Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-18MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20220118:evolved:87fc647, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA}}, date = {2022-01-18}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/01/26/evolved-phishing-device-registration-trick-adds-to-phishers-toolbox-for-victims-without-mfa/}, language = {English}, urldate = {2022-01-31} } Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA
WhisperGate
2022-01-15MicrosoftMicrosoft, Microsoft Security Intelligence, Microsoft Digital Security Unit (DSU), Microsoft Detection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team
@online{microsoft:20220115:destructive:77ac2f5, author = {Microsoft and Microsoft Security Intelligence and Microsoft Digital Security Unit (DSU) and Microsoft Detection and Response Team (DART) and Microsoft 365 Defender Threat Intelligence Team}, title = {{Destructive malware targeting Ukrainian organizations (DEV-0586)}}, date = {2022-01-15}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/}, language = {English}, urldate = {2022-01-18} } Destructive malware targeting Ukrainian organizations (DEV-0586)
WhisperGate
2022-01-13BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220113:threat:8a5c973, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Jupyter Infostealer is a Master of Disguise}}, date = {2022-01-13}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/01/threat-thursday-jupyter-infostealer-is-a-master-of-disguise}, language = {English}, urldate = {2022-01-24} } Threat Thursday: Jupyter Infostealer is a Master of Disguise
solarmarker
2022-01-07MalwarebytesThreat Intelligence Team
@online{team:20220107:patchwork:84dabfb, author = {Threat Intelligence Team}, title = {{Patchwork APT caught in its own web}}, date = {2022-01-07}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2022/01/patchwork-apt-caught-in-its-own-web/}, language = {English}, urldate = {2022-01-25} } Patchwork APT caught in its own web
BadNews
2021-12-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211216:threat:c968a64, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Warzone RAT Breeds a Litter of ScriptKiddies}}, date = {2021-12-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/12/threat-thursday-warzone-rat-breeds-a-litter-of-scriptkiddies}, language = {English}, urldate = {2021-12-17} } Threat Thursday: Warzone RAT Breeds a Litter of ScriptKiddies
Ave Maria
2021-12-10CrowdStrikeCrowdStrike Intelligence Team
@online{team:20211210:log4j2:cd1787f, author = {CrowdStrike Intelligence Team}, title = {{Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)}}, date = {2021-12-10}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/log4j2-vulnerability-analysis-and-mitigation-recommendations/}, language = {English}, urldate = {2022-01-05} } Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)
2021-12-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20211209:closer:bace4ec, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{A closer look at Qakbot’s latest building blocks (and how to knock them down)}}, date = {2021-12-09}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/12/09/a-closer-look-at-qakbots-latest-building-blocks-and-how-to-knock-them-down/}, language = {English}, urldate = {2021-12-13} } A closer look at Qakbot’s latest building blocks (and how to knock them down)
QakBot
2021-12-02MalwarebytesHossein Jazi, Threat Intelligence Team
@online{jazi:20211202:sidecopy:9e7363c, author = {Hossein Jazi and Threat Intelligence Team}, title = {{SideCopy APT: Connecting lures to victims, payloads to infrastructure}}, date = {2021-12-02}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure/}, language = {English}, urldate = {2021-12-06} } SideCopy APT: Connecting lures to victims, payloads to infrastructure
SideCopy
2021-11-18BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211118:threat:7fd07f8, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks}}, date = {2021-11-18}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-danabot-malware-as-a-service}, language = {English}, urldate = {2021-11-25} } Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks
DanaBot
2021-11-16MalwarebytesMalwarebytes Threat Intelligence Team
@online{team:20211116:trickbot:b624694, author = {Malwarebytes Threat Intelligence Team}, title = {{TrickBot helps Emotet come back from the dead}}, date = {2021-11-16}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2021/11/trickbot-helps-emotet-come-back-from-the-dead/}, language = {English}, urldate = {2021-11-17} } TrickBot helps Emotet come back from the dead
Emotet TrickBot
2021-11-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20211111:html:410a27f, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks}}, date = {2021-11-11}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/11/11/html-smuggling-surges-highly-evasive-loader-technique-increasingly-used-in-banking-malware-targeted-attacks/}, language = {English}, urldate = {2021-11-12} } HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT
2021-11-11BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211111:threat:7b2544e, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts}}, date = {2021-11-11}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-squirrelwaffle-loader}, language = {English}, urldate = {2021-11-17} } Threat Thursday: SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts
Squirrelwaffle
2021-11-10SekoiaCyber Threat Intelligence team
@online{team:20211110:walking:cc41f24, author = {Cyber Threat Intelligence team}, title = {{Walking on APT31 infrastructure footprints}}, date = {2021-11-10}, organization = {Sekoia}, url = {https://www.sekoia.io/en/walking-on-apt31-infrastructure-footprints/}, language = {English}, urldate = {2021-11-11} } Walking on APT31 infrastructure footprints
Rekoobe Unidentified ELF 004 Cobalt Strike
2021-11-05BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211105:hunter:3c7bab9, author = {The BlackBerry Research & Intelligence Team}, title = {{Hunter Becomes Hunted: Zebra2104 Hides a Herd of Malware}}, date = {2021-11-05}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/zebra2104}, language = {English}, urldate = {2021-11-08} } Hunter Becomes Hunted: Zebra2104 Hides a Herd of Malware
Cobalt Strike DoppelDridex Mount Locker Phobos StrongPity
2021-11-04BlackberryBlackBerry Research & Intelligence Team
@online{team:20211104:threat:41a70b2, author = {BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Karma Ransomware}}, date = {2021-11-04}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-karma-ransomware}, language = {English}, urldate = {2021-11-08} } Threat Thursday: Karma Ransomware
Karma
2021-10-21MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20211021:frankenphish:0b9f2e9, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{Franken-phish: TodayZoo built from other phishing kits}}, date = {2021-10-21}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/10/21/franken-phish-todayzoo-built-from-other-phishing-kits/}, language = {English}, urldate = {2021-10-26} } Franken-phish: TodayZoo built from other phishing kits
2021-10-13BlackberryBlackBerry Research & Intelligence Team
@online{team:20211013:blackberry:9892a2c, author = {BlackBerry Research & Intelligence Team}, title = {{BlackBerry Shines Spotlight on Evolving Cobalt Strike Threat in New Book}}, date = {2021-10-13}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/10/blackberry-shines-spotlight-on-evolving-cobalt-strike-threat-in-new-book}, language = {English}, urldate = {2022-04-25} } BlackBerry Shines Spotlight on Evolving Cobalt Strike Threat in New Book
Cobalt Strike
2021-10-12CrowdStrikeCrowdStrike Intelligence Team
@online{team:20211012:ecx:5540ee9, author = {CrowdStrike Intelligence Team}, title = {{ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity}}, date = {2021-10-12}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/big-game-hunting-on-the-rise-again-according-to-ecrime-index/}, language = {English}, urldate = {2021-11-02} } ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity
Babuk BlackMatter DarkSide REvil Avaddon Babuk BlackMatter DarkSide LockBit Mailto REvil
2021-10-07BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211007:threat:f124dbd, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: BluStealer Infostealer}}, date = {2021-10-07}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/10/threat-thursday-blustealer-infostealer}, language = {English}, urldate = {2021-10-11} } Threat Thursday: BluStealer Infostealer
BluStealer
2021-10-05BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211005:drawing:e53477d, author = {The BlackBerry Research & Intelligence Team}, title = {{Drawing a Dragon: Connecting the Dots to Find APT41}}, date = {2021-10-05}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/10/drawing-a-dragon-connecting-the-dots-to-find-apt41}, language = {English}, urldate = {2021-10-11} } Drawing a Dragon: Connecting the Dots to Find APT41
Cobalt Strike Ghost RAT