Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-04-23Cisco TalosEdmund Brumaghin, Amit Raut
@online{brumaghin:20200423:threat:4f7f840, author = {Edmund Brumaghin and Amit Raut}, title = {{Threat Spotlight: MedusaLocker}}, date = {2020-04-23}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/04/medusalocker.html}, language = {English}, urldate = {2020-04-26} } Threat Spotlight: MedusaLocker
MedusaLocker
2020-04-16Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200416:poetrat:ab5659a, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors}}, date = {2020-04-16}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html}, language = {English}, urldate = {2020-05-05} } PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
Poet RAT
2020-04-02Cisco TalosVanja Svajcer
@online{svajcer:20200402:azorult:97b15f2, author = {Vanja Svajcer}, title = {{AZORult brings friends to the party}}, date = {2020-04-02}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/04/azorult-brings-friends-to-party.html}, language = {English}, urldate = {2020-04-07} } AZORult brings friends to the party
Azorult Remcos
2020-04-01CiscoShyam Sundar Ramaswami, Andrea Kaiser
@online{ramaswami:20200401:navigating:965952a, author = {Shyam Sundar Ramaswami and Andrea Kaiser}, title = {{Navigating Cybersecurity During a Pandemic: Latest Malware and Threat Actors}}, date = {2020-04-01}, organization = {Cisco}, url = {https://umbrella.cisco.com/blog/navigating-cybersecurity-during-a-pandemic-latest-malware-and-threat-actors}, language = {English}, urldate = {2020-08-19} } Navigating Cybersecurity During a Pandemic: Latest Malware and Threat Actors
Azorult CloudEyE Formbook KPOT Stealer Metamorfo Nanocore RAT NetWire RC TrickBot
2020-03-31Cisco TalosChris Neal
@online{neal:20200331:trickbot:dcf5314, author = {Chris Neal}, title = {{Trickbot: A primer}}, date = {2020-03-31}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/03/trickbot-primer.html}, language = {English}, urldate = {2020-04-01} } Trickbot: A primer
TrickBot
2020-03-05Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200305:bisonal:7885944, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{Bisonal: 10 years of play}}, date = {2020-03-05}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/03/bisonal-10-years-of-play.html}, language = {English}, urldate = {2020-03-05} } Bisonal: 10 years of play
Korlia
2020-02-20Cisco TalosAsheer Malhotra
@online{malhotra:20200220:obliquerat:588aa08, author = {Asheer Malhotra}, title = {{ObliqueRAT: New RAT hits victims' endpoints via malicious documents}}, date = {2020-02-20}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/02/obliquerat-hits-victims-via-maldocs.html}, language = {English}, urldate = {2020-02-25} } ObliqueRAT: New RAT hits victims' endpoints via malicious documents
Oblique RAT
2020-02-18Cisco TalosVanja Svajcer
@online{svajcer:20200218:building:0a80664, author = {Vanja Svajcer}, title = {{Building a bypass with MSBuild}}, date = {2020-02-18}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html}, language = {English}, urldate = {2020-02-20} } Building a bypass with MSBuild
Cobalt Strike GRUNT MimiKatz
2020-02-12Cisco TalosChris Neal
@online{neal:20200212:loda:3334939, author = {Chris Neal}, title = {{Loda RAT Grows Up}}, date = {2020-02-12}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/02/loda-rat-grows-up.html}, language = {English}, urldate = {2020-02-13} } Loda RAT Grows Up
Loda
2020-01-16Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura, Eric Kuhla
@online{mercer:20200116:jhonerat:b41f102, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura and Eric Kuhla}, title = {{JhoneRAT: Cloud based python RAT targeting Middle Eastern countries}}, date = {2020-01-16}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/01/jhonerat.html}, language = {English}, urldate = {2020-01-27} } JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
JhoneRAT
2019-12-17CiscoJJ Cummings, Dave Liebenberg
@online{cummings:20191217:incident:44acf5c, author = {JJ Cummings and Dave Liebenberg}, title = {{Incident Response lessons from recent Maze ransomware attacks}}, date = {2019-12-17}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2019/12/IR-Lessons-Maze.html}, language = {English}, urldate = {2020-01-09} } Incident Response lessons from recent Maze ransomware attacks
Maze
2019-10-21Cisco TalosVitor Ventura, Chris Neal
@online{ventura:20191021:gustuff:7db6d90, author = {Vitor Ventura and Chris Neal}, title = {{Gustuff return, new features for victims}}, date = {2019-10-21}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/10/gustuffv2.html}, language = {English}, urldate = {2020-01-10} } Gustuff return, new features for victims
Gustuff
2019-09-26Cisco TalosEdmund Brumaghin
@online{brumaghin:20190926:divergent:2d282a0, author = {Edmund Brumaghin}, title = {{Divergent: "Fileless" NodeJS Malware Burrows Deep Within the Host}}, date = {2019-09-26}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/09/divergent-analysis.html}, language = {English}, urldate = {2019-10-24} } Divergent: "Fileless" NodeJS Malware Burrows Deep Within the Host
Divergent
2019-09-24Cisco TalosWarren Mercer, Paul Rascagnères, Jungsoo An
@online{mercer:20190924:how:ac2b53e, author = {Warren Mercer and Paul Rascagnères and Jungsoo An}, title = {{How Tortoiseshell created a fake veteran hiring website to host malware}}, date = {2019-09-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/09/tortoiseshell-fake-veterans.html}, language = {English}, urldate = {2019-12-02} } How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit
2019-08-28Cisco TalosEdmund Brumaghin, Holger Unterbrink
@online{brumaghin:20190828:rat:dadd9c5, author = {Edmund Brumaghin and Holger Unterbrink}, title = {{RAT Ratatouille: Backdooring PCs with leaked RATs}}, date = {2019-08-28}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/08/rat-ratatouille-revrat-orcus.html}, language = {English}, urldate = {2020-01-13} } RAT Ratatouille: Backdooring PCs with leaked RATs
Orcus RAT
2019-08-27Cisco TalosPaul Rascagnères, Vanja Svajcer
@online{rascagnres:20190827:china:2d2bbb8, author = {Paul Rascagnères and Vanja Svajcer}, title = {{China Chopper still active 9 years later}}, date = {2019-08-27}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/08/china-chopper-still-active-9-years-later.html}, language = {English}, urldate = {2019-10-14} } China Chopper still active 9 years later
CHINACHOPPER
2019-07-15Cisco TalosEdmund Brumaghin
@online{brumaghin:20190715:sweed:9725699, author = {Edmund Brumaghin}, title = {{SWEED: Exposing years of Agent Tesla campaigns}}, date = {2019-07-15}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/07/sweed-agent-tesla.html}, language = {English}, urldate = {2020-01-08} } SWEED: Exposing years of Agent Tesla campaigns
Agent Tesla Formbook Loki Password Stealer (PWS) SWEED
2019-05-23Cisco TalosMartin Lee
@online{lee:20190523:one:4d2b33e, author = {Martin Lee}, title = {{One year later: The VPNFilter catastrophe that wasn't}}, date = {2019-05-23}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/05/one-year-later-vpnfilter-catastrophe.html}, language = {English}, urldate = {2019-07-09} } One year later: The VPNFilter catastrophe that wasn't
elf.vpnfilter
2019-05-23Cisco TalosNick Biasini, Edmund Brumaghin
@online{biasini:20190523:sorpresa:e7cbd9d, author = {Nick Biasini and Edmund Brumaghin}, title = {{Sorpresa! JasperLoader targets Italy with a new bag of tricks}}, date = {2019-05-23}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/05/sorpresa-jasperloader.html}, language = {English}, urldate = {2020-01-06} } Sorpresa! JasperLoader targets Italy with a new bag of tricks
JasperLoader
2019-05-20CiscoDanny Adamitis, David Maynor, Kendall McKay
@online{adamitis:20190520:recent:4bb543f, author = {Danny Adamitis and David Maynor and Kendall McKay}, title = {{Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques}}, date = {2019-05-20}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html}, language = {English}, urldate = {2020-01-07} } Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
MuddyWater