Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-10BrightTALK (Kaspersky GReAT)Costin Raiu, Marco Preuss, Kurt Baumgartner, Dan Demeter, Ivan Kwiatkowski
@online{raiu:20220310:brighttalk:a3d9072, author = {Costin Raiu and Marco Preuss and Kurt Baumgartner and Dan Demeter and Ivan Kwiatkowski}, title = {{BrightTALK: A look at current cyberattacks in Ukraine}}, date = {2022-03-10}, organization = {BrightTALK (Kaspersky GReAT)}, url = {https://www.brighttalk.com/webcast/15591/534324}, language = {English}, urldate = {2022-04-05} } BrightTALK: A look at current cyberattacks in Ukraine
HermeticWiper HermeticWizard IsaacWiper PartyTicket WhisperGate
2022-03-01Kaspersky LabsKaspersky
@online{kaspersky:20220301:ransomware:159de87, author = {Kaspersky}, title = {{Ransomware as a distraction}}, date = {2022-03-01}, organization = {Kaspersky Labs}, url = {https://www.kaspersky.com/blog/hermeticransom-hermeticwiper-attacks-2022/43825/}, language = {English}, urldate = {2022-03-08} } Ransomware as a distraction
HermeticWiper PartyTicket
2022-03-01KasperskyGReAT
@online{great:20220301:elections:1f89f9b, author = {GReAT}, title = {{Elections GoRansom – a smoke screen for the HermeticWiper attack}}, date = {2022-03-01}, organization = {Kaspersky}, url = {https://securelist.com/elections-goransom-and-hermeticwiper-attack/105960/}, language = {English}, urldate = {2022-03-02} } Elections GoRansom – a smoke screen for the HermeticWiper attack
PartyTicket
2022-02-07Kaspersky LabsSuguru Ishimaru
@online{ishimaru:20220207:roaming:ad64d8c, author = {Suguru Ishimaru}, title = {{Roaming Mantis reaches Europe}}, date = {2022-02-07}, organization = {Kaspersky Labs}, url = {https://securelist.com/roaming-mantis-reaches-europe/105596/}, language = {English}, urldate = {2022-07-13} } Roaming Mantis reaches Europe
Roaming Mantis Wroba
2022-01-20KasperskyMark Lechtik, Vasily Berdnikov, Denis Legezo, Ilya Borisov
@online{lechtik:20220120:moonbounce:cd173f1, author = {Mark Lechtik and Vasily Berdnikov and Denis Legezo and Ilya Borisov}, title = {{MoonBounce: the dark side of UEFI firmware}}, date = {2022-01-20}, organization = {Kaspersky}, url = {https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/}, language = {English}, urldate = {2022-01-24} } MoonBounce: the dark side of UEFI firmware
MoonBounce
2022-01-20Kaspersky LabsMark Lechtik, Vasily Berdnikov, Denis Legezo, Ilya Borisov
@techreport{lechtik:20220120:technical:fa16a24, author = {Mark Lechtik and Vasily Berdnikov and Denis Legezo and Ilya Borisov}, title = {{Technical details of MoonBounce’s implementation}}, date = {2022-01-20}, institution = {Kaspersky Labs}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19115831/MoonBounce_technical-details_eng.pdf}, language = {English}, urldate = {2022-01-25} } Technical details of MoonBounce’s implementation
MoonBounce
2022-01-19KasperskyKirill Kruglov
@online{kruglov:20220119:campaigns:777f4f0, author = {Kirill Kruglov}, title = {{Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks}}, date = {2022-01-19}, organization = {Kaspersky}, url = {https://ics-cert.kaspersky.com/publications/reports/2022/1/19/campaigns-abusing-corporate-trusted-infrastructure-hunt-for-corporate-credentials-on-ics-networks}, language = {English}, urldate = {2022-01-24} } Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks
2022-01-13Kaspersky LabsSeongsu Park, Vitaly Kamluk
@online{park:20220113:bluenoroff:a3ce5e4, author = {Seongsu Park and Vitaly Kamluk}, title = {{The BlueNoroff cryptocurrency hunt is still on}}, date = {2022-01-13}, organization = {Kaspersky Labs}, url = {https://securelist.com/the-bluenoroff-cryptocurrency-hunt-is-still-on/105488/}, language = {English}, urldate = {2022-01-17} } The BlueNoroff cryptocurrency hunt is still on
SnatchCrypto
2021-12-16Kaspersky Lab ICS CERT
@online{cert:20211216:pseudomanuscrypt:808ef18, author = {Kaspersky Lab ICS CERT}, title = {{PseudoManuscrypt: a mass-scale spyware attack campaign}}, date = {2021-12-16}, url = {https://ics-cert.kaspersky.com/reports/2021/12/16/pseudomanuscrypt-a-mass-scale-spyware-attack-campaign/}, language = {English}, urldate = {2021-12-23} } PseudoManuscrypt: a mass-scale spyware attack campaign
PseudoManuscrypt
2021-12-16KasperskyKaspersky Lab ICS CERT
@online{cert:20211216:pseudomanuscrypt:d59d94e, author = {Kaspersky Lab ICS CERT}, title = {{PseudoManuscrypt: a mass-scale spyware attack campaign}}, date = {2021-12-16}, organization = {Kaspersky}, url = {https://securelist.com/pseudomanuscrypt-a-mass-scale-spyware-attack-campaign/105286/}, language = {English}, urldate = {2021-12-23} } PseudoManuscrypt: a mass-scale spyware attack campaign
2021-12-14Kaspersky LabsPaul Rascagnères, Pierre Delcher
@online{rascagnres:20211214:owowa:4a26756, author = {Paul Rascagnères and Pierre Delcher}, title = {{Owowa: the add-on that turns your OWA into a credential stealer and remote access panel}}, date = {2021-12-14}, organization = {Kaspersky Labs}, url = {https://securelist.com/owowa-credential-stealer-and-remote-access/105219/}, language = {English}, urldate = {2021-12-17} } Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa
2021-11-29KasperskyMaher Yamout
@online{yamout:20211129:wirtes:5a00fe4, author = {Maher Yamout}, title = {{WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019}}, date = {2021-11-29}, organization = {Kaspersky}, url = {https://securelist.com/wirtes-campaign-in-the-middle-east-living-off-the-land-since-at-least-2019/105044/}, language = {English}, urldate = {2021-12-07} } WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
2021-11-29KasperskyGReAT
@online{great:20211129:scarcruft:986e7f4, author = {GReAT}, title = {{ScarCruft surveilling North Korean defectors and human rights activists}}, date = {2021-11-29}, organization = {Kaspersky}, url = {https://securelist.com/scarcruft-surveilling-north-korean-defectors-and-human-rights-activists/105074/}, language = {English}, urldate = {2021-12-07} } ScarCruft surveilling North Korean defectors and human rights activists
Chinotto Chinotto PoorWeb
2021-10-27KasperskyIvan Kwiatkowski
@online{kwiatkowski:20211027:extracting:14de2bc, author = {Ivan Kwiatkowski}, title = {{Extracting type information from Go binaries}}, date = {2021-10-27}, organization = {Kaspersky}, url = {https://securelist.com/extracting-type-information-from-go-binaries/104715/}, language = {English}, urldate = {2021-11-03} } Extracting type information from Go binaries
GoldMax
2021-10-26KasperskyKaspersky Lab ICS CERT
@techreport{cert:20211026:attacks:6f30d0f, author = {Kaspersky Lab ICS CERT}, title = {{APT attacks on industrial organizations in H1 2021}}, date = {2021-10-26}, institution = {Kaspersky}, url = {https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-APT-attacks-on-industrial-organizations-in-H1-2021-En.pdf}, language = {English}, urldate = {2021-11-08} } APT attacks on industrial organizations in H1 2021
8.t Dropper AllaKore AsyncRAT GoldMax LimeRAT NjRAT NoxPlayer Raindrop ReverseRAT ShadowPad Zebrocy
2021-10-26KasperskyGReAT
@online{great:20211026:trends:d8feedd, author = {GReAT}, title = {{APT trends report Q3 2021}}, date = {2021-10-26}, organization = {Kaspersky}, url = {https://securelist.com/apt-trends-report-q3-2021/104708/}, language = {English}, urldate = {2021-11-03} } APT trends report Q3 2021
2021-10-26Kaspersky LabsGReAT
@online{great:20211026:trends:99fd183, author = {GReAT}, title = {{APT trends report Q3 2021}}, date = {2021-10-26}, organization = {Kaspersky Labs}, url = {https://securelist.com/apt-trends-report-q3-2021/104708}, language = {English}, urldate = {2022-08-26} } APT trends report Q3 2021
Vicious Panda
2021-10-20KasperskyRuslan Sabitov
@online{sabitov:20211020:russianspeaking:8847092, author = {Ruslan Sabitov}, title = {{Russian-speaking cybercrime evolution: What changed from 2016 to 2021}}, date = {2021-10-20}, organization = {Kaspersky}, url = {https://securelist.com/russian-speaking-cybercrime-evolution-2016-2021/104656/}, language = {English}, urldate = {2021-10-26} } Russian-speaking cybercrime evolution: What changed from 2016 to 2021
2021-10-19KasperskyOleg Kupreev
@online{kupreev:20211019:trickbot:f7cfc04, author = {Oleg Kupreev}, title = {{Trickbot module descriptions}}, date = {2021-10-19}, organization = {Kaspersky}, url = {https://securelist.com/trickbot-module-descriptions/104603/}, language = {English}, urldate = {2021-10-24} } Trickbot module descriptions
TrickBot
2021-10-07KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères
@techreport{kayal:20211007:lyceum:395a41f, author = {Aseel Kayal and Mark Lechtik and Paul Rascagnères}, title = {{LYCEUM Reborn: Counterintelligence in the Middle East}}, date = {2021-10-07}, institution = {Kaspersky}, url = {https://vblocalhost.com/uploads/VB2021-Kayal-etal.pdf}, language = {English}, urldate = {2021-10-25} } LYCEUM Reborn: Counterintelligence in the Middle East
danbot LYCEUM