Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-31BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220331:threat:8b167d9, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Malicious Macros Still Causing Chaos}}, date = {2022-03-31}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/03/threat-thursday-malicious-macros}, language = {English}, urldate = {2022-04-15} } Threat Thursday: Malicious Macros Still Causing Chaos
2022-03-28AvastThreat Intelligence Team
@online{team:20220328:avast:03620fb, author = {Threat Intelligence Team}, title = {{Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool}}, date = {2022-03-28}, organization = {Avast}, url = {https://decoded.avast.io/threatintel/avast-finds-compromised-philippine-navy-certificate-used-in-remote-access-tool/}, language = {English}, urldate = {2022-04-05} } Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool
Unidentified 091
2022-03-24BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220324:threat:d1d2000, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts}}, date = {2022-03-24}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/03/threat-thursday-sunseed-malware}, language = {English}, urldate = {2022-04-15} } Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts
SunSeed
2022-03-22MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Detection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team
@online{mstic:20220322:dev0537:eea56dc, author = {Microsoft Threat Intelligence Center (MSTIC) and Detection and Response Team (DART) and Microsoft 365 Defender Threat Intelligence Team}, title = {{DEV-0537 (LAPSUS$/UNC3661) criminal actor targeting organizations for data exfiltration and destruction}}, date = {2022-03-22}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/}, language = {English}, urldate = {2022-04-29} } DEV-0537 (LAPSUS$/UNC3661) criminal actor targeting organizations for data exfiltration and destruction
RedLine Stealer LAPSUS
2022-03-18MalwarebytesThreat Intelligence Team
@online{team:20220318:double:fde615f, author = {Threat Intelligence Team}, title = {{Double header: IsaacWiper and CaddyWiper}}, date = {2022-03-18}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/03/double-header-isaacwiper-and-caddywiper/}, language = {English}, urldate = {2022-03-28} } Double header: IsaacWiper and CaddyWiper
CaddyWiper IsaacWiper
2022-03-17BlackberryBlackBerry Research & Intelligence Team
@online{team:20220317:threat:115c4c5, author = {BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: HermeticWiper Targets Defense Sectors in Ukraine}}, date = {2022-03-17}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/03/threat-thursday-hermeticwiper}, language = {English}, urldate = {2022-03-18} } Threat Thursday: HermeticWiper Targets Defense Sectors in Ukraine
HermeticWiper
2022-03-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220316:new:e28d7c2, author = {The BlackBerry Research & Intelligence Team}, title = {{New Ransomware Family Identified: LokiLocker RaaS Targets Windows Systems}}, date = {2022-03-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/03/lokilocker-ransomware}, language = {English}, urldate = {2022-03-17} } New Ransomware Family Identified: LokiLocker RaaS Targets Windows Systems
LokiLocker
2022-03-01CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220301:decryptable:27c195e, author = {CrowdStrike Intelligence Team}, title = {{Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities}}, date = {2022-03-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine/}, language = {English}, urldate = {2022-03-07} } Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities
PartyTicket
2022-02-23CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220223:access:7ca6777, author = {CrowdStrike Intelligence Team}, title = {{Access Brokers: Who Are the Targets, and What Are They Worth?}}, date = {2022-02-23}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/access-brokers-targets-and-worth/}, language = {English}, urldate = {2022-03-02} } Access Brokers: Who Are the Targets, and What Are They Worth?
2022-02-17BlackberryBlackBerry Research & Intelligence Team
@online{team:20220217:threat:899b90a, author = {BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Arkei Infostealer Expands Reach Using SmokeLoader to Target Crypto Wallets and MFA}}, date = {2022-02-17}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/02/threat-thursday-arkei-infostealer}, language = {English}, urldate = {2022-02-26} } Threat Thursday: Arkei Infostealer Expands Reach Using SmokeLoader to Target Crypto Wallets and MFA
Arkei Stealer SmokeLoader
2022-02-10BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220210:threat:3b6c884, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: BHunt Scavenger Harvests Victims’ Crypto Wallets}}, date = {2022-02-10}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/02/threat-thursday-bhunt-scavenger}, language = {English}, urldate = {2022-02-14} } Threat Thursday: BHunt Scavenger Harvests Victims’ Crypto Wallets
BHunt
2022-02-03BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220203:threat:0ee1428, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Spotlight: WhisperGate Wiper Wreaks Havoc in Ukraine}}, date = {2022-02-03}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/02/threat-spotlight-whispergate-wiper-wreaks-havoc-in-ukraine}, language = {English}, urldate = {2022-03-02} } Threat Spotlight: WhisperGate Wiper Wreaks Havoc in Ukraine
WhisperGate
2022-02-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20220202:evolution:4f55642, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{The evolution of a Mac trojan: UpdateAgent’s progression}}, date = {2022-02-02}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/02/02/the-evolution-of-a-mac-trojan-updateagents-progression/}, language = {English}, urldate = {2022-02-04} } The evolution of a Mac trojan: UpdateAgent’s progression
UpdateAgent
2022-01-28CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220128:lessons:fc2d4c6, author = {CrowdStrike Intelligence Team}, title = {{Lessons Learned From Successive Use of Offensive Cyber Operations Against Ukraine and What May Be Next}}, date = {2022-01-28}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/lessons-from-past-cyber-operations-against-ukraine/}, language = {English}, urldate = {2022-02-01} } Lessons Learned From Successive Use of Offensive Cyber Operations Against Ukraine and What May Be Next
WhisperGate
2022-01-27CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220127:early:7dbf1e1, author = {CrowdStrike Intelligence Team}, title = {{Early Bird Catches the Wormhole: Observations from the StellarParticle Campaign}}, date = {2022-01-27}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/observations-from-the-stellarparticle-campaign/}, language = {English}, urldate = {2022-01-31} } Early Bird Catches the Wormhole: Observations from the StellarParticle Campaign
GoldMax
2022-01-27BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220127:threat:68af23b, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: WhisperGate Wiper Targets Government, Non-profit, and IT Organizations in Ukraine}}, date = {2022-01-27}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/01/threat-thursday-whispergate-wiper}, language = {English}, urldate = {2022-02-01} } Threat Thursday: WhisperGate Wiper Targets Government, Non-profit, and IT Organizations in Ukraine
WhisperGate
2022-01-25CynetOrion Threat Research and Intelligence Team
@online{team:20220125:threats:5269cbc, author = {Orion Threat Research and Intelligence Team}, title = {{Threats Looming Over the Horizon}}, date = {2022-01-25}, organization = {Cynet}, url = {https://www.cynet.com/attack-techniques-hands-on/threats-looming-over-the-horizon/}, language = {English}, urldate = {2022-01-28} } Threats Looming Over the Horizon
Cobalt Strike Meterpreter NightSky
2022-01-20BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220120:threat:e0eda13, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Purple Fox Rootkit}}, date = {2022-01-20}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/01/threat-thursday-purple-fox-rootkit}, language = {English}, urldate = {2022-01-24} } Threat Thursday: Purple Fox Rootkit
PurpleFox
2022-01-19CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220119:technical:8a81c7e, author = {CrowdStrike Intelligence Team}, title = {{Technical Analysis of the WhisperGate Malicious Bootloader}}, date = {2022-01-19}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/technical-analysis-of-whispergate-malware/}, language = {English}, urldate = {2022-01-20} } Technical Analysis of the WhisperGate Malicious Bootloader
WhisperGate
2022-01-19BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220119:kraken:5b52d17, author = {The BlackBerry Research & Intelligence Team}, title = {{Kraken the Code on Prometheus}}, date = {2022-01-19}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/01/kraken-the-code-on-prometheus}, language = {English}, urldate = {2022-05-25} } Kraken the Code on Prometheus
Prometheus Backdoor BlackMatter Cerber Cobalt Strike DCRat Ficker Stealer QakBot REvil Ryuk