Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-09ESET ResearchESET Research
@techreport{research:20220209:threat:507947f, author = {ESET Research}, title = {{THREAT REPORT T3 2021}}, date = {2022-02-09}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2022/02/eset_threat_report_t32021.pdf}, language = {English}, urldate = {2022-02-10} } THREAT REPORT T3 2021
2022-01-25ESET ResearchMarc-Etienne M.Léveillé, Anton Cherepanov
@online{mlveill:20220125:watering:e1afb71, author = {Marc-Etienne M.Léveillé and Anton Cherepanov}, title = {{Watering hole deploys new macOS malware, DazzleSpy, in Asia}}, date = {2022-01-25}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/}, language = {English}, urldate = {2022-01-25} } Watering hole deploys new macOS malware, DazzleSpy, in Asia
2022-01-18ESET ResearchESET Research
@online{research:20220118:eset:f6e99fd, author = {ESET Research}, title = {{ESET Research investigates Donot Team: Cyberespionage targeting military & governments in South Asia}}, date = {2022-01-18}, organization = {ESET Research}, url = {https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-investigates-donot-team-cyberespionage-targeting-military-governments-in-south-asia/}, language = {English}, urldate = {2022-02-17} } ESET Research investigates Donot Team: Cyberespionage targeting military & governments in South Asia
2022-01-18ESET ResearchFacundo Muñoz, Matías Porolli
@online{muoz:20220118:donot:724cf3f, author = {Facundo Muñoz and Matías Porolli}, title = {{DoNot Go! Do not respawn!}}, date = {2022-01-18}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/01/18/donot-go-do-not-respawn/}, language = {English}, urldate = {2022-01-18} } DoNot Go! Do not respawn!
yty
2022-01-15Github (eset)ESET Research
@online{research:20220115:donot:42f890e, author = {ESET Research}, title = {{Donot Team — Indicators of Compromise}}, date = {2022-01-15}, organization = {Github (eset)}, url = {https://github.com/eset/malware-ioc/tree/master/donot}, language = {English}, urldate = {2022-02-17} } Donot Team — Indicators of Compromise
2022-01-11ESET ResearchMichal Poslušný
@online{poslun:20220111:signed:1c59d41, author = {Michal Poslušný}, title = {{Signed kernel drivers – Unguarded gateway to Windows’ core}}, date = {2022-01-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core/}, language = {English}, urldate = {2022-01-18} } Signed kernel drivers – Unguarded gateway to Windows’ core
InvisiMole LoJax RobinHood Slingshot
2021-12-15ESET ResearchESET Research
@online{research:20211215:dirty:fd771eb, author = {ESET Research}, title = {{The dirty dozen of Latin America: From Amavaldo to Zumanek}}, date = {2021-12-15}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/12/15/dirty-dozen-latin-america-amavaldo-zumanek/}, language = {English}, urldate = {2022-01-05} } The dirty dozen of Latin America: From Amavaldo to Zumanek
Krachulka Lokorrito Zumanek
2021-12-01ESET ResearchAlexis Dorais-Joncas, Facundo Muñoz
@techreport{doraisjoncas:20211201:jumping:00bc8f5, author = {Alexis Dorais-Joncas and Facundo Muñoz}, title = {{Jumping the air gap: 15 years of nation‑state effort}}, date = {2021-12-01}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf}, language = {English}, urldate = {2021-12-17} } Jumping the air gap: 15 years of nation‑state effort
Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry
2021-11-16ESET ResearchMatthieu Faou
@online{faou:20211116:strategic:303fda6, author = {Matthieu Faou}, title = {{Strategic web compromises in the Middle East with a pinch of Candiru}}, date = {2021-11-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/}, language = {English}, urldate = {2021-11-17} } Strategic web compromises in the Middle East with a pinch of Candiru
2021-11-10Twitter (@ESETresearch)ESET Research
@online{research:20211110:discovery:c5ef2c6, author = {ESET Research}, title = {{Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.}}, date = {2021-11-10}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1458438155149922312}, language = {English}, urldate = {2021-12-01} } Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.
2021-10-29Twitter (@ESETresearch)ESET Research
@online{research:20211029:freebsd:f994b0c, author = {ESET Research}, title = {{Tweet on FreeBSD and LInux version of Hive ransomware}}, date = {2021-10-29}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1454100591261667329}, language = {English}, urldate = {2021-11-03} } Tweet on FreeBSD and LInux version of Hive ransomware
Hive
2021-10-27ESET ResearchVladislav Hrčka
@online{hrka:20211027:wslink:39610dc, author = {Vladislav Hrčka}, title = {{Wslink: Unique and undocumented malicious loader that runs as a server}}, date = {2021-10-27}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/27/wslink-unique-undocumented-malicious-loader-runs-server/}, language = {English}, urldate = {2021-12-06} } Wslink: Unique and undocumented malicious loader that runs as a server
Wslink
2021-10-15ESET ResearchESET Research
@online{research:20211015:malicious:04da9c1, author = {ESET Research}, title = {{Tweet on a malicious campaign targeting governmental and education entities in Colombia using multiple stages to drop AsyncRAT or njRAT Keylogger on their victims}}, date = {2021-10-15}, organization = {ESET Research}, url = {https://twitter.com/ESETresearch/status/1449132020613922828}, language = {English}, urldate = {2021-11-08} } Tweet on a malicious campaign targeting governmental and education entities in Colombia using multiple stages to drop AsyncRAT or njRAT Keylogger on their victims
AsyncRAT NjRAT
2021-10-07ESET ResearchVladislav Hrčka
@online{hrka:20211007:fontonlake:03cadd5, author = {Vladislav Hrčka}, title = {{FontOnLake: Previously unknown malware family targeting Linux}}, date = {2021-10-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/}, language = {English}, urldate = {2021-10-11} } FontOnLake: Previously unknown malware family targeting Linux
FontOnLake
2021-10-06Twitter (@ESETresearch)ESET Research
@online{research:20211006:ermac:62d2cc4, author = {ESET Research}, title = {{Tweet on ERMAC android malware}}, date = {2021-10-06}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1445618031464357888}, language = {English}, urldate = {2021-10-20} } Tweet on ERMAC android malware
ERMAC
2021-10-06ESET ResearchMartina López
@online{lpez:20211006:to:8e09f8a, author = {Martina López}, title = {{To the moon and hack: Fake SafeMoon app drops malware to spy on you}}, date = {2021-10-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/06/moon-hack-fake-safemoon-cryptocurrency-app-drops-malware-spy/}, language = {English}, urldate = {2021-10-11} } To the moon and hack: Fake SafeMoon app drops malware to spy on you
Remcos
2021-10-05ESET ResearchMartin Smolár, Anton Cherepanov
@online{smolr:20211005:uefi:eacd169, author = {Martin Smolár and Anton Cherepanov}, title = {{UEFI threats moving to the ESP: Introducing ESPecter bootkit}}, date = {2021-10-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/05/uefi-threats-moving-esp-introducing-especter-bootkit/}, language = {English}, urldate = {2021-10-24} } UEFI threats moving to the ESP: Introducing ESPecter bootkit
ESPecter
2021-09-24ProofpointProofpoint
@online{proofpoint:20210924:daily:403b8bd, author = {Proofpoint}, title = {{Daily Ruleset Update Summary 2021/09/24}}, date = {2021-09-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/daily-ruleset-update-summary-20210924}, language = {English}, urldate = {2021-10-05} } Daily Ruleset Update Summary 2021/09/24
MirrorBlast
2021-09-23ESET ResearchTahseen Bin Taj, Matthieu Faou
@online{taj:20210923:famoussparrow:5f0d606, author = {Tahseen Bin Taj and Matthieu Faou}, title = {{FamousSparrow: A suspicious hotel guest}}, date = {2021-09-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/}, language = {English}, urldate = {2021-09-24} } FamousSparrow: A suspicious hotel guest
SparrowDoor
2021-09-23ESET ResearchESET Research
@online{research:20210923:c:02fc0f8, author = {ESET Research}, title = {{Tweet on C# variant of the nccTrojan}}, date = {2021-09-23}, organization = {ESET Research}, url = {https://twitter.com/ESETresearch/status/1441139057682104325?s=20}, language = {English}, urldate = {2021-09-29} } Tweet on C# variant of the nccTrojan
nccTrojan