Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-12FortinetXiaopeng Zhang
@online{zhang:20210212:new:4e0dab7, author = {Xiaopeng Zhang}, title = {{New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part I}}, date = {2021-02-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-bazar-trojan-variant-is-being-spread-in-recent-phishing-campaign-part-I}, language = {English}, urldate = {2021-02-20} } New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part I
BazarBackdoor
2021-01-12FortinetXiaopeng Zhang
@online{zhang:20210112:new:bdf3ebb, author = {Xiaopeng Zhang}, title = {{New Variant of Ursnif Continuously Targeting Italy}}, date = {2021-01-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-variant-of-ursnif-continuously-targeting-italy}, language = {English}, urldate = {2021-01-18} } New Variant of Ursnif Continuously Targeting Italy
ISFB
2020-12-21FortinetUdi Yavo
@online{yavo:20201221:what:716b31d, author = {Udi Yavo}, title = {{What We Have Learned So Far about the “Sunburst”/SolarWinds Hack}}, date = {2020-12-21}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/what-we-have-learned-so-far-about-the-sunburst-solarwinds-hack}, language = {English}, urldate = {2021-01-18} } What We Have Learned So Far about the “Sunburst”/SolarWinds Hack
Cobalt Strike SUNBURST TEARDROP
2020-12-16FortinetFred Gutierrez, Val Saengphaibul
@online{gutierrez:20201216:adversary:3b3781a, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Adversary Playbook: JavaScript RAT Looking for that Government Cheese}}, date = {2020-12-16}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/adversary-playbook-javascript-rat-looking-for-that-government-cheese}, language = {English}, urldate = {2021-01-18} } Adversary Playbook: JavaScript RAT Looking for that Government Cheese
JSOutProx
2020-10-13FortinetXiaopeng Zhang
@online{zhang:20201013:deep:e95d109, author = {Xiaopeng Zhang}, title = {{Deep Analysis – The EKING Variant of Phobos Ransomware}}, date = {2020-10-13}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-analysis-the-eking-variant-of-phobos-ransomware}, language = {English}, urldate = {2020-10-20} } Deep Analysis – The EKING Variant of Phobos Ransomware
Phobos
2020-07-01FortinetBen Hunter, Fred Gutierrez
@online{hunter:20200701:ekans:46605bc, author = {Ben Hunter and Fred Gutierrez}, title = {{EKANS Ransomware Targeting OT ICS Systems}}, date = {2020-07-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ekans-ransomware-targeting-ot-ics-systems}, language = {English}, urldate = {2020-07-06} } EKANS Ransomware Targeting OT ICS Systems
Snake
2020-06-15FortinetVal Saengphaibul, Fred Gutierrez
@online{saengphaibul:20200615:global:5c4be18, author = {Val Saengphaibul and Fred Gutierrez}, title = {{Global Malicious Spam Campaign Using Black Lives Matter as a Lure}}, date = {2020-06-15}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/global-malicious-spam-campaign-using-black-lives-matter-as-a-lure}, language = {English}, urldate = {2020-06-16} } Global Malicious Spam Campaign Using Black Lives Matter as a Lure
TrickBot
2020-05-27FBIFBI
@techreport{fbi:20200527:alert:6d31e17, author = {FBI}, title = {{Alert Number MI-000148-MW: APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity}}, date = {2020-05-27}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2021/210527.pdf}, language = {English}, urldate = {2021-06-04} } Alert Number MI-000148-MW: APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity
MimiKatz
2020-03-09FortinetXiaopeng Zhang
@online{zhang:20200309:new:ff60491, author = {Xiaopeng Zhang}, title = {{New Variant of TrickBot Being Spread by Word Document}}, date = {2020-03-09}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-variant-of-trickbot-being-spread-by-word-document.html}, language = {English}, urldate = {2020-04-26} } New Variant of TrickBot Being Spread by Word Document
TrickBot
2020-01-02FortinetMinh Tran
@online{tran:20200102:curious:3682a97, author = {Minh Tran}, title = {{The Curious Case of DeathRansom: Part I}}, date = {2020-01-02}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/death-ransom-new-strain-ransomware.html}, language = {English}, urldate = {2020-01-08} } The Curious Case of DeathRansom: Part I
DeathRansom
2020-01-02FortinetArtem Semenchenko, Evengeny Ananin
@online{semenchenko:20200102:deathransom:1d5c66d, author = {Artem Semenchenko and Evengeny Ananin}, title = {{DeathRansom Part II: Attribution}}, date = {2020-01-02}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/death-ransom-attribution.html}, language = {English}, urldate = {2020-01-09} } DeathRansom Part II: Attribution
DeathRansom
2019-12-26FortinetOmri Misgav
@online{misgav:20191226:introducing:1c33aa5, author = {Omri Misgav}, title = {{Introducing BIOLOAD: FIN7 BOOSTWRITE’s Lost Twin}}, date = {2019-12-26}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/bioload-fin7-boostwrite-lost-twin.html}, language = {English}, urldate = {2021-01-25} } Introducing BIOLOAD: FIN7 BOOSTWRITE’s Lost Twin
bioload
2019-10-21FortinetXiaopeng Zhang, Chris Navarrete
@online{zhang:20191021:new:b72bcde, author = {Xiaopeng Zhang and Chris Navarrete}, title = {{New Variant of Remcos RAT Observed In the Wild}}, date = {2019-10-21}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-variant-of-remcos-rat-observed-in-the-wild.html}, language = {English}, urldate = {2019-11-21} } New Variant of Remcos RAT Observed In the Wild
Remcos
2019-09-17FortinetJoie Salvio
@online{salvio:20190917:nemty:761b43e, author = {Joie Salvio}, title = {{Nemty Ransomware 1.0: A Threat in its Early Stage}}, date = {2019-09-17}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/nemty-ransomware-early-stage-threat.html}, language = {English}, urldate = {2020-01-13} } Nemty Ransomware 1.0: A Threat in its Early Stage
Nemty
2019-09-04FortinetDario Durando
@online{durando:20190904:funkybot:625b9ba, author = {Dario Durando}, title = {{FunkyBot: A New Android Malware Family Targeting Japan}}, date = {2019-09-04}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/funkybot-malware-targets-japan.html}, language = {English}, urldate = {2020-01-13} } FunkyBot: A New Android Malware Family Targeting Japan
FunkyBot
2019-08-07FortinetXiaopeng Zhang
@online{zhang:20190807:new:2e838ee, author = {Xiaopeng Zhang}, title = {{New Ursnif Variant Spreading by Word Document}}, date = {2019-08-07}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ursnif-variant-spreading-word-document.html}, language = {English}, urldate = {2020-01-26} } New Ursnif Variant Spreading by Word Document
ISFB
2019-07-22FortinetKai Lu
@online{lu:20190722:deep:a4bdd84, author = {Kai Lu}, title = {{A Deep Dive Into IcedID Malware: Part III - Analysis of Child Processes}}, date = {2019-07-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-dive-icedid-malware-analysis-of-child-processes.html}, language = {English}, urldate = {2020-01-13} } A Deep Dive Into IcedID Malware: Part III - Analysis of Child Processes
2019-07-10FortinetJasper Manuel
@online{manuel:20190710:loocipher:279c185, author = {Jasper Manuel}, title = {{LooCipher: Can Encrypted Files Be Recovered From Hell?}}, date = {2019-07-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/loocipher-can-encrypted-files-be-recovered.html}, language = {English}, urldate = {2020-01-06} } LooCipher: Can Encrypted Files Be Recovered From Hell?
looChiper
2019-07-09FortinetKai Lu
@online{lu:20190709:deep:90d708f, author = {Kai Lu}, title = {{A Deep Dive Into IcedID Malware: Part I - Unpacking, Hooking and Process Injection}}, date = {2019-07-09}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/icedid-malware-analysis-part-one.html}, language = {English}, urldate = {2020-01-08} } A Deep Dive Into IcedID Malware: Part I - Unpacking, Hooking and Process Injection
IcedID
2019-07-03FortinetDario Durando
@online{durando:20190703:bianlian:c6f94bb, author = {Dario Durando}, title = {{BianLian: A New Wave Emerges}}, date = {2019-07-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-wave-bianlian-malware.html}, language = {English}, urldate = {2019-12-24} } BianLian: A New Wave Emerges
BianLian