Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-07-13JoeSecurityJoe Security
@online{security:20200713:trickbots:a164ba5, author = {Joe Security}, title = {{TrickBot's new API-Hammering explained}}, date = {2020-07-13}, organization = {JoeSecurity}, url = {https://www.joesecurity.org/blog/498839998833561473}, language = {English}, urldate = {2020-07-15} } TrickBot's new API-Hammering explained
TrickBot
2020-06-18DragosJoe Slowik
@online{slowik:20200618:ekans:e768da1, author = {Joe Slowik}, title = {{EKANS Ransomware Misconceptions and Misunderstandings}}, date = {2020-06-18}, organization = {Dragos}, url = {https://www.dragos.com/blog/industry-news/ekans-ransomware-misconceptions-and-misunderstandings/}, language = {English}, urldate = {2020-06-19} } EKANS Ransomware Misconceptions and Misunderstandings
Snake
2020-06-11Talos IntelligenceKendall McKay, Joe Marshall
@online{mckay:20200611:tor2mine:ee5dda6, author = {Kendall McKay and Joe Marshall}, title = {{Tor2Mine is up to their old tricks — and adds a few new ones}}, date = {2020-06-11}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2020/06/tor2mine-is-up-to-their-old-tricks-and_11.html}, language = {English}, urldate = {2020-06-12} } Tor2Mine is up to their old tricks — and adds a few new ones
Azorult Remcos
2020-06-09RAND CorporationBilyana Lilly, Joe Cheravitch
@techreport{lilly:20200609:past:d6656a1, author = {Bilyana Lilly and Joe Cheravitch}, title = {{The Past, Present, and Future of Russia’s Cyber Strategy and Forces}}, date = {2020-06-09}, institution = {RAND Corporation}, url = {https://ccdcoe.org/uploads/2020/05/CyCon_2020_8_Lilly_Cheravitch.pdf}, language = {English}, urldate = {2020-06-10} } The Past, Present, and Future of Russia’s Cyber Strategy and Forces
2020-05-28Stranded on Pylos BlogJoe Slowik
@online{slowik:20200528:silos:3527589, author = {Joe Slowik}, title = {{Silos of Excellence}}, date = {2020-05-28}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2020/05/28/silos-of-excellence/}, language = {English}, urldate = {2020-05-29} } Silos of Excellence
2020-05-12Trend MicroJoey Chen
@techreport{chen:20200512:tropic:a3285d0, author = {Joey Chen}, title = {{Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments (Technical Brief)}}, date = {2020-05-12}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/Tech-Brief-Tropic-Trooper-s-Back-USBferry-Attack-Targets-Air-gapped-Environments.pdf}, language = {English}, urldate = {2020-05-14} } Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments (Technical Brief)
USBferry
2020-05-12Trend MicroJoey Chen
@online{chen:20200512:tropic:8fff7a4, author = {Joey Chen}, title = {{Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments}}, date = {2020-05-12}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-troopers-back-usbferry-attack-targets-air-gapped-environments/}, language = {English}, urldate = {2020-05-14} } Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
USBferry
2020-03DragosJoe Slowik
@techreport{slowik:202003:spyware:412ef8a, author = {Joe Slowik}, title = {{Spyware Stealer Locker Wiper Locker Goga Revisited}}, date = {2020-03}, institution = {Dragos}, url = {https://dragos.com/wp-content/uploads/Spyware-Stealer-Locker-Wiper-LockerGoga-Revisited.pdf}, language = {English}, urldate = {2020-03-18} } Spyware Stealer Locker Wiper Locker Goga Revisited
LockerGoga
2020-02-25RSA ConferenceJoel DeCapua
@online{decapua:20200225:feds:423f929, author = {Joel DeCapua}, title = {{Feds Fighting Ransomware: How the FBI Investigates and How You Can Help}}, date = {2020-02-25}, organization = {RSA Conference}, url = {https://www.youtube.com/watch?v=LUxOcpIRxmg}, language = {English}, urldate = {2020-03-04} } Feds Fighting Ransomware: How the FBI Investigates and How You Can Help
FastCash Cerber Defray Dharma FriedEx Gandcrab GlobeImposter Mamba Phobos Rapid Ransom REvil Ryuk SamSam Zeus
2020-01DragosJoe Slowik
@techreport{slowik:202001:threat:d891011, author = {Joe Slowik}, title = {{Threat Intelligence and the Limits of Malware Analysis}}, date = {2020-01}, institution = {Dragos}, url = {https://pylos.co/wp-content/uploads/2020/02/Threat-Intelligence-and-the-Limits-of-Malware-Analysis.pdf}, language = {English}, urldate = {2020-06-10} } Threat Intelligence and the Limits of Malware Analysis
Exaramel Exaramel Industroyer Lookback NjRAT PlugX
2019-11-29Trend MicroJoey Chen, Hiroyuki Kakara, Masaoki Shoji
@techreport{chen:20191129:operation:16f5aaa, author = {Joey Chen and Hiroyuki Kakara and Masaoki Shoji}, title = {{Operation ENDTRADE:TICK: 2019s Multi-Stage Backdoors for Attacking Industries and Stealing Classified Data}}, date = {2019-11-29}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/pdf/Operation-ENDTRADE-TICK-s-Multi-Stage-Backdoors-for-Attacking-Industries-and-Stealing-Classified-Data.pdf}, language = {English}, urldate = {2020-06-02} } Operation ENDTRADE:TICK: 2019s Multi-Stage Backdoors for Attacking Industries and Stealing Classified Data
BROLER
2019-11-29Trend MicroJoey Chen, Hiroyuki Kakara, Masaoki Shoji
@online{chen:20191129:operation:749d75d, author = {Joey Chen and Hiroyuki Kakara and Masaoki Shoji}, title = {{Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK}}, date = {2019-11-29}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/operation-endtrade-finding-multi-stage-backdoors-that-tick/}, language = {English}, urldate = {2019-12-17} } Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK
Datper Lilith
2019-08-29Security IntelligenceOle Villadsen, Kevin Henson, Melissa Frydrych, Joey Victorino
@online{villadsen:20190829:moreeggs:8ff7351, author = {Ole Villadsen and Kevin Henson and Melissa Frydrych and Joey Victorino}, title = {{More_eggs, Anyone? Threat Actor ITG08 Strikes Again}}, date = {2019-08-29}, organization = {Security Intelligence}, url = {https://securityintelligence.com/posts/more_eggs-anyone-threat-actor-itg08-strikes-again/}, language = {English}, urldate = {2020-01-13} } More_eggs, Anyone? Threat Actor ITG08 Strikes Again
More_eggs FIN6
2018-11-20Trend MicroLenart Bermejo, Joelson Soares
@online{bermejo:20181120:lazarus:1d8d3b3, author = {Lenart Bermejo and Joelson Soares}, title = {{Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America}}, date = {2018-11-20}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/lazarus-continues-heists-mounts-attacks-on-financial-organizations-in-latin-america/}, language = {English}, urldate = {2020-01-06} } Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America
BLINDTOAD
2018-11-18Stranded on Pylos BlogJoe
@online{joe:20181118:cozybear:4801301, author = {Joe}, title = {{CozyBear – In from the Cold?}}, date = {2018-11-18}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2018/11/18/cozybear-in-from-the-cold/}, language = {English}, urldate = {2020-01-09} } CozyBear – In from the Cold?
Cobalt Strike APT29
2018-07-17Trend MicroJoey Chen
@online{chen:20180717:blackgear:69b5213, author = {Joey Chen}, title = {{Blackgear Cyberespionage Campaign Resurfaces, Abuses Social Media for C&C Communication}}, date = {2018-07-17}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/blackgear-cyberespionage-campaign-resurfaces-abuses-social-media-for-cc-communication/}, language = {English}, urldate = {2020-01-13} } Blackgear Cyberespionage Campaign Resurfaces, Abuses Social Media for C&C Communication
Blackgear
2018-03-14Trend MicroJaromír Hořejší, Joey Chen, Joseph C. Chen
@online{hoej:20180314:tropic:352cf22, author = {Jaromír Hořejší and Joey Chen and Joseph C. Chen}, title = {{Tropic Trooper’s New Strategy}}, date = {2018-03-14}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/}, language = {English}, urldate = {2020-01-09} } Tropic Trooper’s New Strategy
KeyBoy APT23
2018-02-20Joe Security's BlogJoe Security
@online{security:20180220:latest:37f0c70, author = {Joe Security}, title = {{Latest Elise APT comes packed with Sandbox Evasions}}, date = {2018-02-20}, organization = {Joe Security's Blog}, url = {https://www.joesecurity.org/blog/8409877569366580427}, language = {English}, urldate = {2020-01-13} } Latest Elise APT comes packed with Sandbox Evasions
Elise
2017-11-07Trend MicroJoey Chen, MingYen Hsieh
@online{chen:20171107:redbaldknightbronze:63a08fe, author = {Joey Chen and MingYen Hsieh}, title = {{REDBALDKNIGHT/BRONZE BUTLER’s Daserf Backdoor Now Using Steganography}}, date = {2017-11-07}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography/}, language = {English}, urldate = {2020-01-09} } REDBALDKNIGHT/BRONZE BUTLER’s Daserf Backdoor Now Using Steganography
Tick
2017-01-27Joe's SecurityJoe
@online{joe:20170127:deep:d365b7e, author = {Joe}, title = {{Deep Analysis of Android Ransom Charger}}, date = {2017-01-27}, organization = {Joe's Security}, url = {http://blog.joesecurity.org/2017/01/deep-analysis-of-android-ransom-charger.html}, language = {English}, urldate = {2020-01-08} } Deep Analysis of Android Ransom Charger
Charger