Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-17CrowdStrikeStrategic Threat Advisory Group, Falcon OverWatch Team
@online{group:20210217:dont:807d211, author = {Strategic Threat Advisory Group and Falcon OverWatch Team}, title = {{Don’t Get Schooled: Understanding the Threats to the Academic Industry}}, date = {2021-02-17}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/academia-threat-landscape-2020-analysis/}, language = {English}, urldate = {2021-02-20} } Don’t Get Schooled: Understanding the Threats to the Academic Industry
2021-02-14CywareCyware
@online{cyware:20210214:hildegard:580418b, author = {Cyware}, title = {{Hildegard: TeamTNT’s New Feature-Rich Malware Targeting Kubernetes}}, date = {2021-02-14}, organization = {Cyware}, url = {https://cyware.com/news/hildegard-teamtnts-new-feature-rich-malware-targeting-kubernetes-6587eb45}, language = {English}, urldate = {2021-03-12} } Hildegard: TeamTNT’s New Feature-Rich Malware Targeting Kubernetes
TeamTNT
2021-02-12MalwarebytesThreat Intelligence Team
@online{team:20210212:malvertising:6f4c197, author = {Threat Intelligence Team}, title = {{Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams}}, date = {2021-02-12}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2021/02/malvertising-campaign-on-top-adult-brands-exposes-users-to-tech-support-scams/}, language = {English}, urldate = {2021-02-18} } Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams
2021-02-11MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Research Team
@online{dart:20210211:web:c22c110, author = {Detection and Response Team (DART) and Microsoft 365 Defender Research Team}, title = {{Web shell attacks continue to rise}}, date = {2021-02-11}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/02/11/web-shell-attacks-continue-to-rise/}, language = {English}, urldate = {2021-02-20} } Web shell attacks continue to rise
2021-02-11ProofpointProofpoint Threat Research Team
@online{team:20210211:baza:41ddf2c, author = {Proofpoint Threat Research Team}, title = {{A Baza Valentine’s Day}}, date = {2021-02-11}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/baza-valentines-day}, language = {English}, urldate = {2021-02-25} } A Baza Valentine’s Day
BazarBackdoor
2021-02-09MicrosoftMSRC Team
@online{team:20210209:multiple:984a407, author = {MSRC Team}, title = {{Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086}}, date = {2021-02-09}, organization = {Microsoft}, url = {https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/}, language = {English}, urldate = {2021-02-10} } Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
2021-02-09MicrosoftMSRC Team
@online{team:20210209:windows:85fcea7, author = {MSRC Team}, title = {{Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1732 (exploited ITW)}}, date = {2021-02-09}, organization = {Microsoft}, url = {https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1732}, language = {English}, urldate = {2021-02-10} } Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1732 (exploited ITW)
2021-02-06Clairvoyance Security LabAdvanced threat research team
@online{team:20210206:mo:c85d4df, author = {Advanced threat research team}, title = {{Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises}}, date = {2021-02-06}, organization = {Clairvoyance Security Lab}, url = {https://mp.weixin.qq.com/s/fsesosMnKIfAi_I9I0wKSA}, language = {Chinese}, urldate = {2021-02-09} } Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises
Ave Maria
2021-02-05Twitter (@8th_grey_owl)8thGreyOwl
@online{8thgreyowl:20210205:calmthorn:8397a05, author = {8thGreyOwl}, title = {{Tweet on CALMTHORN, used by Tonto Team}}, date = {2021-02-05}, organization = {Twitter (@8th_grey_owl)}, url = {https://twitter.com/8th_grey_owl/status/1357550261963689985}, language = {English}, urldate = {2021-02-09} } Tweet on CALMTHORN, used by Tonto Team
CALMTHORN
2021-02-05Team CymruDavid Monnier
@online{monnier:20210205:kobalos:e8f562f, author = {David Monnier}, title = {{Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping}}, date = {2021-02-05}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/02/05/kobalos-malware-mapping/}, language = {English}, urldate = {2021-02-06} } Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos
2021-02-04ClearSkyClearSky Research Team
@techreport{team:20210204:conti:27cb3a2, author = {ClearSky Research Team}, title = {{CONTI Modus Operandi and Bitcoin Tracking}}, date = {2021-02-04}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/02/Conti-Ransomware.pdf}, language = {English}, urldate = {2021-02-06} } CONTI Modus Operandi and Bitcoin Tracking
Conti Ransomware Ryuk
2021-02-04ChainanalysisChainalysis Team
@online{team:20210204:blockchain:4e63b2f, author = {Chainalysis Team}, title = {{Blockchain Analysis Shows Connections Between Four of 2020’s Biggest Ransomware Strains}}, date = {2021-02-04}, organization = {Chainanalysis}, url = {https://blog.chainalysis.com/reports/ransomware-connections-maze-egregor-suncrypt-doppelpaymer}, language = {English}, urldate = {2021-02-06} } Blockchain Analysis Shows Connections Between Four of 2020’s Biggest Ransomware Strains
DoppelPaymer Egregor Maze SunCrypt
2021-02-03Palo Alto Networks Unit 42Jay Chen, Aviv Sasson, Ariel Zelivansky
@online{chen:20210203:hildegard:f3ca3bc, author = {Jay Chen and Aviv Sasson and Ariel Zelivansky}, title = {{Hildegard: New TeamTNT Malware Targeting Kubernetes}}, date = {2021-02-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/}, language = {English}, urldate = {2021-02-04} } Hildegard: New TeamTNT Malware Targeting Kubernetes
TeamTNT TeamTNT
2021-02-03AhnLabAhnLab ASEC Analysis Team
@online{team:20210203:dissemination:de95157, author = {AhnLab ASEC Analysis Team}, title = {{Dissemination of malicious code disguised as a document of'Amendment of Ministry of Defense's Business Report in 2021}}, date = {2021-02-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/20057/}, language = {Korean}, urldate = {2021-02-04} } Dissemination of malicious code disguised as a document of'Amendment of Ministry of Defense's Business Report in 2021
2021-02-01AhnLabASEC Analysis Team
@online{team:20210201:bluecrab:df21c0a, author = {ASEC Analysis Team}, title = {{BlueCrab ransomware, CobaltStrike hacking tool installed in corporate environment}}, date = {2021-02-01}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/19860/}, language = {English}, urldate = {2021-02-06} } BlueCrab ransomware, CobaltStrike hacking tool installed in corporate environment
Cobalt Strike REvil
2021-02-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20210201:what:2e12897, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{What tracking an attacker email infrastructure tells us about persistent cybercriminal operations}}, date = {2021-02-01}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/02/01/what-tracking-an-attacker-email-infrastructure-tells-us-about-persistent-cybercriminal-operations/}, language = {English}, urldate = {2021-02-02} } What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot
2021-02-01Kryptos LogicKryptos Logic Vantage Team
@online{team:20210201:trickbot:8ae2189, author = {Kryptos Logic Vantage Team}, title = {{Trickbot masrv Module}}, date = {2021-02-01}, organization = {Kryptos Logic}, url = {https://www.kryptoslogic.com/blog/2021/02/trickbot-masrv-module/}, language = {English}, urldate = {2021-02-02} } Trickbot masrv Module
TrickBot
2021-02-01Microstep Intelligence BureauMicrostep online research response team
@online{team:20210201:analysis:203afe0, author = {Microstep online research response team}, title = {{Analysis of the attack activity organized by Konni APT using the topic of North Korean epidemic materials as bait}}, date = {2021-02-01}, organization = {Microstep Intelligence Bureau}, url = {https://www.anquanke.com/post/id/230116}, language = {Chinese}, urldate = {2021-02-02} } Analysis of the attack activity organized by Konni APT using the topic of North Korean epidemic materials as bait
Amadey
2021-01-30Microstep Intelligence BureauMicrostep online research response team
@online{team:20210130:analysis:2758345, author = {Microstep online research response team}, title = {{Analysis of Lazarus attacks against security researchers}}, date = {2021-01-30}, organization = {Microstep Intelligence Bureau}, url = {https://www.anquanke.com/post/id/230161}, language = {Chinese}, urldate = {2021-02-02} } Analysis of Lazarus attacks against security researchers
ComeBacker
2021-01-29MalwarebytesThreat Intelligence Team
@online{team:20210129:cleaning:489c8b3, author = {Threat Intelligence Team}, title = {{Cleaning up after Emotet: the law enforcement file}}, date = {2021-01-29}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/01/cleaning-up-after-emotet-the-law-enforcement-file/}, language = {English}, urldate = {2021-02-02} } Cleaning up after Emotet: the law enforcement file
Emotet