Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-02RiskIQJennifer Grob
@online{grob:20210602:review:df29e01, author = {Jennifer Grob}, title = {{Review of Sysrv-hello Cryptjacking Botnet}}, date = {2021-06-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/98f391f9}, language = {English}, urldate = {2021-06-16} } Review of Sysrv-hello Cryptjacking Botnet
2021-05-26RiskIQJordan Herman
@online{herman:20210526:mobileinter:bfb90e8, author = {Jordan Herman}, title = {{The MobileInter Skimmer: Hosted by Google, Hiding in Images}}, date = {2021-05-26}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/8109e7ab}, language = {English}, urldate = {2021-06-09} } The MobileInter Skimmer: Hosted by Google, Hiding in Images
2021-05-20RiskIQJennifer Grob
@online{grob:20210520:analysis:1b7ae0b, author = {Jennifer Grob}, title = {{Analysis of Infrastructure used by DarkSide Affiliates}}, date = {2021-05-20}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/fdf74f23}, language = {English}, urldate = {2021-05-26} } Analysis of Infrastructure used by DarkSide Affiliates
DarkSide
2021-05-05RiskIQKelsey Clapp
@online{clapp:20210505:viruses:aab7c1a, author = {Kelsey Clapp}, title = {{Viruses to Violations - TrickBot's Shift in Tactics During the Pandemic}}, date = {2021-05-05}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/298c9fc9}, language = {English}, urldate = {2021-05-26} } Viruses to Violations - TrickBot's Shift in Tactics During the Pandemic
TrickBot
2021-04-22RiskIQRiskIQ
@online{riskiq:20210422:solarwinds:83581ea, author = {RiskIQ}, title = {{SolarWinds: Advancing the Story}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/9a515637}, language = {English}, urldate = {2021-04-28} } SolarWinds: Advancing the Story
SUNBURST
2021-04-22RiskIQAdam Castleman, Jordan Herman
@online{castleman:20210422:stealing:d799b15, author = {Adam Castleman and Jordan Herman}, title = {{Stealing All Your Information For Years With Shadow Z118 PayPal Phish Kits}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/50bcba95}, language = {English}, urldate = {2021-04-28} } Stealing All Your Information For Years With Shadow Z118 PayPal Phish Kits
2021-04-07RiskIQTeam RiskIQ
@online{riskiq:20210407:yanbian:43530e8, author = {Team RiskIQ}, title = {{Yanbian Gang Malware Continues with Wide-Scale Distribution and C2}}, date = {2021-04-07}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/external-threat-management/yanbian-gang-malware-distribution/}, language = {English}, urldate = {2021-04-19} } Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
Yanbian Gang
2021-04-07RiskIQAdam Castleman, Jordan Herman
@online{castleman:20210407:yanbian:dcf9de9, author = {Adam Castleman and Jordan Herman}, title = {{Yanbian Gang Malware Continues with Wide-Scale Distribution and C2}}, date = {2021-04-07}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f88ed16f/description}, language = {English}, urldate = {2021-04-09} } Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
2021-02-24RiskIQJordan Herman
@online{herman:20210224:turkey:2d3f340, author = {Jordan Herman}, title = {{Turkey Dog: Cerberus and Anubis Banking Trojans Target Turkish Speakers}}, date = {2021-02-24}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/85b3db8c}, language = {English}, urldate = {2021-02-25} } Turkey Dog: Cerberus and Anubis Banking Trojans Target Turkish Speakers
Anubis Cerberus
2021-01-27RiskIQAdam Castleman
@online{castleman:20210127:logokit:7322a8b, author = {Adam Castleman}, title = {{LogoKit: Simple, Effective, and Deceptive}}, date = {2021-01-27}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/a068810a}, language = {English}, urldate = {2021-01-29} } LogoKit: Simple, Effective, and Deceptive
2021-01-14RiskIQTeam RiskIQ
@online{riskiq:20210114:new:29f2c96, author = {Team RiskIQ}, title = {{New Analysis Puts Magecart Interconnectivity into Focus}}, date = {2021-01-14}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-medialand/}, language = {English}, urldate = {2021-01-18} } New Analysis Puts Magecart Interconnectivity into Focus
grelos magecart Raccoon
2021-01-14RiskIQJordan Herman
@online{herman:20210114:medialand:3f603bd, author = {Jordan Herman}, title = {{MediaLand: Magecart and Bulletproof Hosting}}, date = {2021-01-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/5bea32aa}, language = {English}, urldate = {2021-01-21} } MediaLand: Magecart and Bulletproof Hosting
magecart
2020-12-16RiskIQMia Ihm, Cory Kennedy, Jordan Herman
@online{ihm:20201216:skimming:608e648, author = {Mia Ihm and Cory Kennedy and Jordan Herman}, title = {{Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists}}, date = {2020-12-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/14924d61}, language = {English}, urldate = {2020-12-17} } Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists
magecart
2020-12-02RiskIQTeam RiskIQ
@online{riskiq:20201202:shadow:b331bd4, author = {Team RiskIQ}, title = {{‘Shadow Academy’ Targets 20 Universities Worldwide}}, date = {2020-12-02}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/external-threat-management/shadow-academy/}, language = {English}, urldate = {2020-12-08} } ‘Shadow Academy’ Targets 20 Universities Worldwide
2020-12-02RiskIQCorian Kennedy
@online{kennedy:20201202:shadow:76686c6, author = {Corian Kennedy}, title = {{Shadow Academy: Hiding in the shadows of Mabna Institute}}, date = {2020-12-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/44eb0802}, language = {English}, urldate = {2020-12-10} } Shadow Academy: Hiding in the shadows of Mabna Institute
Silent Librarian
2020-11-18RiskIQJordan Herman
@online{herman:20201118:grelos:7b6e4d2, author = {Jordan Herman}, title = {{The Grelos Skimmer: A New Variant}}, date = {2020-11-18}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/8c4b4a7a}, language = {English}, urldate = {2020-11-23} } The Grelos Skimmer: A New Variant
grelos
2020-11-11RiskIQJordan Herman
@online{herman:20201111:magecart:8137a1f, author = {Jordan Herman}, title = {{Magecart Group 12: End of Life Magento Sites Infested with Ants and Cockroaches}}, date = {2020-11-11}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/fda1f967}, language = {English}, urldate = {2020-11-18} } Magecart Group 12: End of Life Magento Sites Infested with Ants and Cockroaches
magecart
2020-10-29RiskIQRiskIQ
@online{riskiq:20201029:ryuk:0643968, author = {RiskIQ}, title = {{Ryuk Ransomware: Extensive Attack Infrastructure Revealed}}, date = {2020-10-29}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/0bcefe76}, language = {English}, urldate = {2020-11-02} } Ryuk Ransomware: Extensive Attack Infrastructure Revealed
Cobalt Strike Ryuk
2020-10-28RiskIQSteve Ginty
@online{ginty:20201028:domain:a285cb1, author = {Steve Ginty}, title = {{Domain Impersonation Targets Saudi Arabian Government Ministries}}, date = {2020-10-28}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/4fff4b0f}, language = {English}, urldate = {2020-11-02} } Domain Impersonation Targets Saudi Arabian Government Ministries
2020-10-14RiskIQSteve Ginty, Jon Gross
@online{ginty:20201014:wellmarked:9176303, author = {Steve Ginty and Jon Gross}, title = {{A Well-Marked Trail: Journeying through OceanLotus's Infrastructure}}, date = {2020-10-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f0320980}, language = {English}, urldate = {2020-10-23} } A Well-Marked Trail: Journeying through OceanLotus's Infrastructure
Cobalt Strike