Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-25Bleeping ComputerLawrence Abrams
@online{abrams:20220125:new:5f8b7cf, author = {Lawrence Abrams}, title = {{New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key}}, date = {2022-01-25}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key/}, language = {English}, urldate = {2022-01-28} } New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
DEADBOLT
2022-01-20BleepingComputerLawrence Abrams
@online{abrams:20220120:fbi:e5f3fc1, author = {Lawrence Abrams}, title = {{FBI links Diavol ransomware to the TrickBot cybercrime group}}, date = {2022-01-20}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/fbi-links-diavol-ransomware-to-the-trickbot-cybercrime-group/}, language = {English}, urldate = {2022-01-24} } FBI links Diavol ransomware to the TrickBot cybercrime group
Diavol
2022-01-08Bleeping ComputerLawrence Abrams
@online{abrams:20220108:trojanized:00522d1, author = {Lawrence Abrams}, title = {{Trojanized dnSpy app drops malware cocktail on researchers, devs}}, date = {2022-01-08}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/}, language = {English}, urldate = {2022-01-18} } Trojanized dnSpy app drops malware cocktail on researchers, devs
Quasar RAT
2022-01-02BleepingComputerLawrence Abrams
@online{abrams:20220102:malicious:a53af29, author = {Lawrence Abrams}, title = {{Malicious CSV text files used to install BazarBackdoor malware}}, date = {2022-01-02}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/malicious-csv-text-files-used-to-install-bazarbackdoor-malware/}, language = {English}, urldate = {2022-02-02} } Malicious CSV text files used to install BazarBackdoor malware
BazarBackdoor
2021-12-20Bleeping ComputerLawrence Abrams
@online{abrams:20211220:log4j:1a80230, author = {Lawrence Abrams}, title = {{Log4j vulnerability now used to install Dridex banking malware}}, date = {2021-12-20}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/}, language = {English}, urldate = {2021-12-21} } Log4j vulnerability now used to install Dridex banking malware
DoppelDridex Meterpreter
2021-12-07Bleeping ComputerLawrence Abrams
@online{abrams:20211207:emotet:f33c999, author = {Lawrence Abrams}, title = {{Emotet now drops Cobalt Strike, fast forwards ransomware attacks}}, date = {2021-12-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/emotet-now-drops-cobalt-strike-fast-forwards-ransomware-attacks/}, language = {English}, urldate = {2021-12-08} } Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Cobalt Strike Emotet
2021-11-15Bleeping ComputerLawrence Abrams
@online{abrams:20211115:emotet:8de6d81, author = {Lawrence Abrams}, title = {{Emotet malware is back and rebuilding its botnet via TrickBot}}, date = {2021-11-15}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/emotet-malware-is-back-and-rebuilding-its-botnet-via-trickbot/}, language = {English}, urldate = {2021-11-17} } Emotet malware is back and rebuilding its botnet via TrickBot
Emotet
2021-11-03Bleeping ComputerLawrence Abrams
@online{abrams:20211103:blackmatter:5681de9, author = {Lawrence Abrams}, title = {{BlackMatter ransomware moves victims to LockBit after shutdown}}, date = {2021-11-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-moves-victims-to-lockbit-after-shutdown/}, language = {English}, urldate = {2021-11-08} } BlackMatter ransomware moves victims to LockBit after shutdown
BlackMatter BlackMatter LockBit
2021-10-21Bleeping ComputerLawrence Abrams
@online{abrams:20211021:massive:89295e6, author = {Lawrence Abrams}, title = {{Massive campaign uses YouTube to push password-stealing malware}}, date = {2021-10-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/massive-campaign-uses-youtube-to-push-password-stealing-malware/}, language = {English}, urldate = {2021-11-02} } Massive campaign uses YouTube to push password-stealing malware
Raccoon RedLine Stealer
2021-10-21Bleeping ComputerLawrence Abrams
@online{abrams:20211021:evil:71bc16a, author = {Lawrence Abrams}, title = {{Evil Corp demands $40 million in new Macaw ransomware attacks}}, date = {2021-10-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/evil-corp-demands-40-million-in-new-macaw-ransomware-attacks/}, language = {English}, urldate = {2022-05-17} } Evil Corp demands $40 million in new Macaw ransomware attacks
Macaw
2021-10-17Bleeping ComputerLawrence Abrams
@online{abrams:20211017:revil:b53b66f, author = {Lawrence Abrams}, title = {{REvil ransomware shuts down again after Tor sites were hijacked}}, date = {2021-10-17}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/revil-ransomware-shuts-down-again-after-tor-sites-were-hijacked/}, language = {English}, urldate = {2021-10-25} } REvil ransomware shuts down again after Tor sites were hijacked
REvil REvil
2021-09-07Bleeping ComputerLawrence Abrams
@online{abrams:20210907:revil:121f953, author = {Lawrence Abrams}, title = {{REvil ransomware's servers mysteriously come back online}}, date = {2021-09-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/}, language = {English}, urldate = {2021-09-10} } REvil ransomware's servers mysteriously come back online
REvil
2021-09-06Bleeping ComputerLawrence Abrams
@online{abrams:20210906:trickbot:652a467, author = {Lawrence Abrams}, title = {{TrickBot gang developer arrested when trying to leave Korea}}, date = {2021-09-06}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/trickbot-gang-developer-arrested-when-trying-to-leave-korea/}, language = {English}, urldate = {2021-09-10} } TrickBot gang developer arrested when trying to leave Korea
Diavol TrickBot
2021-08-24Bleeping ComputerLawrence Abrams
@online{abrams:20210824:ransomware:7095151, author = {Lawrence Abrams}, title = {{Ransomware gang's script shows exactly the files they're after}}, date = {2021-08-24}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/ransomware-gangs-script-shows-exactly-the-files-theyre-after/}, language = {English}, urldate = {2022-01-28} } Ransomware gang's script shows exactly the files they're after
Mespinoza
2021-08-11BleepingComputerLawrence Abrams
@online{abrams:20210811:kaseyas:93f86e6, author = {Lawrence Abrams}, title = {{Kaseya's universal REvil decryption key leaked on a hacking forum}}, date = {2021-08-11}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/kaseyas-universal-revil-decryption-key-leaked-on-a-hacking-forum/}, language = {English}, urldate = {2021-08-16} } Kaseya's universal REvil decryption key leaked on a hacking forum
REvil
2021-08-05Bleeping ComputerLawrence Abrams
@online{abrams:20210805:linux:d6e65f8, author = {Lawrence Abrams}, title = {{Linux version of BlackMatter ransomware targets VMware ESXi servers}}, date = {2021-08-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/}, language = {English}, urldate = {2021-08-09} } Linux version of BlackMatter ransomware targets VMware ESXi servers
BlackMatter
2021-08-05Bleeping ComputerLawrence Abrams
@online{abrams:20210805:angry:a9916d3, author = {Lawrence Abrams}, title = {{Angry Conti ransomware affiliate leaks gang's attack playbook}}, date = {2021-08-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-gangs-attack-playbook/}, language = {English}, urldate = {2021-08-06} } Angry Conti ransomware affiliate leaks gang's attack playbook
Conti
2021-08-04Bleeping ComputerLawrence Abrams
@online{abrams:20210804:lockbit:c6ab8ec, author = {Lawrence Abrams}, title = {{LockBit ransomware recruiting insiders to breach corporate networks}}, date = {2021-08-04}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/lockbit-ransomware-recruiting-insiders-to-breach-corporate-networks/}, language = {English}, urldate = {2021-08-06} } LockBit ransomware recruiting insiders to breach corporate networks
LockBit
2021-08-03Bleeping ComputerLawrence Abrams
@online{abrams:20210803:ransomware:d1b938f, author = {Lawrence Abrams}, title = {{Ransomware attack hits Italy's Lazio region, affects COVID-19 site}}, date = {2021-08-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/ransomware-attack-hits-italys-lazio-region-affects-covid-19-site/}, language = {English}, urldate = {2021-08-06} } Ransomware attack hits Italy's Lazio region, affects COVID-19 site
LockBit RansomEXX
2021-07-31Bleeping ComputerLawrence Abrams
@online{abrams:20210731:darkside:1d6ac34, author = {Lawrence Abrams}, title = {{DarkSide ransomware gang returns as new BlackMatter operation}}, date = {2021-07-31}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/darkside-ransomware-gang-returns-as-new-blackmatter-operation/}, language = {English}, urldate = {2021-08-02} } DarkSide ransomware gang returns as new BlackMatter operation
DarkSide