Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-25SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220225:disruptive:d6c7b5d, author = {Counter Threat Unit ResearchTeam}, title = {{Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations}}, date = {2022-02-25}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/disruptive-hermeticwiper-attacks-targeting-ukrainian-organizations}, language = {English}, urldate = {2022-03-01} } Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations
HermeticWiper
2022-02-15SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220215:shadowpad:cd3fa10, author = {Counter Threat Unit ResearchTeam}, title = {{ShadowPad Malware Analysis}}, date = {2022-02-15}, organization = {Secureworks}, url = {https://www.secureworks.com/research/shadowpad-malware-analysis}, language = {English}, urldate = {2022-02-17} } ShadowPad Malware Analysis
ShadowPad
2022-01-25SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220125:ransoms:5ec60a6, author = {Counter Threat Unit ResearchTeam}, title = {{Ransoms Demanded for Hijacked Instagram Accounts}}, date = {2022-01-25}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ransoms-demanded-for-hijacked-instagram-accounts}, language = {English}, urldate = {2022-01-28} } Ransoms Demanded for Hijacked Instagram Accounts
2022-01-21SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220121:disruptive:fff238c, author = {Counter Threat Unit ResearchTeam}, title = {{Disruptive Attacks in Ukraine Likely Linked to Escalating Tensions}}, date = {2022-01-21}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/disruptive-attacks-in-ukraine-likely-linked-to-escalating-tensions}, language = {English}, urldate = {2022-01-25} } Disruptive Attacks in Ukraine Likely Linked to Escalating Tensions
WhisperGate
2022-01-21SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220121:whispergate:bcdbf9d, author = {Counter Threat Unit ResearchTeam}, title = {{WhisperGate: Not NotPetya}}, date = {2022-01-21}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/whispergate-not-notpetya}, language = {English}, urldate = {2022-01-25} } WhisperGate: Not NotPetya
WhisperGate
2021-12-17SecureworksCounter Threat Unit ResearchTeam, Secureworks Incident Response Team
@online{researchteam:20211217:nopac:2dd9d15, author = {Counter Threat Unit ResearchTeam and Secureworks Incident Response Team}, title = {{noPac: A Tale of Two Vulnerabilities That Could End in Ransomware}}, date = {2021-12-17}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/nopac-a-tale-of-two-vulnerabilities-that-could-end-in-ransomware}, language = {English}, urldate = {2022-01-25} } noPac: A Tale of Two Vulnerabilities That Could End in Ransomware
2021-10-11SecureworksSecureWorks
@online{secureworks:20211011:2021:42b780d, author = {SecureWorks}, title = {{2021 State of the Threat: A Year in Review}}, date = {2021-10-11}, organization = {Secureworks}, url = {https://content.secureworks.com/-/media/Files/US/Reports/Secureworks_SE_2021StateoftheThreatReport.ashx}, language = {English}, urldate = {2021-11-08} } 2021 State of the Threat: A Year in Review
2021-09-22SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210922:revil:5b97baf, author = {Counter Threat Unit ResearchTeam}, title = {{REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released}}, date = {2021-09-22}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/revil-ransomware-reemerges-after-shutdown-universal-decryptor-released}, language = {English}, urldate = {2021-09-28} } REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released
REvil REvil
2021-08-05SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210805:detecting:235fe13, author = {Counter Threat Unit ResearchTeam}, title = {{Detecting Cobalt Strike: Government-Sponsored Threat Groups (APT32)}}, date = {2021-08-05}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/detecting-cobalt-strike-government-sponsored-threat-groups}, language = {English}, urldate = {2021-08-06} } Detecting Cobalt Strike: Government-Sponsored Threat Groups (APT32)
Cobalt Strike
2021-08-04SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210804:detecting:b379acb, author = {Counter Threat Unit ResearchTeam}, title = {{Detecting Cobalt Strike: Cybercrime Attacks (GOLD LAGOON)}}, date = {2021-08-04}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/detecting-cobalt-strike-cybercrime-attacks}, language = {English}, urldate = {2021-08-06} } Detecting Cobalt Strike: Cybercrime Attacks (GOLD LAGOON)
Cobalt Strike
2021-07-20SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210720:ongoing:1e6dbd0, author = {Counter Threat Unit ResearchTeam}, title = {{Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran}}, date = {2021-07-20}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ongoing-campaign-leveraging-exchange-vulnerability-potentially-linked-to-iran}, language = {English}, urldate = {2021-07-26} } Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran
CHINACHOPPER MimiKatz RGDoor
2021-06-22SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210622:lv:a58b99f, author = {Counter Threat Unit ResearchTeam}, title = {{LV Ransomware}}, date = {2021-06-22}, organization = {Secureworks}, url = {https://www.secureworks.com/research/lv-ransomware}, language = {English}, urldate = {2021-06-23} } LV Ransomware
REvil
2021-06-15SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210615:hades:e1734d8, author = {Counter Threat Unit ResearchTeam}, title = {{Hades Ransomware Operators Use Distinctive Tactics and Infrastructure}}, date = {2021-06-15}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/hades-ransomware-operators-use-distinctive-tactics-and-infrastructure}, language = {English}, urldate = {2021-06-21} } Hades Ransomware Operators Use Distinctive Tactics and Infrastructure
Cobalt Strike Hades
2021-06-03SecureworksSecureworks Adversary Group, Counter Threat Unit ResearchTeam
@online{group:20210603:oauths:50516b7, author = {Secureworks Adversary Group and Counter Threat Unit ResearchTeam}, title = {{OAuth’s Device Code Flow Abused in Phishing Attacks}}, date = {2021-06-03}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/oauths-device-code-flow-abused-in-phishing-attacks}, language = {English}, urldate = {2021-06-22} } OAuth’s Device Code Flow Abused in Phishing Attacks
2021-05-13SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210513:ransomware:1c6898a, author = {Counter Threat Unit ResearchTeam}, title = {{Ransomware Groups Use Tor-Based Backdoor for Persistent Access}}, date = {2021-05-13}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ransomware-groups-use-tor-based-backdoor-for-persistent-access}, language = {English}, urldate = {2021-05-26} } Ransomware Groups Use Tor-Based Backdoor for Persistent Access
DarkSide Snatch GOLD WATERFALL
2021-03-08SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210308:supernova:c12f8f7, author = {Counter Threat Unit ResearchTeam}, title = {{SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group}}, date = {2021-03-08}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/supernova-web-shell-deployment-linked-to-spiral-threat-group}, language = {English}, urldate = {2021-03-10} } SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL
2021SecureworksSecureWorks
@online{secureworks:2021:gold:b36de33, author = {SecureWorks}, title = {{GOLD PRELUDE}}, date = {2021}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/gold-prelude}, language = {English}, urldate = {2023-01-03} } GOLD PRELUDE
GOLD PRELUDE
2021SecureworksSecureWorks
@online{secureworks:2021:threat:7406344, author = {SecureWorks}, title = {{Threat Profile: GOLD NORTHFIELD}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-northfield}, language = {English}, urldate = {2021-06-01} } Threat Profile: GOLD NORTHFIELD
GOLD NORTHFIELD
2021SecureworksSecureWorks
@online{secureworks:2021:threat:7e8aa73, author = {SecureWorks}, title = {{Threat Profile: GOLD VILLAGE}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-village}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD VILLAGE
Maze TA2101
2021SecureworksSecureWorks
@online{secureworks:2021:threat:9cb31b0, author = {SecureWorks}, title = {{Threat Profile: GOLD GALLEON}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-galleon}, language = {English}, urldate = {2021-06-01} } Threat Profile: GOLD GALLEON
Agent Tesla HawkEye Keylogger Pony GOLD GALLEON