Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-20TrellixChristiaan Beek, Max Kersten, Raj Samani
@online{beek:20220120:return:a89bce6, author = {Christiaan Beek and Max Kersten and Raj Samani}, title = {{Return of Pseudo Ransomware}}, date = {2022-01-20}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/return-of-pseudo-ransomware.html}, language = {English}, urldate = {2022-01-24} } Return of Pseudo Ransomware
WhisperGate
2022-01-20US Department of Health and Human ServicesHHS
@techreport{hhs:20220120:log4j:fb35fe9, author = {HHS}, title = {{Log4J Vulnerabilities and the Health Sector}}, date = {2022-01-20}, institution = {US Department of Health and Human Services}, url = {https://www.hhs.gov/sites/default/files/log4j-vulnerabilities-health-sector.pdf}, language = {English}, urldate = {2022-01-24} } Log4J Vulnerabilities and the Health Sector
2022-01-20BleepingComputerLawrence Abrams
@online{abrams:20220120:fbi:e5f3fc1, author = {Lawrence Abrams}, title = {{FBI links Diavol ransomware to the TrickBot cybercrime group}}, date = {2022-01-20}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/fbi-links-diavol-ransomware-to-the-trickbot-cybercrime-group/}, language = {English}, urldate = {2022-01-24} } FBI links Diavol ransomware to the TrickBot cybercrime group
Diavol
2022-01-20SpamhausSpamhaus Malware Labs
@techreport{labs:20220120:spamhaus:2739e3a, author = {Spamhaus Malware Labs}, title = {{Spamhaus Botnet Threat Update Q4 2021}}, date = {2022-01-20}, institution = {Spamhaus}, url = {https://www.spamhaus.com/custom-content/uploads/2022/01/2021-Q4-Botnet-Threat-Update.pdf}, language = {English}, urldate = {2022-01-24} } Spamhaus Botnet Threat Update Q4 2021
2022-01-20LIFARSVlad Pasca
@online{pasca:20220120:detailed:87c1f12, author = {Vlad Pasca}, title = {{A Detailed Analysis of WhisperGate Targeting Ukrainian Organizations}}, date = {2022-01-20}, organization = {LIFARS}, url = {https://lifars.com/2022/01/a-detailed-analysis-of-whispergate-targeting-ukrainian-organizations/}, language = {English}, urldate = {2022-01-24} } A Detailed Analysis of WhisperGate Targeting Ukrainian Organizations
WhisperGate
2022-01-20KasperskyMark Lechtik, Vasily Berdnikov, Denis Legezo, Ilya Borisov
@online{lechtik:20220120:moonbounce:cd173f1, author = {Mark Lechtik and Vasily Berdnikov and Denis Legezo and Ilya Borisov}, title = {{MoonBounce: the dark side of UEFI firmware}}, date = {2022-01-20}, organization = {Kaspersky}, url = {https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/}, language = {English}, urldate = {2022-01-24} } MoonBounce: the dark side of UEFI firmware
MoonBounce
2022-01-20MandiantJohn Hultquist
@online{hultquist:20220120:anticipating:8005282, author = {John Hultquist}, title = {{Anticipating Cyber Threats as the Ukraine Crisis Escalates}}, date = {2022-01-20}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/ukraine-crisis-cyber-threats}, language = {English}, urldate = {2022-01-24} } Anticipating Cyber Threats as the Ukraine Crisis Escalates
2022-01-20SANS ISC InfoSec ForumsXavier Mertens
@online{mertens:20220120:redline:87c27db, author = {Xavier Mertens}, title = {{RedLine Stealer Delivered Through FTP}}, date = {2022-01-20}, organization = {SANS ISC InfoSec Forums}, url = {https://isc.sans.edu/forums/diary/RedLine+Stealer+Delivered+Through+FTP/28258/}, language = {English}, urldate = {2022-01-24} } RedLine Stealer Delivered Through FTP
RedLine Stealer
2022-01-20Twitter (@nunohaien)Tillmann Werner
@online{werner:20220120:key:d2605ca, author = {Tillmann Werner}, title = {{Tweet on key points of Whispergate wiper}}, date = {2022-01-20}, organization = {Twitter (@nunohaien)}, url = {https://twitter.com/nunohaien/status/1484088885575622657}, language = {English}, urldate = {2022-01-24} } Tweet on key points of Whispergate wiper
WhisperGate
2022-01-20BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220120:threat:e0eda13, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Purple Fox Rootkit}}, date = {2022-01-20}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/01/threat-thursday-purple-fox-rootkit}, language = {English}, urldate = {2022-01-24} } Threat Thursday: Purple Fox Rootkit
win.purplefox
2022-01-20Trend MicroStephen Hilt, Fernando Mercês
@techreport{hilt:20220120:backing:9498542, author = {Stephen Hilt and Fernando Mercês}, title = {{Backing Your Backup Defending NAS Devices Against Evolving Threats}}, date = {2022-01-20}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/pdf/wp-backing-your-backup-defending-nas-devices-against-evolving-threats.pdf}, language = {English}, urldate = {2022-01-24} } Backing Your Backup Defending NAS Devices Against Evolving Threats
QNAPCrypt QSnatch
2022-01-19SophosColin Cowie, Mat Gangwer, Stan Andic, Sophos MTR Team
@online{cowie:20220119:zloader:e87c22c, author = {Colin Cowie and Mat Gangwer and Stan Andic and Sophos MTR Team}, title = {{Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike}}, date = {2022-01-19}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2022/01/19/zloader-installs-remote-access-backdoors-and-delivers-cobalt-strike/}, language = {English}, urldate = {2022-01-25} } Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike
Cobalt Strike Zloader
2022-01-19AhnLabASEC Analysis Team
@online{team:20220119:ddos:225c5df, author = {ASEC Analysis Team}, title = {{DDoS IRC Bot Malware (GoLang) Being Distributed via Webhards}}, date = {2022-01-19}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/30755/}, language = {English}, urldate = {2022-01-25} } DDoS IRC Bot Malware (GoLang) Being Distributed via Webhards
2022-01-19MandiantAdrian Sanchez Hernandez, Paul Tarter, Ervin James Ocampo
@online{hernandez:20220119:one:b4b3bf7, author = {Adrian Sanchez Hernandez and Paul Tarter and Ervin James Ocampo}, title = {{One Source to Rule Them All: Chasing AVADDON Ransomware}}, date = {2022-01-19}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/chasing-avaddon-ransomware}, language = {English}, urldate = {2022-01-24} } One Source to Rule Them All: Chasing AVADDON Ransomware
BlackMatter Avaddon BlackMatter MedusaLocker SystemBC ThunderX
2022-01-19ElasticDerek Ditch, Daniel Stepanic, Andrew Pease, Seth Goodwin
@online{ditch:20220119:extracting:39bd5e5, author = {Derek Ditch and Daniel Stepanic and Andrew Pease and Seth Goodwin}, title = {{Extracting Cobalt Strike Beacon Configurations}}, date = {2022-01-19}, organization = {Elastic}, url = {https://elastic.github.io/security-research/intelligence/2022/01/03.extracting-cobalt-strike-beacon/article/}, language = {English}, urldate = {2022-01-25} } Extracting Cobalt Strike Beacon Configurations
Cobalt Strike
2022-01-19ChainanalysisChainalysis Team
@online{team:20220119:meet:b0e3f43, author = {Chainalysis Team}, title = {{Meet the Malware Families Helping Hackers Steal and Mine Millions in Cryptocurrency}}, date = {2022-01-19}, organization = {Chainanalysis}, url = {https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-malware/}, language = {English}, urldate = {2022-01-24} } Meet the Malware Families Helping Hackers Steal and Mine Millions in Cryptocurrency
Glupteba RedLine Stealer
2022-01-19ElasticDerek Ditch, Daniel Stepanic, Andrew Pease, Seth Goodwin
@online{ditch:20220119:collecting:696e5d0, author = {Derek Ditch and Daniel Stepanic and Andrew Pease and Seth Goodwin}, title = {{Collecting Cobalt Strike Beacons with the Elastic Stack}}, date = {2022-01-19}, organization = {Elastic}, url = {https://elastic.github.io/security-research/intelligence/2022/01/02.collecting-cobalt-strike-beacons/article/}, language = {English}, urldate = {2022-01-25} } Collecting Cobalt Strike Beacons with the Elastic Stack
Cobalt Strike
2022-01-19Recorded FutureZachary Haver, Roderick Lee, Morgan Clemens, Kenneth Allen, Insikt Group®
@techreport{haver:20220119:peoples:58d824b, author = {Zachary Haver and Roderick Lee and Morgan Clemens and Kenneth Allen and Insikt Group®}, title = {{The People's Liberation Army in the South China Sea: An Organizational Guide}}, date = {2022-01-19}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0119.pdf}, language = {English}, urldate = {2022-01-24} } The People's Liberation Army in the South China Sea: An Organizational Guide
2022-01-19FBIFBI
@techreport{fbi:20220119:cu000161mw:19f7d2b, author = {FBI}, title = {{CU-000161-MW: Indicators of Compromise Associated with Diavol Ransomware}}, date = {2022-01-19}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2022/220120.pdf}, language = {English}, urldate = {2022-01-24} } CU-000161-MW: Indicators of Compromise Associated with Diavol Ransomware
Diavol TrickBot
2022-01-19rxOred's blogrxored
@online{rxored:20220119:whispergate:39880e3, author = {rxored}, title = {{WhisperGate}}, date = {2022-01-19}, organization = {rxOred's blog}, url = {https://rxored.github.io/post/analysis/whispergate/whispergate/}, language = {English}, urldate = {2022-01-24} } WhisperGate
WhisperGate