Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2018-01-16CylanceCylance Threat Research Team
@online{team:20180116:threat:9f912f5, author = {Cylance Threat Research Team}, title = {{Threat Spotlight: LockPOS Point of Sale Malware}}, date = {2018-01-16}, organization = {Cylance}, url = {https://www.cylance.com/en_us/blog/threat-spotlight-lockpos-point-of-sale-malware.html}, language = {English}, urldate = {2019-11-25} } Threat Spotlight: LockPOS Point of Sale Malware
LockPOS
2018-01-16Cisco TalosWarren Mercer, Paul Rascagnères, Jungsoo An
@online{mercer:20180116:korea:f462331, author = {Warren Mercer and Paul Rascagnères and Jungsoo An}, title = {{Korea In The Crosshairs}}, date = {2018-01-16}, organization = {Cisco Talos}, url = {http://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html}, language = {English}, urldate = {2020-01-06} } Korea In The Crosshairs
Freenki Loader PoohMilk Loader RokRAT APT37
2018-01-16RiskIQYonathan Klijnsma
@online{klijnsma:20180116:first:9184887, author = {Yonathan Klijnsma}, title = {{First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks}}, date = {2018-01-16}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-group-spear-phishing-russian-banks/}, language = {English}, urldate = {2019-11-26} } First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks
Cobalt
2018-01-16Kaspersky LabsNikita Buchka, Alexey Firsh
@online{buchka:20180116:skygofree:4e0990c, author = {Nikita Buchka and Alexey Firsh}, title = {{Skygofree: Following in the footsteps of HackingTeam}}, date = {2018-01-16}, organization = {Kaspersky Labs}, url = {https://securelist.com/skygofree-following-in-the-footsteps-of-hackingteam/83603/}, language = {English}, urldate = {2019-12-20} } Skygofree: Following in the footsteps of HackingTeam
Skygofree
2018-01-16enSiloAlon Hadar
@online{hadar:20180116:globeimposter:6a2afda, author = {Alon Hadar}, title = {{GlobeImposter Ransomware}}, date = {2018-01-16}, organization = {enSilo}, url = {https://blog.ensilo.com/globeimposter-ransomware-technical}, language = {English}, urldate = {2019-07-09} } GlobeImposter Ransomware
GlobeImposter
2018-01-15VirITGianfranco Tonello
@online{tonello:20180115:bootkits:dd9dffc, author = {Gianfranco Tonello}, title = {{Bootkits are not dead. Pitou is back!}}, date = {2018-01-15}, organization = {VirIT}, url = {https://www.tgsoft.it/english/news_archivio_eng.asp?id=884}, language = {English}, urldate = {2020-01-09} } Bootkits are not dead. Pitou is back!
Pitou
2018-01-15AcronisAcronis Security
@online{security:20180115:globeimposter:b5ca4e4, author = {Acronis Security}, title = {{GlobeImposter ransomware: A holiday gift from the Necurs botnet}}, date = {2018-01-15}, organization = {Acronis}, url = {https://www.acronis.com/en-us/blog/posts/globeimposter-ransomware-holiday-gift-necurs-botnet}, language = {English}, urldate = {2020-01-13} } GlobeImposter ransomware: A holiday gift from the Necurs botnet
GlobeImposter
2018-01-15Trend MicroGilbert Sison, Rheniel Ramos, Jay Yaneza, Alfredo Oliveira
@online{sison:20180115:new:15ece8f, author = {Gilbert Sison and Rheniel Ramos and Jay Yaneza and Alfredo Oliveira}, title = {{New KillDisk Variant Hits Financial Organizations in Latin America}}, date = {2018-01-15}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-killdisk-variant-hits-financial-organizations-in-latin-america/}, language = {English}, urldate = {2023-03-27} } New KillDisk Variant Hits Financial Organizations in Latin America
KillDisk (Lazarus) Lazarus Group
2018-01-13The Washington PostEllen Nakashima
@online{nakashima:20180113:russian:fce58a2, author = {Ellen Nakashima}, title = {{Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes}}, date = {2018-01-13}, organization = {The Washington Post}, url = {https://www.washingtonpost.com/world/national-security/russian-military-was-behind-notpetya-cyberattack-in-ukraine-cia-concludes/2018/01/12/048d8506-f7ca-11e7-b34a-b85626af34ef_story.html}, language = {English}, urldate = {2020-01-06} } Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes
EternalPetya
2018-01-12MalwarebytesJérôme Segura
@online{segura:20180112:fake:c7bc448, author = {Jérôme Segura}, title = {{Fake Spectre and Meltdown patch pushes Smoke Loader malware}}, date = {2018-01-12}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2018/01/fake-spectre-and-meltdown-patch-pushes-smoke-loader/}, language = {English}, urldate = {2019-12-20} } Fake Spectre and Meltdown patch pushes Smoke Loader malware
SmokeLoader
2018-01-12MediumJacob Pimental
@online{pimental:20180112:sonja:114dec9, author = {Jacob Pimental}, title = {{Sonja Analysis}}, date = {2018-01-12}, organization = {Medium}, url = {https://medium.com/@jacob16682/snojan-analysis-bb3982fb1bb9}, language = {English}, urldate = {2020-01-05} } Sonja Analysis
Snojan
2018-01-12ProofpointProofpoint Staff
@online{staff:20180112:holiday:b4225b8, author = {Proofpoint Staff}, title = {{Holiday lull? Not so much}}, date = {2018-01-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/holiday-lull-not-so-much}, language = {English}, urldate = {2021-05-31} } Holiday lull? Not so much
Dridex Emotet GlobeImposter ISFB Necurs PandaBanker UrlZone NARWHAL SPIDER
2018-01-12StormshieldRémi Jullian
@online{jullian:20180112:analyzing:572a942, author = {Rémi Jullian}, title = {{Analyzing an Agent Tesla campaign: from a word document to the attacker credentials}}, date = {2018-01-12}, organization = {Stormshield}, url = {https://thisissecurity.stormshield.com/2018/01/12/agent-tesla-campaign/}, language = {English}, urldate = {2019-07-10} } Analyzing an Agent Tesla campaign: from a word document to the attacker credentials
Agent Tesla
2018-01-12Check PointElena Root, Bogdan Melnykov
@online{root:20180112:malware:7f1793a, author = {Elena Root and Bogdan Melnykov}, title = {{Malware Displaying Porn Ads Discovered in Game Apps on Google Play}}, date = {2018-01-12}, organization = {Check Point}, url = {https://research.checkpoint.com/malware-displaying-porn-ads-discovered-in-game-apps-on-google-play/}, language = {English}, urldate = {2020-01-13} } Malware Displaying Porn Ads Discovered in Game Apps on Google Play
AdultSwine
2018-01-11Youtube (OALabs)Sergei Frankoff
@online{frankoff:20180111:unpacking:bd095df, author = {Sergei Frankoff}, title = {{Unpacking Pykspa Malware With Python and IDA Pro - Subscriber Request Part 1}}, date = {2018-01-11}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=HfSQlC76_s4}, language = {English}, urldate = {2019-11-29} } Unpacking Pykspa Malware With Python and IDA Pro - Subscriber Request Part 1
Pykspa
2018-01-11Objective-SeePatrick Wardle
@online{wardle:20180111:ay:2c79d80, author = {Patrick Wardle}, title = {{Ay MaMi}}, date = {2018-01-11}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x26.html}, language = {English}, urldate = {2020-01-08} } Ay MaMi
MaMi
2018-01-11MalwareBreakdownMalwareBreakdown
@online{malwarebreakdown:20180111:malspam:994cbfe, author = {MalwareBreakdown}, title = {{Malspam Entitled “Invoice attched for your reference” Delivers Agent Tesla Keylogger}}, date = {2018-01-11}, organization = {MalwareBreakdown}, url = {https://malwarebreakdown.com/2018/01/11/malspam-entitled-invoice-attched-for-your-reference-delivers-agent-tesla-keylogger/}, language = {English}, urldate = {2019-11-29} } Malspam Entitled “Invoice attched for your reference” Delivers Agent Tesla Keylogger
2018-01-10FreebufTencent Computer Manager
@online{manager:20180110:analysis:3a5fe83, author = {Tencent Computer Manager}, title = {{Analysis of BlackTech's latest APT attack}}, date = {2018-01-10}, organization = {Freebuf}, url = {http://www.freebuf.com/column/159865.html}, language = {English}, urldate = {2020-01-08} } Analysis of BlackTech's latest APT attack
PLEAD
2018-01-10The RegisterRichard Chirgwin
@online{chirgwin:20180110:taiwanese:1ccf7ce, author = {Richard Chirgwin}, title = {{Taiwanese cops give malware-laden USB sticks as prizes for security quiz}}, date = {2018-01-10}, organization = {The Register}, url = {https://www.theregister.co.uk/2018/01/10/taiwanese_police_malware/}, language = {English}, urldate = {2020-01-09} } Taiwanese cops give malware-laden USB sticks as prizes for security quiz
Virut
2018-01-10WiredLouise Matsakis
@online{matsakis:20180110:hack:73c4c38, author = {Louise Matsakis}, title = {{Hack Brief: Russian Hackers Release Apparent IOC Emails in Wake of Olympic Ban}}, date = {2018-01-10}, organization = {Wired}, url = {https://www.wired.com/story/russian-fancy-bears-hackers-release-apparent-ioc-emails/}, language = {English}, urldate = {2020-01-13} } Hack Brief: Russian Hackers Release Apparent IOC Emails in Wake of Olympic Ban
APT28