Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-02-12VMWare Carbon BlackRachel E. King, AC
@online{king:20200212:ryuk:720c14e, author = {Rachel E. King and AC}, title = {{Ryuk Ransomware Technical Analysis}}, date = {2020-02-12}, organization = {VMWare Carbon Black}, url = {https://www.carbonblack.com/blog/vmware-carbon-black-tau-ryuk-ransomware-technical-analysis/}, language = {English}, urldate = {2020-11-19} } Ryuk Ransomware Technical Analysis
Ryuk
2020-01-08BlackberryMasaki Kasuya
@online{kasuya:20200108:threat:3efa417, author = {Masaki Kasuya}, title = {{Threat Spotlight: Amadey Bot Targets Non-Russian Users}}, date = {2020-01-08}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2020/01/threat-spotlight-amadey-bot}, language = {English}, urldate = {2022-01-12} } Threat Spotlight: Amadey Bot Targets Non-Russian Users
Amadey
2020SecureworksSecureWorks
@online{secureworks:2020:gold:21c4d39, author = {SecureWorks}, title = {{GOLD BLACKBURN}}, date = {2020}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/gold-blackburn}, language = {English}, urldate = {2020-05-23} } GOLD BLACKBURN
Dyre TrickBot
2020SecureworksSecureWorks
@online{secureworks:2020:bronze:134ec2b, author = {SecureWorks}, title = {{BRONZE PALACE}}, date = {2020}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/bronze-palace}, language = {English}, urldate = {2020-05-23} } BRONZE PALACE
BS2005 Enfal Mirage RoyalCli Royal DNS APT15
2020BlackberryBlackberry Research
@techreport{research:2020:state:e5941af, author = {Blackberry Research}, title = {{State of Ransomware}}, date = {2020}, institution = {Blackberry}, url = {https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/wp-spark-state-of-ransomware.pdf}, language = {English}, urldate = {2021-01-01} } State of Ransomware
Maze MedusaLocker Nefilim Phobos REvil Ryuk STOP
2019-12-25pwncode.io blogc0d3inj3cT
@online{c0d3inj3ct:20191225:blacknet:80468eb, author = {c0d3inj3cT}, title = {{BlackNet RAT - When you leave the Panel unprotected}}, date = {2019-12-25}, organization = {pwncode.io blog}, url = {http://www.pwncode.io/2019/12/blacknet-rat-when-you-leave-panel.html}, language = {English}, urldate = {2020-03-11} } BlackNet RAT - When you leave the Panel unprotected
BlackNET RAT
2019-12-05Github (blackorbird)blackorbird
@techreport{blackorbird:20191205:apt32:0afe4e7, author = {blackorbird}, title = {{APT32 Report}}, date = {2019-12-05}, institution = {Github (blackorbird)}, url = {https://github.com/blackorbird/APT_REPORT/blob/master/Oceanlotus/apt32_report_2019.pdf}, language = {Japanese}, urldate = {2020-01-10} } APT32 Report
Cobalt Strike
2019-12-04ProofpointKelsey Merriman, Dennis Schwarz, Kafeine, Axel F
@online{merriman:20191204:buer:6c413aa, author = {Kelsey Merriman and Dennis Schwarz and Kafeine and Axel F}, title = {{Buer, a new loader emerges in the underground marketplace}}, date = {2019-12-04}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/buer-new-loader-emerges-underground-marketplace}, language = {English}, urldate = {2020-01-06} } Buer, a new loader emerges in the underground marketplace
Buer
2019-11-23Github (BlackHacker511)BlackHacker511
@online{blackhacker511:20191123:blackworm:9cf1955, author = {BlackHacker511}, title = {{BlackWorm v6.0 Black Ninja}}, date = {2019-11-23}, organization = {Github (BlackHacker511)}, url = {https://github.com/BlackHacker511/BlackWorm}, language = {English}, urldate = {2020-01-13} } BlackWorm v6.0 Black Ninja
Blackworm RAT
2019-11-22SANS Cyber Security SummitSveva Vittoria Scenarelli, Rachel Mullan
@techreport{scenarelli:20191122:need:00f7cef, author = {Sveva Vittoria Scenarelli and Rachel Mullan}, title = {{Need for PLEAD: BlackTech Pursuit}}, date = {2019-11-22}, institution = {SANS Cyber Security Summit}, url = {https://web.archive.org/web/20200229012206/https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1574947724.pdf}, language = {English}, urldate = {2021-01-25} } Need for PLEAD: BlackTech Pursuit
BLUETHER PLEAD
2019-11-21JPCERT/CC田中 信太郎(Shintaro Tanaka)
@online{tanaka:20191121:icondown:cb082bf, author = {田中 信太郎(Shintaro Tanaka)}, title = {{IconDown – Downloader Used by BlackTech}}, date = {2019-11-21}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/11/icondown-downloader-used-by-blacktech.html}, language = {English}, urldate = {2020-01-08} } IconDown – Downloader Used by BlackTech
IconDown
2019-11-19VMWare Carbon BlackVMWare
@online{vmware:20191119:threat:a26b43b, author = {VMWare}, title = {{Threat Analysis Unit (TAU) Threat Intelligence Notification: AsyncRAT}}, date = {2019-11-19}, organization = {VMWare Carbon Black}, url = {https://blogs.vmware.com/security/2019/11/threat-analysis-unit-tau-threat-intelligence-notification-asyncrat.html}, language = {English}, urldate = {2021-11-08} } Threat Analysis Unit (TAU) Threat Intelligence Notification: AsyncRAT
AsyncRAT
2019-10-29BlackberryTatsuya Hasegawa
@online{hasegawa:20191029:threat:180cf21, author = {Tatsuya Hasegawa}, title = {{Threat Spotlight: Neshta File Infector Endures}}, date = {2019-10-29}, organization = {Blackberry}, url = {https://threatvector.cylance.com/en_us/home/threat-spotlight-neshta-file-infector-endures.html}, language = {English}, urldate = {2021-02-06} } Threat Spotlight: Neshta File Infector Endures
neshta
2019-10-24Carbon BlackTakahiro Haruyama
@techreport{haruyama:20191024:defeating:4016e1f, author = {Takahiro Haruyama}, title = {{Defeating APT10 Compiler-level Obfuscations}}, date = {2019-10-24}, institution = {Carbon Black}, url = {https://www.virusbulletin.com/uploads/pdf/conference_slides/2019/VB2019-Haruyama.pdf}, language = {English}, urldate = {2020-03-03} } Defeating APT10 Compiler-level Obfuscations
Anel
2019-10-23CylanceBlackberry Research
@techreport{research:20191023:mobile:b5cb828, author = {Blackberry Research}, title = {{Mobile Malware and APT Espionage: Prolific, Pervasive, and Cross-Platform}}, date = {2019-10-23}, institution = {Cylance}, url = {https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/mobile-malware-report.pdf}, language = {English}, urldate = {2020-08-10} } Mobile Malware and APT Espionage: Prolific, Pervasive, and Cross-Platform
PhantomLance
2019-10-19Palo Alto Networks Unit 42Unit42
@online{unit42:20191019:rat:4a5f30b, author = {Unit42}, title = {{商用RATのエコシステム: Unit 42、高機能商用RAT Blackremote RATの作者を公開後数日で特定}}, date = {2019-10-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.jp/blackremote-money-money-money-a-swedish-actor-peddles-an-expensive-new-rat/}, language = {Japanese}, urldate = {2020-03-25} } 商用RATのエコシステム: Unit 42、高機能商用RAT Blackremote RATの作者を公開後数日で特定
BlackRemote
2019-10-15Palo Alto Networks Unit 42Unit42
@online{unit42:20191015:blackremote:a39e171, author = {Unit42}, title = {{Blackremote: Money Money Money – A Swedish Actor Peddles an Expensive New RAT}}, date = {2019-10-15}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/blackremote-money-money-money-a-swedish-actor-peddles-an-expensive-new-rat/}, language = {English}, urldate = {2020-01-08} } Blackremote: Money Money Money – A Swedish Actor Peddles an Expensive New RAT
BlackRemote
2019-09-18JPCERT/CCShusei Tomonaga
@online{tomonaga:20190918:malware:67390e7, author = {Shusei Tomonaga}, title = {{Malware Used by BlackTech after Network Intrusion}}, date = {2019-09-18}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/09/tscookie-loader.html}, language = {English}, urldate = {2019-11-16} } Malware Used by BlackTech after Network Intrusion
PLEAD
2019-09-04CarbonBlackTakahiro Haruyama
@online{haruyama:20190904:cb:7c71995, author = {Takahiro Haruyama}, title = {{CB TAU Threat Intelligence Notification: Winnti Malware 4.0}}, date = {2019-09-04}, organization = {CarbonBlack}, url = {https://www.carbonblack.com/2019/09/04/cb-tau-threat-intelligence-notification-winnti-malware-4-0/}, language = {English}, urldate = {2019-12-17} } CB TAU Threat Intelligence Notification: Winnti Malware 4.0
Winnti
2019-08-08BlackHatEric Doerr
@techreport{doerr:20190808:enemy:3962b21, author = {Eric Doerr}, title = {{The Enemy Within: Modern Supply Chain Attacks}}, date = {2019-08-08}, institution = {BlackHat}, url = {https://i.blackhat.com/USA-19/Thursday/us-19-Doerr-The-Enemy-Within-Modern-Supply-Chain-Attacks.pdf}, language = {English}, urldate = {2020-08-14} } The Enemy Within: Modern Supply Chain Attacks
VPNFilter