Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-01GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220301:tag:7979933, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q1 2022}}, date = {2022-03-01}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q1-2022/}, language = {English}, urldate = {2022-03-02} } TAG Bulletin: Q1 2022
2022-01-14Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20220114:apt28:6c659cc, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on APT28 credential phishing campaigns targeting Ukraine}}, date = {2022-01-14}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1482034733072752640}, language = {English}, urldate = {2022-01-18} } Tweet on APT28 credential phishing campaigns targeting Ukraine
2021-12-07GoogleShane Huntley, Luca Nagy, Google Threat Analysis Group
@online{huntley:20211207:disrupting:9fd4ab7, author = {Shane Huntley and Luca Nagy and Google Threat Analysis Group}, title = {{Disrupting the Glupteba operation}}, date = {2021-12-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/disrupting-glupteba-operation/}, language = {English}, urldate = {2021-12-08} } Disrupting the Glupteba operation
Glupteba
2021-12-02GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20211202:tag:0e0e268, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q4 2021}}, date = {2021-12-02}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q4-2021/}, language = {English}, urldate = {2021-12-08} } TAG Bulletin: Q4 2021
2021-11-24GoogleGoogle Cybersecurity Action Team, Google Threat Analysis Group
@techreport{team:20211124:threat:a837017, author = {Google Cybersecurity Action Team and Google Threat Analysis Group}, title = {{Threat Horizons Cloud Threat Intelligence November 2021. Issue 1}}, date = {2021-11-24}, institution = {Google}, url = {https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf}, language = {English}, urldate = {2021-11-29} } Threat Horizons Cloud Threat Intelligence November 2021. Issue 1
BlackMatter
2021-11-11GoogleErye Hernandez, Google Threat Analysis Group
@online{hernandez:20211111:analyzing:8107f2e, author = {Erye Hernandez and Google Threat Analysis Group}, title = {{Analyzing a watering hole campaign using macOS exploits}}, date = {2021-11-11}, organization = {Google}, url = {https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/}, language = {English}, urldate = {2021-11-17} } Analyzing a watering hole campaign using macOS exploits
CDDS
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211110:rekoobe:2f64840, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012}}, date = {2021-11-10}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1458531997576572929}, language = {English}, urldate = {2021-11-17} } Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-10-29GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20211029:tag:49e2993, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q3 2021}}, date = {2021-10-29}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q3-2021/}, language = {English}, urldate = {2021-11-17} } TAG Bulletin: Q3 2021
2021-10-20GoogleAshley Shen, Google Threat Analysis Group
@online{shen:20211020:phishing:b0fa074, author = {Ashley Shen and Google Threat Analysis Group}, title = {{Phishing campaign targets YouTube creators with cookie theft malware}}, date = {2021-10-20}, organization = {Google}, url = {https://blog.google/threat-analysis-group/phishing-campaign-targets-youtube-creators-cookie-theft-malware/}, language = {English}, urldate = {2021-10-26} } Phishing campaign targets YouTube creators with cookie theft malware
2021-10-14GoogleAjax Bash, Google Threat Analysis Group
@online{bash:20211014:countering:eef058c, author = {Ajax Bash and Google Threat Analysis Group}, title = {{Countering threats from Iran (APT35)}}, date = {2021-10-14}, organization = {Google}, url = {https://blog.google/threat-analysis-group/countering-threats-iran/}, language = {English}, urldate = {2021-10-25} } Countering threats from Iran (APT35)
2021-10-07Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211007:iocs:db42716, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on IOCs related to APT28}}, date = {2021-10-07}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1446226367008313344}, language = {English}, urldate = {2021-11-17} } Tweet on IOCs related to APT28
2021-09-23GoogleNeel Mehta, Google Threat Analysis Group
@online{mehta:20210923:financially:8f507b2, author = {Neel Mehta and Google Threat Analysis Group}, title = {{Financially motivated actor breaks certificate parsing to avoid detection}}, date = {2021-09-23}, organization = {Google}, url = {https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/}, language = {English}, urldate = {2021-09-29} } Financially motivated actor breaks certificate parsing to avoid detection
OpenSUpdater
2021-07-14GoogleMaddie Stone, Clement Lecigne, Google Threat Analysis Group
@online{stone:20210714:how:38dfdc6, author = {Maddie Stone and Clement Lecigne and Google Threat Analysis Group}, title = {{How We Protect Users From 0-Day Attacks (CVE-2021-21166, CVE-2021-30551, CVE-2021-33742, CVE-2021-1879)}}, date = {2021-07-14}, organization = {Google}, url = {https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/}, language = {English}, urldate = {2021-07-26} } How We Protect Users From 0-Day Attacks (CVE-2021-21166, CVE-2021-30551, CVE-2021-33742, CVE-2021-1879)
Cobalt Strike
2021-03-31GoogleAdam Weidemann, Google Threat Analysis Group
@online{weidemann:20210331:update:592d9dc, author = {Adam Weidemann and Google Threat Analysis Group}, title = {{Update on campaign targeting security researchers}}, date = {2021-03-31}, organization = {Google}, url = {https://blog.google/threat-analysis-group/update-campaign-targeting-security-researchers/}, language = {English}, urldate = {2021-04-06} } Update on campaign targeting security researchers
2021-02-16GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20210216:tag:5cfe8eb, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q1 2021}}, date = {2021-02-16}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q1-2021/}, language = {English}, urldate = {2021-02-18} } TAG Bulletin: Q1 2021
2020-11-17GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20201117:tag:74d7811, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q4 2020}}, date = {2020-11-17}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q4-2020/}, language = {English}, urldate = {2020-11-19} } TAG Bulletin: Q4 2020
2020-10-16GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20201016:how:baafd73, author = {Shane Huntley and Google Threat Analysis Group}, title = {{How we're tackling evolving online threats}}, date = {2020-10-16}, organization = {Google}, url = {https://blog.google/threat-analysis-group/how-were-tackling-evolving-online-threats}, language = {English}, urldate = {2020-10-23} } How we're tackling evolving online threats
2020-06-05GoogleClement Lecigne, Google Threat Analysis Group
@online{lecigne:20200605:exploits:37a164b, author = {Clement Lecigne and Google Threat Analysis Group}, title = {{Exploits of a TAG analyst chasing in the wild (video)}}, date = {2020-06-05}, organization = {Google}, url = {https://static.sstic.org/videos2020/1080p/cloture_2020.mp4}, language = {French}, urldate = {2022-05-23} } Exploits of a TAG analyst chasing in the wild (video)
2020-06-05GoogleClement Lecigne, Google Threat Analysis Group
@techreport{lecigne:20200605:exploits:f7ed07e, author = {Clement Lecigne and Google Threat Analysis Group}, title = {{Exploits of a TAG analyst chasing in the wild (slides)}}, date = {2020-06-05}, institution = {Google}, url = {https://www.sstic.org/media/SSTIC2020/SSTIC-actes/cloture_2020/SSTIC2020-Slides-cloture_2020-lecigne.pdf}, language = {English}, urldate = {2022-05-23} } Exploits of a TAG analyst chasing in the wild (slides)
2017-12-09BlueHat Security ConferenceBilly Leonard, Google Threat Analysis Group
@online{leonard:20171209:10:8af1565, author = {Billy Leonard and Google Threat Analysis Group}, title = {{10 Years of Targeted Credential Phishing}}, date = {2017-12-09}, organization = {BlueHat Security Conference}, url = {https://www.slideshare.net/MSbluehat/10-years-of-targeted-credential-phishing-billy-leonard}, language = {English}, urldate = {2021-05-17} } 10 Years of Targeted Credential Phishing