Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-18CrowdStrikeFalcon OverWatch Team, CrowdStrike Intelligence Team
@online{team:20201118:hacking:3fb3539, author = {Falcon OverWatch Team and CrowdStrike Intelligence Team}, title = {{Hacking Farm to Table: Threat Hunters Uncover Rise in Attacks Against Agriculture}}, date = {2020-11-18}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-threat-hunting-uncovered-attacks-in-the-agriculture-industry}, language = {English}, urldate = {2020-11-23} } Hacking Farm to Table: Threat Hunters Uncover Rise in Attacks Against Agriculture
2020-11-16MalwarebytesThreat Intelligence Team
@online{team:20201116:malsmoke:0cddf67, author = {Threat Intelligence Team}, title = {{Malsmoke operators abandon exploit kits in favor of social engineering scheme}}, date = {2020-11-16}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2020/11/malsmoke-operators-abandon-exploit-kits-in-favor-of-social-engineering-scheme/}, language = {English}, urldate = {2020-11-18} } Malsmoke operators abandon exploit kits in favor of social engineering scheme
Zloader
2020-11-12BlackberryBlackBerry Research and Intelligence team
@online{team:20201112:costaricto:1d1b0c8, author = {BlackBerry Research and Intelligence team}, title = {{The CostaRicto Campaign: Cyber-Espionage Outsourced}}, date = {2020-11-12}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2020/11/the-costaricto-campaign-cyber-espionage-outsourced}, language = {English}, urldate = {2020-11-19} } The CostaRicto Campaign: Cyber-Espionage Outsourced
SombRAT
2020-10-30CofenseThe Cofense Intelligence Team
@online{team:20201030:ryuk:9166a9a, author = {The Cofense Intelligence Team}, title = {{The Ryuk Threat: Why BazarBackdoor Matters Most}}, date = {2020-10-30}, organization = {Cofense}, url = {https://cofense.com/the-ryuk-threat-why-bazarbackdoor-matters-most/}, language = {English}, urldate = {2020-11-02} } The Ryuk Threat: Why BazarBackdoor Matters Most
BazarBackdoor Ryuk
2020-10-14MalwarebytesThreat Intelligence Team
@online{team:20201014:silent:8149a1d, author = {Threat Intelligence Team}, title = {{Silent Librarian APT right on schedule for 20/21 academic year}}, date = {2020-10-14}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/malwarebytes-news/2020/10/silent-librarian-apt-phishing-attack/}, language = {English}, urldate = {2020-10-23} } Silent Librarian APT right on schedule for 20/21 academic year
2020-10-12MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20201012:trickbot:e4f086f, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{Trickbot disrupted}}, date = {2020-10-12}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/10/12/trickbot-disrupted/}, language = {English}, urldate = {2020-10-12} } Trickbot disrupted
TrickBot
2020-10-08MalwarebytesThreat Intelligence Team
@online{team:20201008:credit:5e7e0b3, author = {Threat Intelligence Team}, title = {{Credit card skimmer targets virtual conference platform}}, date = {2020-10-08}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/malwarebytes-news/2020/10/credit-card-skimmer-targets-virtual-conference-platform/}, language = {English}, urldate = {2020-10-12} } Credit card skimmer targets virtual conference platform
2020-09-24CrowdStrikeCrowdStrike Intelligence Team
@online{team:20200924:double:3b3ade6, author = {CrowdStrike Intelligence Team}, title = {{Double Trouble: Ransomware with Data Leak Extortion, Part 1}}, date = {2020-09-24}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-1}, language = {English}, urldate = {2021-05-31} } Double Trouble: Ransomware with Data Leak Extortion, Part 1
DoppelPaymer Gandcrab LockBit Maze MedusaLocker RagnarLocker SamSam OUTLAW SPIDER OVERLORD SPIDER
2020-09-09MalwarebytesThreat Intelligence Team
@online{team:20200909:malvertising:ed1c3b8, author = {Threat Intelligence Team}, title = {{Malvertising campaigns come back in full swing}}, date = {2020-09-09}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/social-engineering/2020/09/malvertising-campaigns-come-back-in-full-swing/}, language = {English}, urldate = {2020-09-15} } Malvertising campaigns come back in full swing
Raccoon SmokeLoader
2020-08-18F-SecureF-Secure Threat Intelligence Team
@techreport{team:20200818:lazarus:9be8b2a, author = {F-Secure Threat Intelligence Team}, title = {{Lazarus Group Campaign Targeting the Cryptocurrency Vertical}}, date = {2020-08-18}, institution = {F-Secure}, url = {https://labs.f-secure.com/assets/BlogFiles/f-secureLABS-tlp-white-lazarus-threat-intel-report2.pdf}, language = {English}, urldate = {2020-08-31} } Lazarus Group Campaign Targeting the Cryptocurrency Vertical
2020-08-03McAfeeATR Operational Intelligence Team
@online{team:20200803:take:74e0288, author = {ATR Operational Intelligence Team}, title = {{Take a “NetWalk” on the Wild Side}}, date = {2020-08-03}, organization = {McAfee}, url = {https://www.mcafee.com/blogs/other-blogs/mcafee-labs/take-a-netwalk-on-the-wild-side/}, language = {English}, urldate = {2020-08-14} } Take a “NetWalk” on the Wild Side
Mailto
2020-07-22S2W LAB Inc.S2W LAB INTELLIGENCE TEAM
@online{team:20200722:formbook:6297801, author = {S2W LAB INTELLIGENCE TEAM}, title = {{'FormBook Tracker' unveiled on the Dark Web}}, date = {2020-07-22}, organization = {S2W LAB Inc.}, url = {https://drive.google.com/file/d/1oxINyIJfMtv_upJqRK9vLSchIBaU8wiU/view}, language = {English}, urldate = {2020-08-14} } 'FormBook Tracker' unveiled on the Dark Web
Formbook
2020-06-26SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200626:wastedlocker:0e9c75c, author = {Critical Attack Discovery and Intelligence Team}, title = {{WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations}}, date = {2020-06-26}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/wastedlocker-ransomware-us}, language = {English}, urldate = {2020-06-26} } WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations
donut_injector WastedLocker
2020-06-23SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200623:sodinokibi:7eff193, author = {Critical Attack Discovery and Intelligence Team}, title = {{Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike}}, date = {2020-06-23}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/sodinokibi-ransomware-cobalt-strike-pos}, language = {English}, urldate = {2020-06-23} } Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike
Cobalt Strike REvil
2020-06-18MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200618:inside:4d53bcc, author = {Microsoft Threat Protection Intelligence Team}, title = {{Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint (APT33/HOLMIUM)}}, date = {2020-06-18}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/06/18/inside-microsoft-threat-protection-mapping-attack-chains-from-cloud-to-endpoint/}, language = {English}, urldate = {2020-06-19} } Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint (APT33/HOLMIUM)
POWERTON
2020-06-16MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200616:exploiting:3cb9ac3, author = {Microsoft Threat Protection Intelligence Team}, title = {{Exploiting a crisis: How cybercriminals behaved during the outbreak}}, date = {2020-06-16}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/06/16/exploiting-a-crisis-how-cybercriminals-behaved-during-the-outbreak/}, language = {English}, urldate = {2020-06-17} } Exploiting a crisis: How cybercriminals behaved during the outbreak
2020-06-09MalwarebytesThreat Intelligence Team
@online{team:20200609:honda:a44da80, author = {Threat Intelligence Team}, title = {{Honda and Enel impacted by cyber attack suspected to be ransomware}}, date = {2020-06-09}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2020/06/honda-and-enel-impacted-by-cyber-attack-suspected-to-be-ransomware/}, language = {English}, urldate = {2020-06-10} } Honda and Enel impacted by cyber attack suspected to be ransomware
Snake
2020-05-19SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200519:sophisticated:023b1bd, author = {Critical Attack Discovery and Intelligence Team}, title = {{Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia}}, date = {2020-05-19}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/greenbug-espionage-telco-south-asia}, language = {English}, urldate = {2020-05-20} } Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia
ISMAgent ISMDoor
2020-05-04Intel 471Intel 471 Malware Intelligence team
@online{team:20200504:changes:749da4b, author = {Intel 471 Malware Intelligence team}, title = {{Changes in REvil ransomware version 2.2}}, date = {2020-05-04}, organization = {Intel 471}, url = {https://intel471.com/blog/changes-in-revil-ransomware-version-2-2}, language = {English}, urldate = {2021-07-09} } Changes in REvil ransomware version 2.2
REvil
2020-04-28MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200428:ransomware:3205f3a, author = {Microsoft Threat Protection Intelligence Team}, title = {{Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk}}, date = {2020-04-28}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/}, language = {English}, urldate = {2020-05-05} } Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
LockBit Mailto Maze MedusaLocker Paradise RagnarLocker REvil RobinHood