Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-01-12EclecticIQEclecticIQ Threat Research Team
@online{team:20230112:qakbot:a26156d, author = {EclecticIQ Threat Research Team}, title = {{QakBot Malware Used Unpatched Vulnerability to Bypass Windows OS Security Feature}}, date = {2023-01-12}, organization = {EclecticIQ}, url = {https://blog.eclecticiq.com/qakbot-malware-used-unpatched-vulnerability-to-bypass-windows-os-security-feature}, language = {English}, urldate = {2023-01-16} } QakBot Malware Used Unpatched Vulnerability to Bypass Windows OS Security Feature
QakBot
2023-01-12eSentireeSentire
@online{esentire:20230112:gootloader:f7d653f, author = {eSentire}, title = {{Gootloader Malware Leads to Cobalt Strike and Hand-on-Keyboard Activity}}, date = {2023-01-12}, organization = {eSentire}, url = {https://www.esentire.com/blog/gootloader-leads-to-cobalt-strike-and-hand-on-keyboard-activity}, language = {English}, urldate = {2023-01-16} } Gootloader Malware Leads to Cobalt Strike and Hand-on-Keyboard Activity
GootLoader
2023-01-12CybleincCyble
@online{cyble:20230112:rhadamanthys:c1e900e, author = {Cyble}, title = {{Rhadamanthys: New Stealer Spreading Through Google Ads}}, date = {2023-01-12}, organization = {Cybleinc}, url = {https://blog.cyble.com/2023/01/12/rhadamanthys-new-stealer-spreading-through-google-ads/}, language = {English}, urldate = {2023-01-16} } Rhadamanthys: New Stealer Spreading Through Google Ads
Rhadamanthys
2023-01-11Rapid7 LabsEoin Miller
@online{miller:20230111:increasing:b0201c6, author = {Eoin Miller}, title = {{Increasing The Sting of HIVE Ransomware}}, date = {2023-01-11}, organization = {Rapid7 Labs}, url = {https://www.rapid7.com/blog/post/2023/01/11/increasing-the-sting-of-hive-ransomware/}, language = {English}, urldate = {2023-01-13} } Increasing The Sting of HIVE Ransomware
Hive
2023-01-11Group-IBAndrey Polovinkin
@online{polovinkin:20230111:dark:abb723d, author = {Andrey Polovinkin}, title = {{Dark Pink - New APT hitting Asia-Pacific, Europe that goes deeper and darker}}, date = {2023-01-11}, organization = {Group-IB}, url = {https://blog.group-ib.com/dark-pink-apt}, language = {English}, urldate = {2023-01-12} } Dark Pink - New APT hitting Asia-Pacific, Europe that goes deeper and darker
2023-01-10SecurityScorecardVlad Pasca
@online{pasca:20230110:how:f3b9788, author = {Vlad Pasca}, title = {{How to Analyze JavaScript Malware – A Case Study of Vjw0rm}}, date = {2023-01-10}, organization = {SecurityScorecard}, url = {https://resources.securityscorecard.com/research/acasestudyofVjw0rm#page=1}, language = {English}, urldate = {2023-01-18} } How to Analyze JavaScript Malware – A Case Study of Vjw0rm
Vjw0rm
2023-01-10360 netlabAlex Turing, Hui Wang
@online{turing:20230110:heads:afb8678, author = {Alex Turing and Hui Wang}, title = {{Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges}}, date = {2023-01-10}, organization = {360 netlab}, url = {https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/}, language = {English}, urldate = {2023-01-25} } Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges
xdr33
2023-01-10ESET ResearchLukáš Štefanko
@online{tefanko:20230110:strongpity:be928e7, author = {Lukáš Štefanko}, title = {{StrongPity espionage campaign targeting Android users}}, date = {2023-01-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users/}, language = {English}, urldate = {2023-01-13} } StrongPity espionage campaign targeting Android users
2023-01-10Perception Point@0xToxin, Igal Lytzki
@online{0xtoxin:20230110:rebranded:84d3bbc, author = {@0xToxin and Igal Lytzki}, title = {{The Rebranded Crypter: ScrubCrypt}}, date = {2023-01-10}, organization = {Perception Point}, url = {https://perception-point.io/blog/the-rebranded-crypter-scrubcrypt/}, language = {English}, urldate = {2023-01-11} } The Rebranded Crypter: ScrubCrypt
ScrubCrypter
2023-01-09IntrinsecIntrinsec, CTI Intrinsec
@online{intrinsec:20230109:emotet:202716f, author = {Intrinsec and CTI Intrinsec}, title = {{Emotet returns and deploys loaders}}, date = {2023-01-09}, organization = {Intrinsec}, url = {https://www.intrinsec.com/emotet-returns-and-deploys-loaders/}, language = {English}, urldate = {2023-01-10} } Emotet returns and deploys loaders
BumbleBee Emotet IcedID
2023-01-09SOCRadarSOCRadar
@online{socradar:20230109:dark:c166fac, author = {SOCRadar}, title = {{Dark Web Profile: Royal Ransomware}}, date = {2023-01-09}, organization = {SOCRadar}, url = {https://socradar.io/dark-web-profile-royal-ransomware/}, language = {English}, urldate = {2023-01-16} } Dark Web Profile: Royal Ransomware
Royal Ransom
2023-01-09The DFIR ReportThe DFIR Report
@online{report:20230109:unwrapping:d36b45f, author = {The DFIR Report}, title = {{Unwrapping Ursnifs Gifts}}, date = {2023-01-09}, organization = {The DFIR Report}, url = {https://thedfirreport.com/2023/01/09/unwrapping-ursnifs-gifts/}, language = {English}, urldate = {2023-01-13} } Unwrapping Ursnifs Gifts
ISFB
2023-01-09kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20230109:quicknote:5a8b18c, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Another nice PlugX sample}}, date = {2023-01-09}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/01/09/quicknote-another-nice-plugx-sample/}, language = {English}, urldate = {2023-01-10} } [QuickNote] Another nice PlugX sample
PlugX
2023-01-09TrendmicroHitomi Kimura, Ryan Maglaque, Fe Cureg, Trent Bessell
@online{kimura:20230109:gootkit:585185a, author = {Hitomi Kimura and Ryan Maglaque and Fe Cureg and Trent Bessell}, title = {{Gootkit Loader Actively Targets Australian Healthcare Industry}}, date = {2023-01-09}, organization = {Trendmicro}, url = {https://www.trendmicro.com/en_us/research/23/a/gootkit-loader-actively-targets-the-australian-healthcare-indust.html}, language = {English}, urldate = {2023-01-13} } Gootkit Loader Actively Targets Australian Healthcare Industry
GootKit
2023-01-06cybleCyble
@online{cyble:20230106:lummac2:4913d43, author = {Cyble}, title = {{LummaC2 Stealer: A Potent Threat To Crypto Users}}, date = {2023-01-06}, organization = {cyble}, url = {https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/}, language = {English}, urldate = {2023-01-06} } LummaC2 Stealer: A Potent Threat To Crypto Users
Lumma Stealer
2023-01-06Check PointCheck Point
@online{point:20230106:opwnai:7510ff2, author = {Check Point}, title = {{OpwnAI: Cybercriminals Starting to use ChatGPT}}, date = {2023-01-06}, organization = {Check Point}, url = {https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/}, language = {English}, urldate = {2023-01-06} } OpwnAI: Cybercriminals Starting to use ChatGPT
2023-01-05AttackIQFrancis Guibernau, Ken Towne
@online{guibernau:20230105:emulating:04eb5ed, author = {Francis Guibernau and Ken Towne}, title = {{Emulating the Highly Sophisticated North Korean Adversary Lazarus Group}}, date = {2023-01-05}, organization = {AttackIQ}, url = {https://www.attackiq.com/2023/01/05/emulating-the-highly-sophisticated-north-korean-adversary-lazarus-group/}, language = {English}, urldate = {2023-01-10} } Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
MagicRAT Tiger RAT
2023-01-05Bleeping ComputerBill Toulas
@online{toulas:20230105:bitdefender:dc76b2a, author = {Bill Toulas}, title = {{Bitdefender releases free MegaCortex ransomware decryptor}}, date = {2023-01-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/bitdefender-releases-free-megacortex-ransomware-decryptor/}, language = {English}, urldate = {2023-01-06} } Bitdefender releases free MegaCortex ransomware decryptor
MegaCortex
2023-01-05LogpointAnish Bogati
@online{bogati:20230105:crowning:ee8f347, author = {Anish Bogati}, title = {{A crowning achievement: Exploring the exploit of Royal ransomware}}, date = {2023-01-05}, organization = {Logpoint}, url = {https://www.logpoint.com/en/blog/exploring-the-exploit-of-royal-ransomware/}, language = {English}, urldate = {2023-01-06} } A crowning achievement: Exploring the exploit of Royal ransomware
Royal Ransom
2023-01-05Bleeping ComputerBill Toulas
@online{toulas:20230105:spynote:54f5a05, author = {Bill Toulas}, title = {{SpyNote Android malware infections surge after source code leak}}, date = {2023-01-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/spynote-android-malware-infections-surge-after-source-code-leak/}, language = {English}, urldate = {2023-01-06} } SpyNote Android malware infections surge after source code leak
SpyNote