Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-09RiskIQJordan Herman
@online{herman:20200609:misconfigured:75c6908, author = {Jordan Herman}, title = {{Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code}}, date = {2020-06-09}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/misconfigured-s3-buckets/}, language = {English}, urldate = {2020-06-10} } Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code
magecart
2020-03-24RiskIQWes Smiley
@online{smiley:20200324:exploring:3a3c04b, author = {Wes Smiley}, title = {{Exploring Agent Tesla Infrastructure}}, date = {2020-03-24}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/6337984e}, language = {English}, urldate = {2021-04-09} } Exploring Agent Tesla Infrastructure
Agent Tesla
2020-03-18RiskIQYonathan Klijnsma
@online{klijnsma:20200318:magecart:2ee4a78, author = {Yonathan Klijnsma}, title = {{Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims}}, date = {2020-03-18}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-nutribullet/}, language = {English}, urldate = {2020-03-19} } Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims
magecart
2020-02-07RiskIQJordan Herman
@online{herman:20200207:magecart:185b67b, author = {Jordan Herman}, title = {{Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign}}, date = {2020-02-07}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-group-12-olympics/}, language = {English}, urldate = {2020-02-09} } Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign
magecart
2019-10-16RiskIQJohn Omernik
@online{omernik:20191016:lnkr:5612e9a, author = {John Omernik}, title = {{LNKR: More than Just a Browser Extension}}, date = {2019-10-16}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/lnkr-browser-extension/}, language = {English}, urldate = {2020-03-04} } LNKR: More than Just a Browser Extension
LNKR
2019-02-28RiskIQYonathan Klijnsma
@online{klijnsma:20190228:magecart:e2b0173, author = {Yonathan Klijnsma}, title = {{Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime}}, date = {2019-02-28}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-group-4-always-advancing/}, language = {English}, urldate = {2020-01-06} } Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime
magecart
2018-07-09RiskIQYonathan Klijnsma, Jordan Herman
@online{klijnsma:20180709:inside:e92fff2, author = {Yonathan Klijnsma and Jordan Herman}, title = {{Inside and Beyond Ticketmaster: The Many Breaches of Magecart}}, date = {2018-07-09}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-ticketmaster-breach/}, language = {English}, urldate = {2020-01-12} } Inside and Beyond Ticketmaster: The Many Breaches of Magecart
magecart
2018-01-23RiskIQYonathan Klijnsma
@online{klijnsma:20180123:espionage:f3d28b0, author = {Yonathan Klijnsma}, title = {{Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors}}, date = {2018-01-23}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/spear-phishing-turkish-defense-contractors/}, language = {English}, urldate = {2019-12-24} } Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors
Remcos
2018-01-16RiskIQYonathan Klijnsma
@online{klijnsma:20180116:first:9184887, author = {Yonathan Klijnsma}, title = {{First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks}}, date = {2018-01-16}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-group-spear-phishing-russian-banks/}, language = {English}, urldate = {2019-11-26} } First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks
Cobalt
2018RiskIQBrandon Dixon
@techreport{dixon:2018:alphathreat:f97b446, author = {Brandon Dixon}, title = {{Alphathreat Soup Burning Actors with Data}}, date = {2018}, institution = {RiskIQ}, url = {https://hitcon.org/2018/CMT/slide-files/d1_s2_r1.pdf}, language = {English}, urldate = {2021-08-09} } Alphathreat Soup Burning Actors with Data
2017-12-20RiskIQYonathan Klijnsma
@online{klijnsma:20171220:mining:4b3dc11, author = {Yonathan Klijnsma}, title = {{Mining Insights: Infrastructure Analysis of Lazarus Group Cyber Attacks on the Cryptocurrency Industry}}, date = {2017-12-20}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/lazarus-group-cryptocurrency/}, language = {English}, urldate = {2020-01-13} } Mining Insights: Infrastructure Analysis of Lazarus Group Cyber Attacks on the Cryptocurrency Industry
PowerRatankba
2017-11-28RiskIQYonathan Klijnsma
@online{klijnsma:20171128:gaffe:7c5097a, author = {Yonathan Klijnsma}, title = {{Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions}}, date = {2017-11-28}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-strike/}, language = {English}, urldate = {2020-01-13} } Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions
Cobalt
2017-11-02RiskIQYonathan Klijnsma
@online{klijnsma:20171102:new:d98411c, author = {Yonathan Klijnsma}, title = {{New Insights into Energetic Bear’s Watering Hole Cyber Attacks on Turkish Critical Infrastructure}}, date = {2017-11-02}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/energetic-bear/}, language = {English}, urldate = {2020-01-13} } New Insights into Energetic Bear’s Watering Hole Cyber Attacks on Turkish Critical Infrastructure
Energetic Bear
2017-10-26RiskIQYonathan Klijnsma
@online{klijnsma:20171026:new:8298949, author = {Yonathan Klijnsma}, title = {{New htpRAT Gives Complete Remote Control Capabilities to Chinese Cyber Threat Actors}}, date = {2017-10-26}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/htprat/}, language = {English}, urldate = {2020-01-09} } New htpRAT Gives Complete Remote Control Capabilities to Chinese Cyber Threat Actors
htpRAT
2017-10-25RiskIQYonathan Klijnsma
@online{klijnsma:20171025:down:8d41ef5, author = {Yonathan Klijnsma}, title = {{Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection}}, date = {2017-10-25}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/badrabbit/}, language = {English}, urldate = {2020-01-10} } Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection
EternalPetya