Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-27MorphisecMorphisec Labs
@online{labs:20210827:proxyshell:a4650f1, author = {Morphisec Labs}, title = {{ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors}}, date = {2021-08-27}, organization = {Morphisec}, url = {https://blog.morphisec.com/proxyshell-exchange-exploitation-now-leads-to-an-increasing-amount-of-cobaltstrike-backdoors}, language = {English}, urldate = {2021-08-31} } ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors
Cobalt Strike
2021-07-05MorphisecMorphisec
@online{morphisec:20210705:realtime:9a19062, author = {Morphisec}, title = {{Real-Time Prevention of the Kaseya VSA Supply Chain REvil Ransomware Attack}}, date = {2021-07-05}, organization = {Morphisec}, url = {https://blog.morphisec.com/real-time-prevention-of-the-kaseya-vsa-supply-chain-revil-ransomware-attack}, language = {English}, urldate = {2021-07-21} } Real-Time Prevention of the Kaseya VSA Supply Chain REvil Ransomware Attack
REvil
2021-06-02MorphisecMichael Gorelik
@online{gorelik:20210602:google:eb1bf13, author = {Michael Gorelik}, title = {{Google PPC Ads Deliver Redline, Taurus, and mini-Redline Infostealers}}, date = {2021-06-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/google-ppc-ads-deliver-redline-taurus-and-mini-redline-infostealers}, language = {English}, urldate = {2021-06-16} } Google PPC Ads Deliver Redline, Taurus, and mini-Redline Infostealers
RedLine Stealer Taurus Stealer
2021-05-14MorphisecArnold Osipov
@online{osipov:20210514:ahk:2da8d24, author = {Arnold Osipov}, title = {{AHK RAT Loader Used in Unique Delivery Campaigns}}, date = {2021-05-14}, organization = {Morphisec}, url = {https://blog.morphisec.com/ahk-rat-loader-leveraged-in-unique-delivery-campaigns}, language = {English}, urldate = {2021-05-17} } AHK RAT Loader Used in Unique Delivery Campaigns
AsyncRAT Houdini Revenge RAT
2021-05-07MorphisecNadav Lorber
@online{lorber:20210507:revealing:add3b8a, author = {Nadav Lorber}, title = {{Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader}}, date = {2021-05-07}, organization = {Morphisec}, url = {https://blog.morphisec.com/revealing-the-snip3-crypter-a-highly-evasive-rat-loader}, language = {English}, urldate = {2021-05-13} } Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader
Agent Tesla AsyncRAT NetWire RC Revenge RAT
2021-04-02MorphisecMichael Gorelik
@online{gorelik:20210402:fair:6f62577, author = {Michael Gorelik}, title = {{The “Fair” Upgrade Variant of Phobos Ransomware}}, date = {2021-04-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/the-fair-upgrade-variant-of-phobos-ransomware}, language = {English}, urldate = {2023-08-14} } The “Fair” Upgrade Variant of Phobos Ransomware
Makop Phobos
2021-03-16MorphisecNadav Lorber
@online{lorber:20210316:tracking:2d8ef0b, author = {Nadav Lorber}, title = {{Tracking HCrypt: An Active Crypter as a Service}}, date = {2021-03-16}, organization = {Morphisec}, url = {https://blog.morphisec.com/tracking-hcrypt-an-active-crypter-as-a-service}, language = {English}, urldate = {2021-05-13} } Tracking HCrypt: An Active Crypter as a Service
AsyncRAT LimeRAT Remcos
2021-03-09MorphisecAlon Groisman
@online{groisman:20210309:minebridge:bd80b6a, author = {Alon Groisman}, title = {{MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism}}, date = {2021-03-09}, organization = {Morphisec}, url = {https://blog.morphisec.com/minebridge-on-the-rise-sophisticated-delivery-mechanism}, language = {English}, urldate = {2021-03-11} } MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
MINEBRIDGE
2021-02-11MorphisecMorphisec
@techreport{morphisec:20210211:analysis:97c0b96, author = {Morphisec}, title = {{An Analysis of the Egregor Ransomware}}, date = {2021-02-11}, institution = {Morphisec}, url = {https://www.morphisec.com/hubfs/eBooks_and_Whitepapers/EGREGOR%20REPORT%20WEB%20FINAL.pdf}, language = {English}, urldate = {2021-02-18} } An Analysis of the Egregor Ransomware
Egregor
2021-02-08MorphisecMichael Dereviashkin
@online{dereviashkin:20210208:long:d1419a2, author = {Michael Dereviashkin}, title = {{Long Live, Osiris; Banking Trojan Targets German IP Addresses}}, date = {2021-02-08}, organization = {Morphisec}, url = {https://blog.morphisec.com/long-live-osiris-banking-trojan-targets-german-ip-addresses}, language = {English}, urldate = {2021-02-09} } Long Live, Osiris; Banking Trojan Targets German IP Addresses
Kronos
2021-02-05MorphisecNadav Lorber
@online{lorber:20210205:cinarat:772720f, author = {Nadav Lorber}, title = {{CinaRAT Resurfaces with New Evasive Tactics and Techniques}}, date = {2021-02-05}, organization = {Morphisec}, url = {https://blog.morphisec.com/cinarat-resurfaces-with-new-evasive-tactics-and-techniques}, language = {English}, urldate = {2021-02-09} } CinaRAT Resurfaces with New Evasive Tactics and Techniques
Quasar RAT
2021-01-04MorphisecArnold Osipov
@techreport{osipov:20210104:threat:b875307, author = {Arnold Osipov}, title = {{Threat Profile the Evolution of the FIN7 JSSLoader}}, date = {2021-01-04}, institution = {Morphisec}, url = {https://www.morphisec.com/hubfs/eBooks_and_Whitepapers/FIN7%20JSSLOADER%20FINAL%20WEB.pdf}, language = {English}, urldate = {2021-01-05} } Threat Profile the Evolution of the FIN7 JSSLoader
JSSLoader
2020-11-12MorphisecArnold Osipov
@online{osipov:20201112:threat:05d4acd, author = {Arnold Osipov}, title = {{Threat Profile: JUPYTER INFOSTEALER}}, date = {2020-11-12}, organization = {Morphisec}, url = {https://blog.morphisec.com/jupyter-infostealer-backdoor-introduction}, language = {English}, urldate = {2021-12-17} } Threat Profile: JUPYTER INFOSTEALER
solarmarker
2020-11-05MorphisecMichael Gorelik
@online{gorelik:20201105:agent:1cefe08, author = {Michael Gorelik}, title = {{Agent Tesla: A Day in a Life of IR}}, date = {2020-11-05}, organization = {Morphisec}, url = {https://blog.morphisec.com/agent-tesla-a-day-in-a-life-of-ir}, language = {English}, urldate = {2020-11-09} } Agent Tesla: A Day in a Life of IR
Agent Tesla
2020-08-20MorphisecArnold Osipov
@online{osipov:20200820:qakbot:a7e14ef, author = {Arnold Osipov}, title = {{QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal}}, date = {2020-08-20}, organization = {Morphisec}, url = {https://blog.morphisec.com/qakbot-qbot-maldoc-two-new-techniques}, language = {English}, urldate = {2020-08-25} } QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal
QakBot
2020-06-24MorphisecArnold Osipov
@online{osipov:20200624:obfuscated:74bfeed, author = {Arnold Osipov}, title = {{Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex}}, date = {2020-06-24}, organization = {Morphisec}, url = {https://blog.morphisec.com/obfuscated-vbscript-drops-zloader-ursnif-qakbot-dridex}, language = {English}, urldate = {2020-06-25} } Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader
2020-06-16MorphisecMichael Gorelik
@online{gorelik:20200616:crystalbit:1906ecc, author = {Michael Gorelik}, title = {{CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign}}, date = {2020-06-16}, organization = {Morphisec}, url = {https://blog.morphisec.com/crystalbit-apple-double-dll-hijack}, language = {English}, urldate = {2020-06-16} } CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign
2020-06-02MorphisecArnold Osipov
@online{osipov:20200602:ursnifgozi:2e20c85, author = {Arnold Osipov}, title = {{Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass}}, date = {2020-06-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/ursnif/gozi-delivery-excel-macro-4.0-utilization-uptick-ocr-bypass}, language = {English}, urldate = {2020-06-25} } Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB
2020-04-02MorphisecArnold Osipov
@online{osipov:20200402:guloader:af464fe, author = {Arnold Osipov}, title = {{GuLoader: The RAT Downloader}}, date = {2020-04-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/guloader-the-rat-downloader}, language = {English}, urldate = {2021-01-10} } GuLoader: The RAT Downloader
CloudEyE
2020-03-18MorphisecArnold Osipov
@online{osipov:20200318:parallax:fa4b01d, author = {Arnold Osipov}, title = {{Parallax: The new RAT on the block}}, date = {2020-03-18}, organization = {Morphisec}, url = {https://blog.morphisec.com/parallax-rat-active-status}, language = {English}, urldate = {2020-03-25} } Parallax: The new RAT on the block
Parallax RAT