits to Multi-Year APT Attack, Sensitive Data Stolen
APT6
2016-03-28FireEyeNart Villeneuve
@online{villeneuve:20160328:treasurehunt:4224770, author = {Nart Villeneuve}, title = {{TREASUREHUNT: A Custom POS Malware Tool}}, date = {2016-03-28}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2016/03/treasurehunt_a_cust.html}, language = {English}, urldate = {2019-12-20} } TREASUREHUNT: A Custom POS Malware Tool
TreasureHunter
2016-03-23ESET ResearchTomáš Gardoň
@online{gardo:20160323:new:c7c1042, author = {Tomáš Gardoň}, title = {{New self‑protecting USB trojan able to avoid detection}}, date = {2016-03-23}, organization = {ESET Research}, url = {http://www.welivesecurity.com/2016/03/23/new-self-protecting-usb-trojan-able-to-avoid-detection/}, language = {English}, urldate = {2019-12-20} } New self‑protecting USB trojan able to avoid detection
Arefty ThumbThief
2016-01-18ProofpointProofpoint Staff
@online{staff:20160118:updated:c96de1d, author = {Proofpoint Staff}, title = {{Updated Blackmoon banking Trojan stays focused on South Korean banking customers}}, date = {2016-01-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/Updated-Blackmoon-Banking-Trojan}, language = {English}, urldate = {2019-12-20} } Updated Blackmoon banking Trojan stays focused on South Korean banking customers
KrBanker
2015-12-03360 Internet Security CenterYa Liu
@techreport{liu:20151203:automatically:7e1f412, author = {Ya Liu}, title = {{Automatically Classifying Unknown Bots by The REGISTER Messages}}, date = {2015-12-03}, institution = {360 Internet Security Center}, url = {https://www.botconf.eu/wp-content/uploads/2015/12/OK-P13-Liu-Ya-Automatically-Classify-Unknown-Bots-by-The-Register-Messages.pdf}, language = {English}, urldate = {2022-07-01} } Automatically Classifying Unknown Bots by The REGISTER Messages
Dofloo MrBlack XOR DDoS DarkShell
2015-06-10Kleissner & AssociatesPeter Kleissner
@online{kleissner:20150610:pony:2dbaf47, author = {Peter Kleissner}, title = {{Pony + Pkybot + Automated Transfer System = Banker}}, date = {2015-06-10}, organization = {Kleissner & Associates}, url = {http://blog.kleissner.org/?p=788}, language = {English}, urldate = {2020-01-08} } Pony + Pkybot + Automated Transfer System = Banker
Pkybot
2015-04-27PWCTom Lancaster
@online{lancaster:20150427:attacks:8467adc, author = {Tom Lancaster}, title = {{Attacks against Israeli & Palestinian interests}}, date = {2015-04-27}, organization = {PWC}, url = {https://pwc.blogs.com/cyber_security_updates/2015/04/attacks-against-israeli-palestinian-interests.html}, language = {English}, urldate = {2020-01-08} } Attacks against Israeli & Palestinian interests
Molerats
2015-04-18FireEyeDan Caselden, Yasir Khalid, James “Tom” Bennett, Genwei Jiang, Corbin Souffrant, Joshua Homan, Jonathan Wrolstad, Chris Phillips, Darien Kin
@online{caselden:20150418:operation:f2f3cba, author = {Dan Caselden and Yasir Khalid and James “Tom” Bennett and Genwei Jiang and Corbin Souffrant and Joshua Homan and Jonathan Wrolstad and Chris Phillips and Darien Kin}, title = {{Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack}}, date = {2015-04-18}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html}, language = {English}, urldate = {2019-10-16} } Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack
APT28
2015-02-05FireEyeMichael Lin, Derek Gooley
@online{lin:20150205:anatomy:91eb612, author = {Michael Lin and Derek Gooley}, title = {{Anatomy of a Brute Force Campaign: The Story of Hee Thai Limited}}, date = {2015-02-05}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/02/anatomy_of_a_brutef.html}, language = {English}, urldate = {2019-12-20} } Anatomy of a Brute Force Campaign: The Story of Hee Thai Limited
XOR DDoS
2015-01-29JPCERT/CCShusei Tomonaga
@online{tomonaga:20150129:analysis:0eaad95, author = {Shusei Tomonaga}, title = {{Analysis of a Recent PlugX Variant - “P2P PlugX”}}, date = {2015-01-29}, organization = {JPCERT/CC}, url = {http://blog.jpcert.or.jp/2015/01/analysis-of-a-r-ff05.html}, language = {English}, urldate = {2020-01-09} } Analysis of a Recent PlugX Variant - “P2P PlugX”
PlugX
2014-11-03Kaspersky LabsKurt Baumgartner, Maria Garnaeva
@online{baumgartner:20141103:be2:ea8544a, author = {Kurt Baumgartner and Maria Garnaeva}, title = {{BE2 custom plugins, router abuse, and target profiles}}, date = {2014-11-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/be2-custom-plugins-router-abuse-and-target-profiles/67353/}, language = {English}, urldate = {2019-12-20} } BE2 custom plugins, router abuse, and target profiles
BlackEnergy
2014-10-27PWCChris Doman, Tom Lancaster
@online{doman:20141027:scanbox:c4beb38, author = {Chris Doman and Tom Lancaster}, title = {{ScanBox framework – who’s affected, and who’s using it?}}, date = {2014-10-27}, organization = {PWC}, url = {http://pwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whos-affected-and-whos-using-it-1.html}, language = {English}, urldate = {2020-01-07} } ScanBox framework – who’s affected, and who’s using it?
Jolob
2014-10-20PWCDan Kelly, Tom Lancaster
@online{kelly:20141020:orcarat:236c19f, author = {Dan Kelly and Tom Lancaster}, title = {{OrcaRAT - A whale of a tale}}, date = {2014-10-20}, organization = {PWC}, url = {http://pwc.blogs.com/cyber_security_updates/2014/10/orcarat-a-whale-of-a-tale.html}, language = {English}, urldate = {2019-11-24} } OrcaRAT - A whale of a tale
OrcaRAT
2014-09-19PWCTom Lancaster
@online{lancaster:20140919:malware:b8ce62a, author = {Tom Lancaster}, title = {{Malware microevolution}}, date = {2014-09-19}, organization = {PWC}, url = {http://pwc.blogs.com/cyber_security_updates/2014/09/malware-microevolution.html}, language = {English}, urldate = {2020-01-08} } Malware microevolution
RapidStealer