Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2017-09-26Palo Alto Networks Unit 42Robert Falcone, Bryan Lee
@online{falcone:20170926:striking:f9aa319, author = {Robert Falcone and Bryan Lee}, title = {{Striking Oil: A Closer Look at Adversary Infrastructure}}, date = {2017-09-26}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2017/09/unit42-striking-oil-closer-look-adversary-infrastructure/}, language = {English}, urldate = {2019-12-20} } Striking Oil: A Closer Look at Adversary Infrastructure
RGDoor
2017-08-02RSA LinkAhmed Sonbol
@online{sonbol:20170802:malspam:d849b12, author = {Ahmed Sonbol}, title = {{Malspam delivers Xtreme RAT 8-1-2017}}, date = {2017-08-02}, organization = {RSA Link}, url = {https://community.rsa.com/community/products/netwitness/blog/2017/08/02/malspam-delivers-xtreme-rat-8-1-2017}, language = {English}, urldate = {2020-01-13} } Malspam delivers Xtreme RAT 8-1-2017
Xtreme RAT
2017-05-03RSA LinkAhmed Sonbol
@online{sonbol:20170503:hunting:ce577ba, author = {Ahmed Sonbol}, title = {{Hunting pack use case: RedLeaves malware}}, date = {2017-05-03}, organization = {RSA Link}, url = {https://community.rsa.com/community/products/netwitness/blog/2017/05/03/hunting-pack-use-case-redleaves-malware}, language = {English}, urldate = {2020-03-11} } Hunting pack use case: RedLeaves malware
RedLeaves
2017-02-13RSARSA Research
@techreport{research:20170213:kingslayer:98f4892, author = {RSA Research}, title = {{KINGSLAYER – A SUPPLY CHAIN ATTACK}}, date = {2017-02-13}, institution = {RSA}, url = {https://www.rsa.com/content/dam/pdfs/2-2017/kingslayer-a-supply-chain-attack.pdf}, language = {English}, urldate = {2020-01-08} } KINGSLAYER – A SUPPLY CHAIN ATTACK
CodeKey PlugX
2016-12-22GovCERT.chGovCERT.ch
@online{govcertch:20161222:tofsee:8a6f36b, author = {GovCERT.ch}, title = {{Tofsee Spambot features .ch DGA - Reversal and Countermesaures}}, date = {2016-12-22}, organization = {GovCERT.ch}, url = {https://www.govcert.ch/blog/tofsee-spambot-features-.ch-dga-reversal-and-countermesaures/}, language = {English}, urldate = {2023-02-27} } Tofsee Spambot features .ch DGA - Reversal and Countermesaures
Tofsee
2016-09-13Laanwj
@online{laanwj:20160913:curious:fa20b98, author = {Laanwj}, title = {{The curious case of BLATSTING's RSA implementation}}, date = {2016-09-13}, url = {https://laanwj.github.io/2016/09/13/blatsting-rsa.html}, language = {English}, urldate = {2020-01-09} } The curious case of BLATSTING's RSA implementation
Equationgroup (Sorting)
2016-06-15Fox-ITFox IT
@online{it:20160615:mofang:59e7ad3, author = {Fox IT}, title = {{Mofang: A politically motivated information stealing adversary}}, date = {2016-06-15}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2016/06/15/mofang-a-politically-motivated-information-stealing-adversary/}, language = {English}, urldate = {2019-11-27} } Mofang: A politically motivated information stealing adversary
Mofang
2016-05-17Fox-ITYonathan Klijnsma, Danny Heppener, Mitchel Sahertian, Krijn de Mik, Maarten van Dantzig, Yun Zheng Hu, Lennart Haagsma, Martin van Hensbergen, Erik de Jong
@techreport{klijnsma:20160517:mofang:7035a61, author = {Yonathan Klijnsma and Danny Heppener and Mitchel Sahertian and Krijn de Mik and Maarten van Dantzig and Yun Zheng Hu and Lennart Haagsma and Martin van Hensbergen and Erik de Jong}, title = {{Mofang: A politically motivated information stealing adversary}}, date = {2016-05-17}, institution = {Fox-IT}, url = {https://foxitsecurity.files.wordpress.com/2016/06/fox-it_mofang_threatreport_tlp-white.pdf}, language = {English}, urldate = {2020-01-09} } Mofang: A politically motivated information stealing adversary
Shim RAT Mofang
2016-05-03William Showalter
@online{showalter:20160503:universal:e111d7d, author = {William Showalter}, title = {{A Universal Windows Bootkit}}, date = {2016-05-03}, url = {http://williamshowalter.com/a-universal-windows-bootkit/}, language = {English}, urldate = {2020-01-07} } A Universal Windows Bootkit
APT41
2016-03-30SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20160330:ransomware:d1b6fe3, author = {Counter Threat Unit ResearchTeam}, title = {{Ransomware Deployed by Adversary with Established Foothold}}, date = {2016-03-30}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ransomware-deployed-by-adversary}, language = {English}, urldate = {2021-05-28} } Ransomware Deployed by Adversary with Established Foothold
MimiKatz reGeorg SamSam BOSS SPIDER
2016-03-02RSA ConferenceVanja Svajcer
@techreport{svajcer:20160302:dissecting:e8721e3, author = {Vanja Svajcer}, title = {{Dissecting Derusbi}}, date = {2016-03-02}, institution = {RSA Conference}, url = {https://web.archive.org/web/20180310053107/https://www.rsaconference.com/writable/presentations/file_upload/hta-w02-dissecting-derusbi.pdf}, language = {English}, urldate = {2020-02-27} } Dissecting Derusbi
Derusbi
2016-01-22RSA LinkNorton Santos
@online{santos:20160122:plugx:580fcff, author = {Norton Santos}, title = {{PlugX APT Malware}}, date = {2016-01-22}, organization = {RSA Link}, url = {https://community.rsa.com/thread/185439}, language = {English}, urldate = {2020-01-13} } PlugX APT Malware
PlugX
2016-01-22RSANorton Santos
@online{santos:20160122:sykipot:942f0f0, author = {Norton Santos}, title = {{Sykipot APT Malware}}, date = {2016-01-22}, organization = {RSA}, url = {https://community.rsa.com/thread/185437}, language = {English}, urldate = {2020-01-08} } Sykipot APT Malware
sykipot
2015-11-25RSARSA
@online{rsa:20151125:detecting:84c8eed, author = {RSA}, title = {{Detecting GlassRAT using Security Analytics and ECAT}}, date = {2015-11-25}, organization = {RSA}, url = {https://community.rsa.com/community/products/netwitness/blog/2015/11/25/detecting-glassrat-using-security-analytics-and-ecat}, language = {English}, urldate = {2020-01-06} } Detecting GlassRAT using Security Analytics and ECAT
GlassRAT
2014-09-22SecurityIntelligenceAssaf Regev, Tal Darsan
@online{regev:20140922:tinba:088fca0, author = {Assaf Regev and Tal Darsan}, title = {{Tinba Malware Reloaded and Attacking Banks Around the World}}, date = {2014-09-22}, organization = {SecurityIntelligence}, url = {http://securityintelligence.com/tinba-malware-reloaded-and-attacking-banks-around-the-world/}, language = {English}, urldate = {2020-01-09} } Tinba Malware Reloaded and Attacking Banks Around the World
Tinba
2014-08-27Kaspersky LabsKaspersky
@online{kaspersky:20140827:nettraveler:5469ce3, author = {Kaspersky}, title = {{NetTraveler Gets a Makeover for 10th Anniversary}}, date = {2014-08-27}, organization = {Kaspersky Labs}, url = {https://www.kaspersky.com/about/press-releases/2014_nettraveler-gets-a-makeover-for-10th-anniversary}, language = {English}, urldate = {2020-01-13} } NetTraveler Gets a Makeover for 10th Anniversary
APT21
2014-07-10Kaspersky LabsMikhail Kuzin
@online{kuzin:20140710:versatile:0c64d25, author = {Mikhail Kuzin}, title = {{Versatile DDoS Trojan for Linux}}, date = {2014-07-10}, organization = {Kaspersky Labs}, url = {https://securelist.com/versatile-ddos-trojan-for-linux/64361/}, language = {English}, urldate = {2019-12-20} } Versatile DDoS Trojan for Linux
BillGates
2014-02-24RSA ConferenceDmitri Alperovitch
@techreport{alperovitch:20140224:art:df5650c, author = {Dmitri Alperovitch}, title = {{The Art of Attribution Identifying and Pursuing your Cyber Adversaries}}, date = {2014-02-24}, institution = {RSA Conference}, url = {https://docs.huihoo.com/rsaconference/usa-2014/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries-final.pdf}, language = {English}, urldate = {2020-04-06} } The Art of Attribution Identifying and Pursuing your Cyber Adversaries
ANDROMEDA SPIDER APT19 DEXTOROUS SPIDER Silent Chollima SINGING SPIDER Tonto Team TOXIC PANDA UNION SPIDER
2014-01RSARSA Research
@techreport{research:201401:rsa:5fa5815, author = {RSA Research}, title = {{RSA Incident Response: Emerging Threat Profile Shell_Crew}}, date = {2014-01}, institution = {RSA}, url = {https://www.rsa.com/content/dam/en/white-paper/rsa-incident-response-emerging-threat-profile-shell-crew.pdf}, language = {English}, urldate = {2021-01-29} } RSA Incident Response: Emerging Threat Profile Shell_Crew
Derusbi
2013-10-29RSA ConferencePeter Kálnai, Jaromír Hořejší
@techreport{klnai:20131029:dissecting:30488b5, author = {Peter Kálnai and Jaromír Hořejší}, title = {{Dissecting Banking Trojan Carberp}}, date = {2013-10-29}, institution = {RSA Conference}, url = {https://web.archive.org/web/20150713145858/http://www.rsaconference.com/writable/presentations/file_upload/ht-t06-dissecting-banking-trojan-carberp_copy1.pdf}, language = {English}, urldate = {2020-02-27} } Dissecting Banking Trojan Carberp
Carberp