Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-07-31ProofpointKade Harmon, Kafeine, Dennis Schwarz, Proofpoint Threat Insight Team
@online{harmon:20190731:systembc:d98f03c, author = {Kade Harmon and Kafeine and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits}}, date = {2019-07-31}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/systembc-christmas-july-socks5-malware-and-exploit-kits}, language = {English}, urldate = {2019-12-20} } SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits
SystemBC
2019-07-23ProofpointMichael Raggi, Dennis Schwarz, Proofpoint Threat Insight Team
@online{raggi:20190723:chinese:804ec1c, author = {Michael Raggi and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia}}, date = {2019-07-23}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/chinese-apt-operation-lagtime-it-targets-government-information-technology}, language = {English}, urldate = {2021-02-06} } Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia
8.t Dropper Cotx RAT Poison Ivy TA428
2019-07-02ProofpointMatthew Mesa, Dennis Schwarz, Proofpoint Threat Insight Team
@online{mesa:20190702:ta505:7f99961, author = {Matthew Mesa and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States}}, date = {2019-07-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/ta505-begins-summer-campaigns-new-pet-malware-downloader-andromut-uae-south}, language = {English}, urldate = {2019-11-26} } TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States
AndroMut FlawedAmmyy
2019-05-09ProofpointDennis Schwarz, Proofpoint Threat Insight Team
@online{schwarz:20190509:new:19098c9, author = {Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials}}, date = {2019-05-09}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-kpot-v20-stealer-brings-zero-persistence-and-memory-features-silently-steal}, language = {English}, urldate = {2019-12-20} } New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials
KPOT Stealer
2019-03-13ProofpointDennis Schwarz, Proofpoint Threat Insight Team
@online{schwarz:20190313:danabot:a6b3c02, author = {Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{DanaBot control panel revealed}}, date = {2019-03-13}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/danabot-control-panel-revealed}, language = {English}, urldate = {2019-12-20} } DanaBot control panel revealed
DanaBot
2019-01-09ProofpointDennis Schwarz, Proofpoint Staff
@online{schwarz:20190109:servhelper:e20586c, author = {Dennis Schwarz and Proofpoint Staff}, title = {{ServHelper and FlawedGrace - New malware introduced by TA505}}, date = {2019-01-09}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/servhelper-and-flawedgrace-new-malware-introduced-ta505}, language = {English}, urldate = {2019-12-20} } ServHelper and FlawedGrace - New malware introduced by TA505
FlawedGrace ServHelper
2018-03-27NetScoutDennis Schwarz
@online{schwarz:20180327:panda:7316fab, author = {Dennis Schwarz}, title = {{Panda Banker Zeros in on Japanese Targets}}, date = {2018-03-27}, organization = {NetScout}, url = {https://www.arbornetworks.com/blog/asert/panda-banker-zeros-in-on-japanese-targets/}, language = {English}, urldate = {2019-12-24} } Panda Banker Zeros in on Japanese Targets
2018-03-08NetScoutDennis Schwarz, Jill Sopko, Richard Hummel, Hardik Modi
@online{schwarz:20180308:donot:39171ec, author = {Dennis Schwarz and Jill Sopko and Richard Hummel and Hardik Modi}, title = {{Donot Team Leverages New Modular Malware Framework in South Asia}}, date = {2018-03-08}, organization = {NetScout}, url = {https://www.netscout.com/blog/asert/donot-team-leverages-new-modular-malware-framework-south-asia}, language = {English}, urldate = {2019-10-16} } Donot Team Leverages New Modular Malware Framework in South Asia
VICEROY TIGER
2017-10-25NetScoutDennis Schwarz
@online{schwarz:20171025:snatchloader:c3476ee, author = {Dennis Schwarz}, title = {{SnatchLoader Reloaded}}, date = {2017-10-25}, organization = {NetScout}, url = {https://www.arbornetworks.com/blog/asert/snatchloader-reloaded/}, language = {English}, urldate = {2020-01-07} } SnatchLoader Reloaded
SnatchLoader
2017-09-20NetScoutDennis Schwarz
@online{schwarz:20170920:formidable:654d8e3, author = {Dennis Schwarz}, title = {{The Formidable FormBook Form Grabber}}, date = {2017-09-20}, organization = {NetScout}, url = {https://www.arbornetworks.com/blog/asert/formidable-formbook-form-grabber/}, language = {English}, urldate = {2019-07-09} } The Formidable FormBook Form Grabber
Formbook
2017-07-12NetScoutDennis Schwarz
@online{schwarz:20170712:lockpos:c5394b5, author = {Dennis Schwarz}, title = {{LockPoS Joins the Flock}}, date = {2017-07-12}, organization = {NetScout}, url = {https://www.arbornetworks.com/blog/asert/lockpos-joins-flock/}, language = {English}, urldate = {2020-01-06} } LockPoS Joins the Flock
LockPOS
2017-06-09NetScoutDennis Schwarz
@online{schwarz:20170609:another:ea77337, author = {Dennis Schwarz}, title = {{Another Banker Enters the Matrix}}, date = {2017-06-09}, organization = {NetScout}, url = {https://www.arbornetworks.com/blog/asert/another-banker-enters-matrix/}, language = {English}, urldate = {2020-01-08} } Another Banker Enters the Matrix
Matrix Banker
2016-12-19NetScoutDennis Schwarz
@online{schwarz:20161219:dismantling:b7af8dd, author = {Dennis Schwarz}, title = {{Dismantling a Nuclear Bot}}, date = {2016-12-19}, organization = {NetScout}, url = {https://www.arbornetworks.com/blog/asert/dismantling-nuclear-bot/}, language = {English}, urldate = {2020-01-09} } Dismantling a Nuclear Bot
TinyNuke
2015-04-21Arbor NetworksDennis Schwarz
@online{schwarz:20150421:bedeps:5608ce2, author = {Dennis Schwarz}, title = {{Bedep’s DGA: Trading Foreign Exchange for Malware Domains}}, date = {2015-04-21}, organization = {Arbor Networks}, url = {https://web.archive.org/web/20150524032716/http://asert.arbornetworks.com/bedeps-dga-trading-foreign-exchange-for-malware-domains/}, language = {English}, urldate = {2023-03-23} } Bedep’s DGA: Trading Foreign Exchange for Malware Domains
Bedep