Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2017-09-28Palo Alto Networks Unit 42Josh Grunzweig, Robert Falcone
@online{grunzweig:20170928:threat:835bf8e, author = {Josh Grunzweig and Robert Falcone}, title = {{Threat Actors Target Government of Belarus Using CMSTAR Trojan}}, date = {2017-09-28}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2017/09/unit42-threat-actors-target-government-belarus-using-cmstar-trojan}, language = {English}, urldate = {2019-12-20} } Threat Actors Target Government of Belarus Using CMSTAR Trojan
BYEBY CMSTAR
2017-04-20Palo Alto Networks Unit 42Josh Grunzweig
@online{grunzweig:20170420:cardinal:dbe903e, author = {Josh Grunzweig}, title = {{Cardinal RAT Active for Over Two Years}}, date = {2017-04-20}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2017/04/unit42-cardinal-rat-active-two-years/?adbsc=social71702736&adbid=855028404965433346&adbpl=tw&adbpr=4487645412}, language = {English}, urldate = {2019-12-20} } Cardinal RAT Active for Over Two Years
Cardinal RAT
2017-03-30Palo Alto Networks Unit 42Jen Miller-Osborn, Josh Grunzweig
@online{millerosborn:20170330:trochilus:bface4b, author = {Jen Miller-Osborn and Josh Grunzweig}, title = {{Trochilus and New MoonWind RATs Used In Attack Against Thai Organizations}}, date = {2017-03-30}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2017/03/unit42-trochilus-rat-new-moonwind-rat-used-attack-thai-utility-organizations/}, language = {English}, urldate = {2019-12-20} } Trochilus and New MoonWind RATs Used In Attack Against Thai Organizations
MoonWind
2017-03-30Palo Alto Networks Unit 42Jen Miller-Osborn, Josh Grunzweig
@online{millerosborn:20170330:trochilus:6c1c703, author = {Jen Miller-Osborn and Josh Grunzweig}, title = {{Trochilus and New MoonWind RATs Used In Attack Against Thai Organizations}}, date = {2017-03-30}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-trochilus-rat-new-moonwind-rat-used-attack-thai-utility-organizations/}, language = {English}, urldate = {2019-12-10} } Trochilus and New MoonWind RATs Used In Attack Against Thai Organizations
Group 27
2017-03-15Palo Alto Networks Unit 42Josh Grunzweig
@online{grunzweig:20170315:nexuslogger:5530c6b, author = {Josh Grunzweig}, title = {{NexusLogger: A New Cloud-based Keylogger Enters the Market}}, date = {2017-03-15}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2017/03/unit42-nexuslogger-new-cloud-based-keylogger-enters-market/}, language = {English}, urldate = {2019-12-20} } NexusLogger: A New Cloud-based Keylogger Enters the Market
NexusLogger
2017-02-16Jen Miller-Osborn, Josh Grunzweig
@online{millerosborn:20170216:menupass:4aebb40, author = {Jen Miller-Osborn and Josh Grunzweig}, title = {{menuPass Returns with New Malware and New Attacks Against Japanese Academics and Organizations}}, date = {2017-02-16}, url = {https://unit42.paloaltonetworks.com/unit42-menupass-returns-new-malware-new-attacks-japanese-academics-organizations/}, language = {English}, urldate = {2019-11-21} } menuPass Returns with New Malware and New Attacks Against Japanese Academics and Organizations
Stone Panda
2017-02-16Palo Alto Networks Unit 42Jen Miller-Osborn, Josh Grunzweig
@online{millerosborn:20170216:menupass:a829340, author = {Jen Miller-Osborn and Josh Grunzweig}, title = {{menuPass Returns with New Malware and New Attacks Against Japanese Academics and Organizations}}, date = {2017-02-16}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2017/02/unit42-menupass-returns-new-malware-new-attacks-japanese-academics-organizations/}, language = {English}, urldate = {2019-12-20} } menuPass Returns with New Malware and New Attacks Against Japanese Academics and Organizations
ChChes
2017-01-05Palo Alto Networks Unit 42Josh Grunzweig
@online{grunzweig:20170105:dragonok:2b228f2, author = {Josh Grunzweig}, title = {{DragonOK Updates Toolset and Targets Multiple Geographic Regions}}, date = {2017-01-05}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-dragonok-updates-toolset-targets-multiple-geographic-regions/}, language = {English}, urldate = {2019-12-17} } DragonOK Updates Toolset and Targets Multiple Geographic Regions
DragonOK
2017-01-05Palo Alto Networks Unit 42Josh Grunzweig
@online{grunzweig:20170105:dragonok:f5f73f6, author = {Josh Grunzweig}, title = {{DragonOK Updates Toolset and Targets Multiple Geographic Regions}}, date = {2017-01-05}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2017/01/unit42-dragonok-updates-toolset-targets-multiple-geographic-regions/}, language = {English}, urldate = {2019-12-20} } DragonOK Updates Toolset and Targets Multiple Geographic Regions
IsSpace SysGet
2016-10-04Palo Alto Networks Unit 42Josh Grunzweig, Robert Falcone
@online{grunzweig:20161004:oilrig:72c4b0e, author = {Josh Grunzweig and Robert Falcone}, title = {{OilRig Malware Campaign Updates Toolset and Expands Targets}}, date = {2016-10-04}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/10/unit42-oilrig-malware-campaign-updates-toolset-and-expands-targets/}, language = {English}, urldate = {2019-12-20} } OilRig Malware Campaign Updates Toolset and Expands Targets
Helminth
2016-10-04Palo Alto Networks Unit 42Josh Grunzweig, Robert Falcone
@online{grunzweig:20161004:oilrig:2e3b9e0, author = {Josh Grunzweig and Robert Falcone}, title = {{OilRig Malware Campaign Updates Toolset and Expands Targets}}, date = {2016-10-04}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-oilrig-malware-campaign-updates-toolset-and-expands-targets/}, language = {English}, urldate = {2019-10-22} } OilRig Malware Campaign Updates Toolset and Expands Targets
OilRig
2016-08-16Palo Alto Networks Unit 42Josh Grunzweig, Robert Falcone
@online{grunzweig:20160816:aveo:6f3cf5c, author = {Josh Grunzweig and Robert Falcone}, title = {{Aveo Malware Family Targets Japanese Speaking Users}}, date = {2016-08-16}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/08/unit42-aveo-malware-family-targets-japanese-speaking-users/}, language = {English}, urldate = {2019-12-20} } Aveo Malware Family Targets Japanese Speaking Users
Aveo
2016-07-08Palo Alto Networks Unit 42Josh Grunzweig
@online{grunzweig:20160708:investigating:576bb94, author = {Josh Grunzweig}, title = {{Investigating the LuminosityLink Remote Access Trojan Configuration}}, date = {2016-07-08}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2016/07/unit42-investigating-the-luminositylink-remote-access-trojan-configuration/}, language = {English}, urldate = {2019-12-20} } Investigating the LuminosityLink Remote Access Trojan Configuration
Luminosity RAT
2016-05-24Palo Alto Networks Unit 42Josh Grunzweig, Mike Scott, Bryan Lee
@online{grunzweig:20160524:new:d1cd669, author = {Josh Grunzweig and Mike Scott and Bryan Lee}, title = {{New Wekby Attacks Use DNS Requests As Command and Control Mechanism}}, date = {2016-05-24}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/}, language = {English}, urldate = {2019-12-20} } New Wekby Attacks Use DNS Requests As Command and Control Mechanism
Roseam
2016-05-02Github (pan-unit42)Josh Grunzweig
@online{grunzweig:20160502:prince:bd368e1, author = {Josh Grunzweig}, title = {{Prince of Persia Hashes}}, date = {2016-05-02}, organization = {Github (pan-unit42)}, url = {https://github.com/pan-unit42/iocs/blob/master/prince_of_persia/hashes.csv}, language = {English}, urldate = {2020-01-08} } Prince of Persia Hashes
Infy
2016-03-14Palo Alto Networks Unit 42Josh Grunzweig, Robert Falcone, Bryan Lee
@online{grunzweig:20160314:digital:b6ddc60, author = {Josh Grunzweig and Robert Falcone and Bryan Lee}, title = {{Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government}}, date = {2016-03-14}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2016/03/digital-quartermaster-scenario-demonstrated-in-attacks-against-the-mongolian-government/}, language = {English}, urldate = {2019-12-20} } Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government
BBSRAT CMSTAR
2016-03-11Palo Alto Networks Unit 42Josh Grunzweig, Brandon Levene
@online{grunzweig:20160311:powersniff:ca6c14f, author = {Josh Grunzweig and Brandon Levene}, title = {{PowerSniff Malware Used in Macro-based Attacks}}, date = {2016-03-11}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/powersniff-malware-used-in-macro-based-attacks/}, language = {English}, urldate = {2020-01-08} } PowerSniff Malware Used in Macro-based Attacks
2016-01-22Palo Alto Networks Unit 42Josh Grunzweig, Bryan Lee
@online{grunzweig:20160122:new:f7cb504, author = {Josh Grunzweig and Bryan Lee}, title = {{New Attacks Linked to C0d0so0 Group}}, date = {2016-01-22}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/01/new-attacks-linked-to-c0d0s0-group/}, language = {English}, urldate = {2019-12-20} } New Attacks Linked to C0d0so0 Group
Codoso
2015-12-22Bryan Lee, Josh Grunzweig
@online{lee:20151222:bbsrat:d5ec63d, author = {Bryan Lee and Josh Grunzweig}, title = {{BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger}}, date = {2015-12-22}, url = {https://unit42.paloaltonetworks.com/bbsrat-attacks-targeting-russian-organizations-linked-to-roaming-tiger/}, language = {English}, urldate = {2019-11-21} } BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger
Roaming Tiger
2015-10-09Palo Alto Networks Unit 42Josh Grunzweig
@online{grunzweig:20151009:latest:c328965, author = {Josh Grunzweig}, title = {{Latest TeslaCrypt Ransomware Borrows Code From Carberp Trojan}}, date = {2015-10-09}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2015/10/latest-teslacrypt-ransomware-borrows-code-from-carberp-trojan/}, language = {English}, urldate = {2019-12-20} } Latest TeslaCrypt Ransomware Borrows Code From Carberp Trojan
TeslaCrypt