Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-31Twitter (@LukasStefanko)Lukáš Štefanko
@online{tefanko:20220331:vajraspy:1a8d32b, author = {Lukáš Štefanko}, title = {{Tweet on VajraSpy}}, date = {2022-03-31}, organization = {Twitter (@LukasStefanko)}, url = {https://twitter.com/LukasStefanko/status/1509451238366236674}, language = {English}, urldate = {2022-03-31} } Tweet on VajraSpy
VajraSpy
2022-03-31Twitter (@3xp0rtblog)3xp0rt
@online{3xp0rt:20220331:eternity:86e2c72, author = {3xp0rt}, title = {{Tweet on Eternity stealer}}, date = {2022-03-31}, organization = {Twitter (@3xp0rtblog)}, url = {https://twitter.com/3xp0rtblog/status/1509601846494695438}, language = {English}, urldate = {2022-05-04} } Tweet on Eternity stealer
Eternity Stealer
2022-03-30Twitter (@hpsecurity)HP Wolf Security
@online{security:20220330:recent:56ca1b3, author = {HP Wolf Security}, title = {{Tweet on recent Mekotio Banker campaign}}, date = {2022-03-30}, organization = {Twitter (@hpsecurity)}, url = {https://twitter.com/hpsecurity/status/1509185858146082816}, language = {English}, urldate = {2022-03-31} } Tweet on recent Mekotio Banker campaign
Mekotio
2022-03-24Twitter (@struppigel)Karsten Hahn
@online{hahn:20220324:ginzo:3ae1c21, author = {Karsten Hahn}, title = {{Tweet on Ginzo Stealer}}, date = {2022-03-24}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1506933328599044100}, language = {English}, urldate = {2022-03-28} } Tweet on Ginzo Stealer
Ginzo Stealer
2022-03-24Twitter (@ESETresearch)ESET Research
@online{research:20220324:pipemon:351014e, author = {ESET Research}, title = {{Tweet on PipeMon variants by Winnti Group}}, date = {2022-03-24}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1506904404225630210}, language = {English}, urldate = {2022-03-30} } Tweet on PipeMon variants by Winnti Group
PipeMon
2022-03-15Twitter (@HackNPatch)HackNPatch
@online{hacknpatch:20220315:exploring:5399622, author = {HackNPatch}, title = {{Tweet on Exploring CaddyWiper API resolution}}, date = {2022-03-15}, organization = {Twitter (@HackNPatch)}, url = {https://twitter.com/HackPatch/status/1503538555611607042}, language = {English}, urldate = {2022-03-28} } Tweet on Exploring CaddyWiper API resolution
CaddyWiper
2022-03-14Twitter (@ESETresearch)ESET Research
@online{research:20220314:caddywiper:ac25105, author = {ESET Research}, title = {{Tweet on CaddyWiper as 3rd destructive wiper found deployed against Ukraine}}, date = {2022-03-14}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1503436420886712321}, language = {English}, urldate = {2022-03-14} } Tweet on CaddyWiper as 3rd destructive wiper found deployed against Ukraine
CaddyWiper
2022-03-12Twitter (@ET_Labs)ET Labs
@online{labs:20220312:quick:ef9cb00, author = {ET Labs}, title = {{A quick thread examining the network artifacts of the HermeticWizard spreading}}, date = {2022-03-12}, organization = {Twitter (@ET_Labs)}, url = {https://twitter.com/ET_Labs/status/1502494650640351236}, language = {English}, urldate = {2022-03-28} } A quick thread examining the network artifacts of the HermeticWizard spreading
HermeticWizard
2022-03-10Twitter (@teamcymru_S2)Team Cymru
@online{cymru:20220310:crimson:a646aac, author = {Team Cymru}, title = {{Tweet on Crimson RAT infrastructure used by APT36}}, date = {2022-03-10}, organization = {Twitter (@teamcymru_S2)}, url = {https://twitter.com/teamcymru_S2/status/1501955802025836546}, language = {English}, urldate = {2022-03-14} } Tweet on Crimson RAT infrastructure used by APT36
Crimson RAT
2022-03-10Twitter (@Katechondic)Katechondic
@online{katechondic:20220310:additional:5dd63e9, author = {Katechondic}, title = {{Tweet on additional computer names "desktop-g1i8n3f" & "desktop-j6llo2k", seen with Crimson RAT C2 infrastructure used by APT36}}, date = {2022-03-10}, organization = {Twitter (@Katechondic)}, url = {https://twitter.com/katechondic/status/1502206599166939137}, language = {English}, urldate = {2022-03-14} } Tweet on additional computer names "desktop-g1i8n3f" & "desktop-j6llo2k", seen with Crimson RAT C2 infrastructure used by APT36
Crimson RAT
2022-03-09Twitter (@silascutler)Silas Cutler
@online{cutler:20220309:hermeticwizards:3cd717d, author = {Silas Cutler}, title = {{Tweet on HermeticWizard's self-spreading mechanism}}, date = {2022-03-09}, organization = {Twitter (@silascutler)}, url = {https://twitter.com/silascutler/status/1501668345640366091}, language = {English}, urldate = {2022-03-10} } Tweet on HermeticWizard's self-spreading mechanism
HermeticWizard
2022-03-08Twitter (@CyberJack42)CyberJack
@online{cyberjack:20220308:elfshelf:2111663, author = {CyberJack}, title = {{Tweet on ELFSHELF alias for KEYPLUG}}, date = {2022-03-08}, organization = {Twitter (@CyberJack42)}, url = {https://twitter.com/CyberJack42/status/1501290277864046595}, language = {English}, urldate = {2022-03-14} } Tweet on ELFSHELF alias for KEYPLUG
KEYPLUG
2022-03-08Twitter (@ShaneHuntley)Shane Huntley, Google Threat Analysis Group
@online{huntley:20220308:apt31:9193a1d, author = {Shane Huntley and Google Threat Analysis Group}, title = {{Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February}}, date = {2022-03-08}, organization = {Twitter (@ShaneHuntley)}, url = {https://twitter.com/ShaneHuntley/status/1501224764530069504}, language = {English}, urldate = {2022-03-10} } Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February
2022-03-08Twitter (@struppigel)Karsten Hahn
@online{hahn:20220308:kazyloader:9ce00d5, author = {Karsten Hahn}, title = {{Tweet on KazyLoader}}, date = {2022-03-08}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1501105224819392516}, language = {English}, urldate = {2022-03-08} } Tweet on KazyLoader
KazyLoader
2022-03-01Twitter (@TheDFIRReport)The DFIR Report
@online{report:20220301:twitter:fbd496d, author = {The DFIR Report}, title = {{Twitter thread with highlights from conti leaks}}, date = {2022-03-01}, organization = {Twitter (@TheDFIRReport)}, url = {https://twitter.com/TheDFIRReport/status/1498642512935800833}, language = {English}, urldate = {2022-03-02} } Twitter thread with highlights from conti leaks
Conti
2022-03-01Twitter (@ContiLeaks)ContiLeaks
@online{contileaks:20220301:emotet:b68be9c, author = {ContiLeaks}, title = {{Tweet on Emotet final server scheme}}, date = {2022-03-01}, organization = {Twitter (@ContiLeaks)}, url = {https://twitter.com/ContiLeaks/status/1498614197202079745}, language = {English}, urldate = {2022-03-02} } Tweet on Emotet final server scheme
Emotet
2022-02-28Twitter (@M_haggis)The Haag
@online{haag:20220228:parsing:7eb8f68, author = {The Haag}, title = {{Tweet on parsing Daxin driver metadata using powershell}}, date = {2022-02-28}, organization = {Twitter (@M_haggis)}, url = {https://twitter.com/M_haggis/status/1498399791276912640}, language = {English}, urldate = {2022-03-07} } Tweet on parsing Daxin driver metadata using powershell
Daxin
2022-02-28Twitter (@struppigel)Karsten Hahn
@online{hahn:20220228:gofing:a128982, author = {Karsten Hahn}, title = {{Tweet on Gofing discovery}}, date = {2022-02-28}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1498229809675214849}, language = {English}, urldate = {2022-03-18} } Tweet on Gofing discovery
Gofing
2022-02-25Twitter (@fr0gger)Thomas Roccia
@online{roccia:20220225:tweets:68e5727, author = {Thomas Roccia}, title = {{Tweets with an overview of HermeticWiper}}, date = {2022-02-25}, organization = {Twitter (@fr0gger)}, url = {https://twitter.com/fr0gger_/status/1497121876870832128}, language = {English}, urldate = {2022-03-01} } Tweets with an overview of HermeticWiper
HermeticWiper
2022-02-23Twitter (@threatintel)Symantec Threat Intelligence
@online{intelligence:20220223:new:7beccbc, author = {Symantec Threat Intelligence}, title = {{Tweet on new wiper malware being used in attacks on Ukraine}}, date = {2022-02-23}, organization = {Twitter (@threatintel)}, url = {https://twitter.com/threatintel/status/1496578746014437376}, language = {English}, urldate = {2022-03-01} } Tweet on new wiper malware being used in attacks on Ukraine
HermeticWiper