Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-30KasperskyPierre Delcher
The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
MimiKatz Owlproxy SessionManager
2022-06-29SekoiaPierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Raccoon Stealer v2 – Part 2: In-depth analysis
Raccoon
2022-06-28SekoiaPierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Raccoon Stealer v2 – Part 1: The return of the dead
Raccoon
2022-06-13SekoiaPierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
BumbleBee: a new trendy loader for Initial Access Brokers
BumbleBee
2022-04-07SekoiaPierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Mars, a red-hot information stealer
Mars Stealer
2021-12-14Kaspersky LabsPaul Rascagnères, Pierre Delcher
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa
2021-09-29Kaspersky LabsIvan Kwiatkowski, Pierre Delcher
DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris Storm-0473
2021-04-05KasperskyIvan Kwiatkowski, Mark Lechtik, Pierre Delcher
The leap of a Cycldek-related threat actor
2021-01-12pierrekim blogPierre
Multiple vulnerabilities found in FiberHome HG6245D routers
2020-12-03Kaspersky LabsPierre Delcher
What did DeathStalker hide between two ferns?
PowerPepper Evilnum
2020-10-15Kaspersky LabsFélix Aime, Ivan Kwiatkowski, Pierre Delcher
IAmTheKing and the SlothfulMedia malware family
SlothfulMedia
2020-08-24Kaspersky LabsIvan Kwiatkowski, Maher Yamout, Pierre Delcher
Lifting the veil on DeathStalker, a mercenary triumvirate
EVILNUM Janicab Evilnum
2020-07-28Kaspersky LabsFélix Aime, Ivan Kwiatkowski, Pierre Delcher
Lazarus on the hunt for big game
Dacls Dacls Dacls VHD Ransomware
2020-03-31Kaspersky LabsFélix Aime, Ivan Kwiatkowski, Pierre Delcher
Holy water: ongoing targeted water-holing attack in Asia
Godlike12
2019-04-30Cisco TalosColin Grady, Jaeson Schultz, Matt Valites, Pierre Cadieux
Sodinokibi ransomware exploits WebLogic Server vulnerability
REvil
2017-10-19ProofpointKafeine, Pierre T
APT28 racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed
Seduploader
2017-10-16ProofpointAxel F, Pierre T
Leviathan: Espionage actor spearphishes maritime and defense targets
NanHaiShu SeDll APT40
2017-06-01ProofpointAxel F, Matthew Mesa, Pierre T, Travis Green
Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions
Cobalt
2017-02-02ProofpointAxel F, Darien Huss, Pierre T, Proofpoint Staff
Oops, they did it again: APT Targets Russia and Belarus with ZeroT and PlugX
ZeroT
2014-03-18ESET ResearchPierre-Marc Bureau
Operation Windigo – the vivisection of a large Linux server‑side credential‑stealing malware campaign
Boaxxe Glupteba
2014-03-01ESET ResearchAlexis Dorais-Joncas, Benjamin Vanheuverzwijn, Joan Calvet, Marc-Etienne M.Léveillé, Olivier Bilodeau, Pierre-Marc Bureau
OPERATION WINDIGO
Ebury
2013-09-25ESET ResearchPierre-Marc Bureau
Win32/Napolar – A new bot on the block
Solarbot
2013-04-26ESET ResearchPierre-Marc Bureau
Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole
CDorked
2012-12-18ESET ResearchPierre-Marc Bureau
Malicious Apache module used for content injection: Linux/Chapro.A
Chapro