Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-03-13Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
DarkGate
2024-02-13Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
DarkMe
2024-01-30AT&T CybersecurityPeter Boyle
DarkGate malware delivered via Microsoft Teams - detection and response
DarkGate
2024-01-12Trend MicroAliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
Phemedrone Stealer
2023-11-23Trend MicroAliakbar Zahravi, Peter Girnus
ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil
ParaSiteSnatcher
2023-11-20Trend MicroPeter Girnus
CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits
2023-10-04Virus BulletinPeter Kálnai
Lazarus Campaigns and Backdoors in 2022-23
SimpleTea POOLRAT 3CX Backdoor BLINDINGCAN CLOUDBURST DRATzarus ForestTiger ImprudentCook LambLoad LightlessCan miniBlindingCan PostNapTea SnatchCrypto wAgentTea WebbyTea WinInetLoader
2023-09-29ESET ResearchPeter Kálnai
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
CLOUDBURST LightlessCan miniBlindingCan sRDI
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-04-20ESET ResearchMarc-Etienne M.Léveillé, Peter Kálnai
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL SimpleTea POOLRAT 3CX Backdoor BADCALL IconicStealer
2023-02-09Trend MicroAliakbar Zahravi, Peter Girnus
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
Enigma Loader
2023-01-17Trend MicroAliakbar Zahravi, Peter Girnus
Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
NjRAT
2022-09-30ESET ResearchPeter Kálnai
Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium
BLINDINGCAN FudModule HTTP(S) uploader LambLoad TOUCHMOVE
2022-09-30Virus BulletinMatěj Havránek, Peter Kálnai
Lazarus & BYOVD: evil to the Windows core
FudModule
2022-08-16Twitter (@ESETresearch)Dominik Breitenbacher, Peter Kálnai
Twitter thread about Operation In(ter)ception for macOS
Interception
2022-07-19Palo Alto Networks Unit 42Mike Harbison, Peter Renals
Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive
Cobalt Strike EnvyScout Gdrive
2022-07-14SophosAndrew Brandt, Andy French, Bill Kearney, Elida Leite, Harinder Bhathal, Lee Kirkpatrick, Peter Mackenzie, Robert Weiland, Sergio Bestulic
BlackCat ransomware attacks not merely a byproduct of bad luck
BlackCat BlackCat
2022-07-05Palo Alto Networks Unit 42Mike Harbison, Peter Renals
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
2022-06-06NCC GroupPeter Gurney, Ross Inman
Shining the Light on Black Basta
Black Basta
2022-05-20nccgroupPeter Gurney
Metastealer – filling the Racoon void
MetaStealer