Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-08-01ProofpointMichael Raggi, Dennis Schwarz, Proofpoint Threat Insight Team
@online{raggi:20190801:lookback:f258db4, author = {Michael Raggi and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards}}, date = {2019-08-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks}, language = {English}, urldate = {2019-12-20} } LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards
GUP Proxy Tool Lookback TA410
2019-07-31ProofpointKade Harmon, Kafeine, Dennis Schwarz, Proofpoint Threat Insight Team
@online{harmon:20190731:systembc:d98f03c, author = {Kade Harmon and Kafeine and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits}}, date = {2019-07-31}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/systembc-christmas-july-socks5-malware-and-exploit-kits}, language = {English}, urldate = {2019-12-20} } SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits
SystemBC
2019-07-23ProofpointMichael Raggi, Dennis Schwarz, Proofpoint Threat Insight Team
@online{raggi:20190723:chinese:804ec1c, author = {Michael Raggi and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia}}, date = {2019-07-23}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/chinese-apt-operation-lagtime-it-targets-government-information-technology}, language = {English}, urldate = {2021-02-06} } Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia
8.t Dropper Cotx RAT Poison Ivy TA428
2019-07-22ProofpointKafeine, Proofpoint Threat Insight Team
@online{kafeine:20190722:brushaloader:487137c, author = {Kafeine and Proofpoint Threat Insight Team}, title = {{BrushaLoader still sweeping up victims one year later}}, date = {2019-07-22}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/brushaloader-still-sweeping-victims-one-year-later}, language = {English}, urldate = {2019-12-20} } BrushaLoader still sweeping up victims one year later
BrushaLoader
2019-07-02ProofpointMatthew Mesa, Dennis Schwarz, Proofpoint Threat Insight Team
@online{mesa:20190702:ta505:7f99961, author = {Matthew Mesa and Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States}}, date = {2019-07-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/ta505-begins-summer-campaigns-new-pet-malware-downloader-andromut-uae-south}, language = {English}, urldate = {2019-11-26} } TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States
AndroMut FlawedAmmyy
2019-05-15ProofpointAxel F, Proofpoint Threat Insight Team
@online{f:20190515:threat:06b415a, author = {Axel F and Proofpoint Threat Insight Team}, title = {{Threat Actor Profile: TA542, From Banker to Malware Distribution Service}}, date = {2019-05-15}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta542-banker-malware-distribution-service}, language = {English}, urldate = {2019-12-20} } Threat Actor Profile: TA542, From Banker to Malware Distribution Service
Emotet MUMMY SPIDER
2019-05-09ProofpointDennis Schwarz, Proofpoint Threat Insight Team
@online{schwarz:20190509:new:19098c9, author = {Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials}}, date = {2019-05-09}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-kpot-v20-stealer-brings-zero-persistence-and-memory-features-silently-steal}, language = {English}, urldate = {2019-12-20} } New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials
KPOT Stealer
2019-05-02ProofpointBryan Campbell, Proofpoint Threat Insight Team
@online{campbell:20190502:2019:1fe00f6, author = {Bryan Campbell and Proofpoint Threat Insight Team}, title = {{2019: The Return of Retefe}}, date = {2019-05-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/2019-return-retefe}, language = {English}, urldate = {2019-12-20} } 2019: The Return of Retefe
Dok Retefe SmokeLoader
2019-03-13ProofpointDennis Schwarz, Proofpoint Threat Insight Team
@online{schwarz:20190313:danabot:a6b3c02, author = {Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{DanaBot control panel revealed}}, date = {2019-03-13}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/danabot-control-panel-revealed}, language = {English}, urldate = {2019-12-20} } DanaBot control panel revealed
DanaBot
2019-03-12ProofpointGeorgi Mladenov
@online{mladenov:20190312:nymaim:c35a90d, author = {Georgi Mladenov}, title = {{Nymaim config decoded}}, date = {2019-03-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/nymaim-config-decoded}, language = {English}, urldate = {2019-12-20} } Nymaim config decoded
Nymaim
2019-02-21ProofpointProofpoint Threat Insight Team
@online{team:20190221:fake:e94f77a, author = {Proofpoint Threat Insight Team}, title = {{Fake Jobs: Campaigns Delivering More_eggs Backdoor via Fake Job Offers}}, date = {2019-02-21}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/fake-jobs-campaigns-delivering-moreeggs-backdoor-fake-job-offers}, language = {English}, urldate = {2019-12-20} } Fake Jobs: Campaigns Delivering More_eggs Backdoor via Fake Job Offers
More_eggs
2019-01-09ProofpointDennis Schwarz, Proofpoint Staff
@online{schwarz:20190109:servhelper:e20586c, author = {Dennis Schwarz and Proofpoint Staff}, title = {{ServHelper and FlawedGrace - New malware introduced by TA505}}, date = {2019-01-09}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/servhelper-and-flawedgrace-new-malware-introduced-ta505}, language = {English}, urldate = {2019-12-20} } ServHelper and FlawedGrace - New malware introduced by TA505
FlawedGrace ServHelper
2018-11-15ProofpointProofpoint Staff
@online{staff:20181115:trat:74a4dd4, author = {Proofpoint Staff}, title = {{tRat: New modular RAT appears in multiple email campaigns}}, date = {2018-11-15}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/trat-new-modular-rat-appears-multiple-email-campaigns}, language = {English}, urldate = {2019-12-20} } tRat: New modular RAT appears in multiple email campaigns
tRat
2018-10-23ProofpointProofpoint Staff
@online{staff:20181023:sload:b4e25c6, author = {Proofpoint Staff}, title = {{sLoad and Ramnit pairing in sustained campaigns against UK and Italy}}, date = {2018-10-23}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/sload-and-ramnit-pairing-sustained-campaigns-against-uk-and-italy}, language = {English}, urldate = {2019-12-20} } sLoad and Ramnit pairing in sustained campaigns against UK and Italy
sLoad
2018-10-02ProofpointProofpoint Staff
@online{staff:20181002:danabot:b7282b9, author = {Proofpoint Staff}, title = {{DanaBot Gains Popularity and Targets US Organizations in Large Campaigns}}, date = {2018-10-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/danabot-gains-popularity-and-targets-us-organizations-large-campaigns}, language = {English}, urldate = {2019-12-20} } DanaBot Gains Popularity and Targets US Organizations in Large Campaigns
DanaBot
2018-09-11ProofpointProofpoint Staff
@online{staff:20180911:new:14fda4a, author = {Proofpoint Staff}, title = {{New modular downloaders fingerprint systems - Part 3: CobInt}}, date = {2018-09-11}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-part-3-cobint}, language = {English}, urldate = {2019-12-20} } New modular downloaders fingerprint systems - Part 3: CobInt
CobInt
2018-08-23ProofpointProofpoint Staff
@online{staff:20180823:new:919635d, author = {Proofpoint Staff}, title = {{New modular downloaders fingerprint systems - Part 2: AdvisorsBot}}, date = {2018-08-23}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-part-2-advisorsbot}, language = {English}, urldate = {2019-12-20} } New modular downloaders fingerprint systems - Part 2: AdvisorsBot
AdvisorsBot
2018-08-16ProofpointProofpoint Staff
@online{staff:20180816:new:b372eeb, author = {Proofpoint Staff}, title = {{New modular downloaders fingerprint systems, prepare for more - Part 1: Marap}}, date = {2018-08-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-prepare-more-part-1-marap}, language = {English}, urldate = {2019-12-20} } New modular downloaders fingerprint systems, prepare for more - Part 1: Marap
Marap
2018-07-30ProofpointProofpoint Staff
@online{staff:20180730:new:07c5e76, author = {Proofpoint Staff}, title = {{New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign}}, date = {2018-07-30}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-version-azorult-stealer-improves-loading-features-spreads-alongside}, language = {English}, urldate = {2019-12-20} } New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign
Azorult Hermes Hermes Ransomware
2018-07-25ProofpointProofpoint Staff
@online{staff:20180725:parasite:e0da288, author = {Proofpoint Staff}, title = {{Parasite HTTP RAT cooks up a stew of stealthy tricks}}, date = {2018-07-25}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/parasite-http-rat-cooks-stew-stealthy-tricks}, language = {English}, urldate = {2019-12-20} } Parasite HTTP RAT cooks up a stew of stealthy tricks
parasite_http