Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2018-01-31ProofpointKafeine
@online{kafeine:20180131:smominru:5a6c554, author = {Kafeine}, title = {{Smominru Monero mining botnet making millions for operators}}, date = {2018-01-31}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/smominru-monero-mining-botnet-making-millions-operators}, language = {English}, urldate = {2019-12-20} } Smominru Monero mining botnet making millions for operators
MyKings Spreader Smominru
2018-01-29ProofpointDarien Huss
@techreport{huss:20180129:north:438b45d, author = {Darien Huss}, title = {{North Korea Bitten by Bitcoin Bug}}, date = {2018-01-29}, institution = {Proofpoint}, url = {https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug-180129.pdf}, language = {English}, urldate = {2020-01-05} } North Korea Bitten by Bitcoin Bug
Bitsran
2018-01-12ProofpointProofpoint Staff
@online{staff:20180112:holiday:b4225b8, author = {Proofpoint Staff}, title = {{Holiday lull? Not so much}}, date = {2018-01-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/holiday-lull-not-so-much}, language = {English}, urldate = {2021-05-31} } Holiday lull? Not so much
Dridex Emotet GlobeImposter ISFB Necurs PandaBanker UrlZone NARWHAL SPIDER
2017-12-19ProofpointDarien Huss
@techreport{huss:20171219:north:b2da03e, author = {Darien Huss}, title = {{North Korea Bitten by Bitcoin Bug}}, date = {2017-12-19}, institution = {Proofpoint}, url = {https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf}, language = {English}, urldate = {2019-10-18} } North Korea Bitten by Bitcoin Bug
QUICKCAFE PowerSpritz Ghost RAT PowerRatankba
2017-12-19ProofpointDarien Huss
@online{huss:20171219:north:e5ef6da, author = {Darien Huss}, title = {{North Korea Bitten by Bitcoin Bug: Financially motivated campaigns reveal new dimension of the Lazarus Group}}, date = {2017-12-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/north-korea-bitten-bitcoin-bug-financially-motivated-campaigns-reveal-new}, language = {English}, urldate = {2019-12-20} } North Korea Bitten by Bitcoin Bug: Financially motivated campaigns reveal new dimension of the Lazarus Group
Ghost RAT
2017-12-14ProofpointProofpoint Staff
@online{staff:20171214:zeus:27fa0fe, author = {Proofpoint Staff}, title = {{Zeus Panda Banking Trojan Targets Online Holiday Shoppers}}, date = {2017-12-14}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/zeus-panda-banking-trojan-targets-online-holiday-shoppers}, language = {English}, urldate = {2019-12-20} } Zeus Panda Banking Trojan Targets Online Holiday Shoppers
PandaBanker
2017-10-19ProofpointKafeine, Pierre T
@online{kafeine:20171019:apt28:927b889, author = {Kafeine and Pierre T}, title = {{APT28 racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed}}, date = {2017-10-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/apt28-racing-exploit-cve-2017-11292-flash-vulnerability-patches-are-deployed}, language = {English}, urldate = {2019-12-20} } APT28 racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed
Seduploader
2017-10-16ProofpointAxel F, Pierre T
@online{f:20171016:leviathan:a898346, author = {Axel F and Pierre T}, title = {{Leviathan: Espionage actor spearphishes maritime and defense targets}}, date = {2017-10-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets}, language = {English}, urldate = {2019-12-20} } Leviathan: Espionage actor spearphishes maritime and defense targets
NanHaiShu SeDll APT40
2017-09-27ProofpointProofpoint Staff
@online{staff:20170927:threat:272e6ac, author = {Proofpoint Staff}, title = {{Threat Actor Profile: TA505, From Dridex to GlobeImposter}}, date = {2017-09-27}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter}, language = {English}, urldate = {2019-12-20} } Threat Actor Profile: TA505, From Dridex to GlobeImposter
TA505
2017-08-25ProofpointDarien Huss, Matthew Mesa
@online{huss:20170825:operation:87e2e2b, author = {Darien Huss and Matthew Mesa}, title = {{Operation RAT Cook: Chinese APT actors use fake Game of Thrones leaks as lures}}, date = {2017-08-25}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/operation-rat-cook-chinese-apt-actors-use-fake-game-thrones-leaks-lures}, language = {English}, urldate = {2019-12-20} } Operation RAT Cook: Chinese APT actors use fake Game of Thrones leaks as lures
9002 RAT
2017-08-24ProofpointProofpoint Staff
@online{staff:20170824:new:51577f3, author = {Proofpoint Staff}, title = {{New Defray Ransomware Targets Education and Healthcare Verticals}}, date = {2017-08-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-defray-ransomware-targets-education-and-healthcare-verticals}, language = {English}, urldate = {2021-02-09} } New Defray Ransomware Targets Education and Healthcare Verticals
Defray
2017-08-24ProofpointProofpoint Staff
@online{staff:20170824:defray:1b0f056, author = {Proofpoint Staff}, title = {{Defray - New Ransomware Targeting Education and Healthcare Verticals}}, date = {2017-08-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/defray-new-ransomware-targeting-education-and-healthcare-verticals}, language = {English}, urldate = {2020-01-10} } Defray - New Ransomware Targeting Education and Healthcare Verticals
Defray
2017-08-17ProofpointDarien Huss
@online{huss:20170817:turla:b519667, author = {Darien Huss}, title = {{Turla APT actor refreshes KopiLuwak JavaScript backdoor for use in G20-themed attack}}, date = {2017-08-17}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/turla-apt-actor-refreshes-kopiluwak-javascript-backdoor-use-g20-themed-attack}, language = {English}, urldate = {2019-12-20} } Turla APT actor refreshes KopiLuwak JavaScript backdoor for use in G20-themed attack
KopiLuwak
2017-07-31ProofpointMatthew Mesa, Darien Huss
@online{mesa:20170731:fin7carbanak:2eef6f2, author = {Matthew Mesa and Darien Huss}, title = {{FIN7/Carbanak threat actor unleashes Bateleur JScript backdoor}}, date = {2017-07-31}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/fin7carbanak-threat-actor-unleashes-bateleur-jscript-backdoor}, language = {English}, urldate = {2019-12-20} } FIN7/Carbanak threat actor unleashes Bateleur JScript backdoor
Bateleur FIN7
2017-07-13ProofpointProofpoint Staff
@online{staff:20170713:meet:406ca2c, author = {Proofpoint Staff}, title = {{Meet Ovidiy Stealer: Bringing credential theft to the masses}}, date = {2017-07-13}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/meet-ovidiy-stealer-bringing-credential-theft-masses}, language = {English}, urldate = {2019-12-20} } Meet Ovidiy Stealer: Bringing credential theft to the masses
OvidiyStealer
2017-06-20ProofpointKafeine
@online{kafeine:20170620:adgholas:8ca8d57, author = {Kafeine}, title = {{AdGholas Malvertising Campaign Using Astrum EK to Deliver Mole Ransomware}}, date = {2017-06-20}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/adgholas-malvertising-campaign-using-astrum-ek-deliver-mole-ransomware}, language = {English}, urldate = {2019-12-20} } AdGholas Malvertising Campaign Using Astrum EK to Deliver Mole Ransomware
Mole
2017-06-01ProofpointMatthew Mesa, Axel F, Pierre T, Travis Green
@online{mesa:20170601:microsoft:77dd3ab, author = {Matthew Mesa and Axel F and Pierre T and Travis Green}, title = {{Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions}}, date = {2017-06-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/microsoft-word-intruder-integrates-cve-2017-0199-utilized-cobalt-group-target}, language = {English}, urldate = {2019-12-20} } Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions
Cobalt
2017-05-15ProofpointKafeine
@online{kafeine:20170515:adylkuzz:c94b40e, author = {Kafeine}, title = {{Adylkuzz Cryptocurrency Mining Malware Spreading for Weeks Via EternalBlue/DoublePulsar}}, date = {2017-05-15}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/adylkuzz-cryptocurrency-mining-malware-spreading-for-weeks-via-eternalblue-doublepulsar}, language = {English}, urldate = {2019-12-20} } Adylkuzz Cryptocurrency Mining Malware Spreading for Weeks Via EternalBlue/DoublePulsar
Adylkuzz
2017-05-11ProofpointProofpoint Staff
@online{staff:20170511:jaff:1e6dde7, author = {Proofpoint Staff}, title = {{Jaff - New Ransomware From the Actors Behind the Distribution of Dridex, Locky, and Bart}}, date = {2017-05-11}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/jaff-new-ransomware-from-actors-behind-distribution-of-dridex-locky-bart}, language = {English}, urldate = {2019-12-20} } Jaff - New Ransomware From the Actors Behind the Distribution of Dridex, Locky, and Bart
Jaff
2017-05-10ProofpointProofpoint Staff
@online{staff:20170510:introducing:7355f5b, author = {Proofpoint Staff}, title = {{Introducing Loda Malware}}, date = {2017-05-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/introducing-loda-malware}, language = {English}, urldate = {2019-12-20} } Introducing Loda Malware
Loda