Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-01Kaspersky LabsIgor Kuznetsov, Valentin Pashkov, Leonid Bezvershenko, Georgy Kucherin
@online{kuznetsov:20230601:operation:ad8eded, author = {Igor Kuznetsov and Valentin Pashkov and Leonid Bezvershenko and Georgy Kucherin}, title = {{Operation Triangulation: iOS devices targeted with previously unknown malware}}, date = {2023-06-01}, organization = {Kaspersky Labs}, url = {https://securelist.com/operation-triangulation/109842/}, language = {English}, urldate = {2023-06-01} } Operation Triangulation: iOS devices targeted with previously unknown malware
2023-05-24cybleCyble
@online{cyble:20230524:notable:f9b9f33, author = {Cyble}, title = {{Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023}}, date = {2023-05-24}, organization = {cyble}, url = {https://blog.cyble.com/2023/05/24/notable-ddos-attack-tools-and-services-supporting-hacktivist-operations-in-2023/}, language = {English}, urldate = {2023-11-27} } Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023
2023-05-04SOCRadarSOCRadar
@online{socradar:20230504:sandworm:da4d4f4, author = {SOCRadar}, title = {{Sandworm Attackers Use WinRAR to Wipe Data from Government Devices}}, date = {2023-05-04}, organization = {SOCRadar}, url = {https://socradar.io/sandworm-attackers-use-winrar-to-wipe-data-from-government-devices/}, language = {English}, urldate = {2023-07-20} } Sandworm Attackers Use WinRAR to Wipe Data from Government Devices
RoarBAT
2023-04-26UptycsUptycs Threat Research
@online{research:20230426:rtm:48d9f37, author = {Uptycs Threat Research}, title = {{RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture}}, date = {2023-04-26}, organization = {Uptycs}, url = {https://www.uptycs.com/blog/rtm-locker-ransomware-as-a-service-raas-linux}, language = {English}, urldate = {2023-11-13} } RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture
RTM Locker
2023-04-20VirusTotalVicente Diaz
@online{diaz:20230420:apt43:ada14ec, author = {Vicente Diaz}, title = {{APT43: An investigation into the North Korean group’s cybercrime operations}}, date = {2023-04-20}, organization = {VirusTotal}, url = {https://blog.virustotal.com/2023/04/apt43-investigation-into-north-korean.html}, language = {English}, urldate = {2023-04-25} } APT43: An investigation into the North Korean group’s cybercrime operations
2023-04-19MicrosoftJustin Warner, Microsoft Threat Intelligence Center (MSTIC)
@online{warner:20230419:exploring:c68c1d0, author = {Justin Warner and Microsoft Threat Intelligence Center (MSTIC)}, title = {{Exploring STRONTIUM's Abuse of Cloud Services}}, date = {2023-04-19}, organization = {Microsoft}, url = {https://www.youtube.com/watch?v=_qdCGgQlHJE}, language = {English}, urldate = {2023-04-22} } Exploring STRONTIUM's Abuse of Cloud Services
FusionDrive
2023-04-18NCSC UKUnited Kingdom’s National Cyber Security Centre (NCSC-UK)
@techreport{ncscuk:20230418:jaguar:421e6fb, author = {United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{Jaguar Tooth - Cisco IOS malware that collects device information and enables backdoor access}}, date = {2023-04-18}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/jaguar-tooth/NCSC-MAR-Jaguar-Tooth.pdf}, language = {English}, urldate = {2023-04-22} } Jaguar Tooth - Cisco IOS malware that collects device information and enables backdoor access
2023-04-13GOV.PLgov.pl
@online{govpl:20230413:espionage:089263f, author = {gov.pl}, title = {{Espionage campaign linked to Russian intelligence services}}, date = {2023-04-13}, organization = {GOV.PL}, url = {https://www.gov.pl/web/baza-wiedzy/espionage-campaign-linked-to-russian-intelligence-services}, language = {English}, urldate = {2023-04-18} } Espionage campaign linked to Russian intelligence services
2023-04-13GOV.PLMilitary Counterintelligence Service, CERT.PL
@online{service:20230413:snowyamber:f5404f6, author = {Military Counterintelligence Service and CERT.PL}, title = {{SNOWYAMBER - Malware Analysis Report}}, date = {2023-04-13}, organization = {GOV.PL}, url = {https://www.gov.pl/attachment/ee91f24d-3e67-436d-aa50-7fa56acf789d}, language = {English}, urldate = {2023-06-01} } SNOWYAMBER - Malware Analysis Report
GraphicalNeutrino
2023-04-13GOV.PLMilitary Counterintelligence Service, CERT.PL
@online{service:20230413:halfrig:787dcfb, author = {Military Counterintelligence Service and CERT.PL}, title = {{HALFRIG - Malware Analysis Report}}, date = {2023-04-13}, organization = {GOV.PL}, url = {https://www.gov.pl/attachment/64193e8d-05e2-4cbf-bb4c-5f58da21fefb}, language = {English}, urldate = {2023-06-01} } HALFRIG - Malware Analysis Report
HALFRIG
2023-04-13GOV.PLMilitary Counterintelligence Service, CERT.PL
@online{service:20230413:quarterrig:0435e72, author = {Military Counterintelligence Service and CERT.PL}, title = {{QUARTERRIG - Malware Analysis Report}}, date = {2023-04-13}, organization = {GOV.PL}, url = {https://www.gov.pl/attachment/6f51bb1a-3ad2-461c-a16d-408915a56f77}, language = {English}, urldate = {2023-06-01} } QUARTERRIG - Malware Analysis Report
QUARTERRIG
2023-03-30ZscalerJavier Vicente, Brett Stone-Gross, Nikolaos Pantazopoulos
@online{vicente:20230330:technical:99c71e1, author = {Javier Vicente and Brett Stone-Gross and Nikolaos Pantazopoulos}, title = {{Technical Analysis of Xloader’s Code Obfuscation in Version 4.3}}, date = {2023-03-30}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/technical-analysis-xloaders-code-obfuscation-version-43}, language = {English}, urldate = {2023-09-07} } Technical Analysis of Xloader’s Code Obfuscation in Version 4.3
Formbook
2023-03-23Medium s2wlabBLKSMTH, S2W TALON
@online{blksmth:20230323:scarcruft:82ba4d6, author = {BLKSMTH and S2W TALON}, title = {{Scarcruft Bolsters Arsenal for targeting individual Android devices}}, date = {2023-03-23}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/scarcruft-bolsters-arsenal-for-targeting-individual-android-devices-97d2bcef4ab}, language = {English}, urldate = {2023-03-27} } Scarcruft Bolsters Arsenal for targeting individual Android devices
RambleOn RokRAT
2023-03-13SentinelOneJim Walter
@online{walter:20230313:catb:ea73312, author = {Jim Walter}, title = {{CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking}}, date = {2023-03-13}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/decrypting-catb-ransomware-analyzing-their-latest-attack-methods/}, language = {English}, urldate = {2023-03-15} } CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking
CatB
2023-03-09State Service of Special Communication and Information Protection of Ukraine (CIP)
@online{cip:20230309:russias:f40dc09, author = {State Service of Special Communication and Information Protection of Ukraine (CIP)}, title = {{Russia's Cyber Tactics: Lessons Learned 2022}}, date = {2023-03-09}, url = {https://cip.gov.ua/services/cm/api/attachment/download?id=53466}, language = {English}, urldate = {2023-03-13} } Russia's Cyber Tactics: Lessons Learned 2022
2023-03-08MandiantDANIEL LEE, Stephen Eckels, Ben Read
@online{lee:20230308:suspected:ebbc1c8, author = {DANIEL LEE and Stephen Eckels and Ben Read}, title = {{Suspected Chinese Campaign to Persist on SonicWall Devices, Highlights Importance of Monitoring Edge Devices}}, date = {2023-03-08}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/suspected-chinese-persist-sonicwall}, language = {English}, urldate = {2023-04-22} } Suspected Chinese Campaign to Persist on SonicWall Devices, Highlights Importance of Monitoring Edge Devices
2023-02-16EclecticIQEclecticIQ Threat Research Team
@online{team:20230216:three:f838713, author = {EclecticIQ Threat Research Team}, title = {{Three Cases of Cyber Attacks on the Security Service of Ukraine and NATO Allies, Likely by Russian State-Sponsored Gamaredon}}, date = {2023-02-16}, organization = {EclecticIQ}, url = {https://blog.eclecticiq.com/three-cases-of-cyber-attacks-on-the-security-service-of-ukraine-and-nato-allies-likely-by-russian-state-sponsored-gamaredon}, language = {English}, urldate = {2023-02-21} } Three Cases of Cyber Attacks on the Security Service of Ukraine and NATO Allies, Likely by Russian State-Sponsored Gamaredon
2023-02-14IntrinsecIntrinsec, CTI Intrinsec
@online{intrinsec:20230214:vicesociety:2dffe2e, author = {Intrinsec and CTI Intrinsec}, title = {{Vice-Society spreads its own ransomware}}, date = {2023-02-14}, organization = {Intrinsec}, url = {https://www.intrinsec.com/vice-society-spreads-its-own-ransomware/}, language = {English}, urldate = {2023-02-15} } Vice-Society spreads its own ransomware
HelloKitty PolyVice Zeppelin
2023-01-26Palo Alto Networks Unit 42Mike Harbison, Jen Miller-Osborn
@online{harbison:20230126:chinese:a83622f, author = {Mike Harbison and Jen Miller-Osborn}, title = {{Chinese PlugX Malware Hidden in Your USB Devices?}}, date = {2023-01-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/}, language = {English}, urldate = {2023-01-27} } Chinese PlugX Malware Hidden in Your USB Devices?
PlugX
2022-12-22Sentinel LABSAntonio Cocomazzi
@online{cocomazzi:20221222:custombranded:3f5dd45, author = {Antonio Cocomazzi}, title = {{Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development}}, date = {2022-12-22}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/labs/custom-branded-ransomware-the-vice-society-group-and-the-threat-of-outsourced-development/}, language = {English}, urldate = {2023-01-05} } Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development
Curator PolyVice