Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-25SentinelOneAmitai Ben Shushan Ehrlich
@techreport{ehrlich:20210525:from:ebe10c3, author = {Amitai Ben Shushan Ehrlich}, title = {{From Wiper to Ransomware: The Evolution of Agrius}}, date = {2021-05-25}, institution = {SentinelOne}, url = {https://www.sentinelone.com/wp-content/uploads/2021/05/SentinelLabs_From-Wiper-to-Ransomware-The-Evolution-of-Agrius.pdf}, language = {English}, urldate = {2022-12-08} } From Wiper to Ransomware: The Evolution of Agrius
Apostle DEADWOOD
2021-05-20SentinelOneMarco Figueroa
@online{figueroa:20210520:caught:04692f1, author = {Marco Figueroa}, title = {{Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers}}, date = {2021-05-20}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/caught-in-the-cloud-how-a-monero-cryptominer-exploits-docker-containers/}, language = {English}, urldate = {2021-05-26} } Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers
2021-05-10SentinelOneSentinelOne
@online{sentinelone:20210510:meet:e3c28b4, author = {SentinelOne}, title = {{Meet DarkSide and Their Ransomware – SentinelOne Customers Protected}}, date = {2021-05-10}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/meet-darkside-and-their-ransomware-sentinelone-customers-protected/}, language = {English}, urldate = {2021-05-13} } Meet DarkSide and Their Ransomware – SentinelOne Customers Protected
DarkSide
2021-04-01SentinelOneJim Walter
@online{walter:20210401:avaddon:6735c18, author = {Jim Walter}, title = {{Avaddon RaaS | Breaks Public Decryptor, Continues On Rampage}}, date = {2021-04-01}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/avaddon-raas-breaks-public-decryptor-continues-on-rampage/}, language = {English}, urldate = {2021-04-09} } Avaddon RaaS | Breaks Public Decryptor, Continues On Rampage
Avaddon
2021-03-18SentinelOnePhil Stokes
@online{stokes:20210318:new:08a6649, author = {Phil Stokes}, title = {{New macOS malware XcodeSpy Targets Xcode Developers with EggShell Backdoor}}, date = {2021-03-18}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/new-macos-malware-xcodespy-targets-xcode-developers-with-eggshell-backdoor/}, language = {English}, urldate = {2021-03-19} } New macOS malware XcodeSpy Targets Xcode Developers with EggShell Backdoor
2021-02-03SentinelOneJim Walter
@online{walter:20210203:zeoticus:b4fee76, author = {Jim Walter}, title = {{Zeoticus 2.0 | Ransomware With No C2 Required}}, date = {2021-02-03}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/zeoticus-2-0-ransomware-with-no-c2-required/}, language = {English}, urldate = {2021-02-04} } Zeoticus 2.0 | Ransomware With No C2 Required
Zeoticus
2021-01-04SentinelOneMarco Figueroa
@online{figueroa:20210104:building:37407a6, author = {Marco Figueroa}, title = {{Building a Custom Malware Analysis Lab Environment}}, date = {2021-01-04}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/building-a-custom-malware-analysis-lab-environment/}, language = {English}, urldate = {2021-01-13} } Building a Custom Malware Analysis Lab Environment
TrickBot
2020-12-02SentinelOnePhil Stokes
@online{stokes:20201202:apt32:acd6b3a, author = {Phil Stokes}, title = {{APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique}}, date = {2020-12-02}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/apt32-multi-stage-macos-trojan-innovates-on-crimeware-scripting-technique/}, language = {English}, urldate = {2020-12-08} } APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique
OceanLotus
2020-11-25SentinelOneJim Walter
@online{walter:20201125:egregor:5727f7a, author = {Jim Walter}, title = {{Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone}}, date = {2020-11-25}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/egregor-raas-continues-the-chaos-with-cobalt-strike-and-rclone/}, language = {English}, urldate = {2020-12-08} } Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone
Cobalt Strike Egregor
2020-11-18SentinelOneJim Walter
@online{walter:20201118:ranzy:b1f443f, author = {Jim Walter}, title = {{Ranzy Ransomware | Better Encryption Among New Features of ThunderX Derivative}}, date = {2020-11-18}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/ranzy-ransomware-better-encryption-among-new-features-of-thunderx-derivative/}, language = {English}, urldate = {2020-11-19} } Ranzy Ransomware | Better Encryption Among New Features of ThunderX Derivative
ThunderX
2020-11-05SentinelOnePhil Stokes
@online{stokes:20201105:resourceful:2b135e6, author = {Phil Stokes}, title = {{Resourceful macOS Malware Hides in Named Fork}}, date = {2020-11-05}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/resourceful-macos-malware-hides-in-named-fork/}, language = {English}, urldate = {2020-11-09} } Resourceful macOS Malware Hides in Named Fork
Bundlore
2020-10-19SentinelOneGal Kristal
@online{kristal:20201019:purple:46e7ffb, author = {Gal Kristal}, title = {{Purple Fox EK | New CVEs, Steganography, and Virtualization Added to Attack Flow}}, date = {2020-10-19}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/purple-fox-ek-new-cves-steganography-and-virtualization-added-to-attack-flow/}, language = {English}, urldate = {2020-10-23} } Purple Fox EK | New CVEs, Steganography, and Virtualization Added to Attack Flow
2020-10-06SentinelOneJim Walter
@online{walter:20201006:fonix:9a3fb41, author = {Jim Walter}, title = {{The FONIX RaaS | New Low-Key Threat with Unnecessary Complexities}}, date = {2020-10-06}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/the-fonix-raas-new-low-key-threat-with-unnecessary-complexities/}, language = {English}, urldate = {2020-10-12} } The FONIX RaaS | New Low-Key Threat with Unnecessary Complexities
FONIX
2020-09-03SentinelOneJim Walter
@online{walter:20200903:multiplatform:43807b2, author = {Jim Walter}, title = {{Multi-Platform SMAUG RaaS Aims To See Off Competitors}}, date = {2020-09-03}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/multi-platform-smaug-raas-aims-to-see-off-competitors/}, language = {English}, urldate = {2020-09-06} } Multi-Platform SMAUG RaaS Aims To See Off Competitors
SMAUG
2020-08-31SentinelOneJim Walter
@online{walter:20200831:blindingcan:cdb0ffc, author = {Jim Walter}, title = {{The BLINDINGCAN RAT and Malicious North Korean Activity}}, date = {2020-08-31}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/the-blindingcan-rat-and-malicious-north-korean-activity/}, language = {English}, urldate = {2020-09-01} } The BLINDINGCAN RAT and Malicious North Korean Activity
BLINDINGCAN
2020-08-13SentinelOneSentinelLabs
@online{sentinellabs:20200813:case:4560aed, author = {SentinelLabs}, title = {{Case Study: Catching a Human-Operated Maze Ransomware Attack In Action}}, date = {2020-08-13}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/case-study-catching-a-human-operated-maze-ransomware-attack-in-action/}, language = {English}, urldate = {2020-08-14} } Case Study: Catching a Human-Operated Maze Ransomware Attack In Action
Maze
2020-08-10SentinelOneJim Walter
@online{walter:20200810:agent:d09f042, author = {Jim Walter}, title = {{Agent Tesla | Old RAT Uses New Tricks to Stay on Top}}, date = {2020-08-10}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/agent-tesla-old-rat-uses-new-tricks-to-stay-on-top/}, language = {English}, urldate = {2020-08-13} } Agent Tesla | Old RAT Uses New Tricks to Stay on Top
Agent Tesla
2020-07-27SentinelOnePhil Stokes
@online{stokes:20200727:four:9d80c60, author = {Phil Stokes}, title = {{Four Distinct Families of Lazarus Malware Target Apple’s macOS Platform}}, date = {2020-07-27}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/four-distinct-families-of-lazarus-malware-target-apples-macos-platform/}, language = {English}, urldate = {2020-07-30} } Four Distinct Families of Lazarus Malware Target Apple’s macOS Platform
AppleJeus Casso Dacls WatchCat
2020-07-22SentinelOneJason Reaves, Joshua Platt
@online{reaves:20200722:enter:71d9038, author = {Jason Reaves and Joshua Platt}, title = {{Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)}}, date = {2020-07-22}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/enter-the-maze-demystifying-an-affiliate-involved-in-maze-snow/}, language = {English}, urldate = {2020-07-23} } Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)
ISFB Maze TrickBot Zloader
2020-07-08SentinelOnePhil Stokes
@online{stokes:20200708:evilquest:aeb5d92, author = {Phil Stokes}, title = {{“EvilQuest” Rolls Ransomware, Spyware & Data Theft Into One}}, date = {2020-07-08}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/evilquest-a-new-macos-malware-rolls-ransomware-spyware-and-data-theft-into-one/}, language = {English}, urldate = {2022-03-02} } “EvilQuest” Rolls Ransomware, Spyware & Data Theft Into One
EvilQuest