Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-10-16RiskIQJohn Omernik
LNKR: More than Just a Browser Extension
LNKR
2019-09-24The Citizen LabAdam Hulcoop, and Ron Deibert, Bahr Abdul Razzak, Bill Marczak, Etienne Maynier, John Scott-Railton, Masashi Crete-Nishihata
Missing Link Tibetan Groups Targeted with 1-Click Mobile Exploits
PoisonCarp POISON CARP
2019-09-09Trend MicroEarle Earnshaw, Johnlery Triunfante
‘Purple Fox’ Fileless Malware with Rookit Component Delivered by Rig Exploit Kit Now Abuses PowerShell
PurpleFox
2019-07-24IBM X-Force ExchangeJohn Kuhn
GuessWho Ransomware – A Variant of Rapid Ransomware
Rapid Ransom
2019-04-17Twitter (JohnLaTwC)John Lambert
Tweet on an unidentified VBS Backdoor
Unidentified VBS 001
2019-04-16FireEyeBen Read, Chi-en Shen, John Hultquist, Oleg Bondarenko
Spear Phishing Campaign Targets Ukraine Government and Military; Infrastructure Reveals Potential Link to So-Called Luhansk People's Republic
Quasar RAT Vermin
2019-02-07ThreatStopJohn Bambenek
An Inside Look at the Infrastructure Behind the Russian APT Gamaredon Group
Pteranodon
2019-01-24Cisco TalosJohn Arneson
Cisco AMP tracks new campaign that delivers Ursnif
ISFB
2019-01-09McAfeeChristiaan Beek, John Fokker
Ryuk Ransomware Attack: Rush to Attribution Misses the Point
Ryuk
2018-10-30Alexander Solad, Daniel Hatheway, John Fokker, Marc Rivero López
Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
Kraken
2018-10-30McAfeeJohn Fokker, Marc Rivero López
Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
Kraken
2018-09-18The CitizenlabBahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Sarah McKune
Hide and Seek: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
Chrysaor
2018-05-15ReutersHugh Lawson, Niklas Pollard, Olof Swahnberg, Simon Johnson
Swedish sports body says anti-doping unit hit by hacking attack
APT28
2018-04-08Twitter (@JohnLaTwC)John Lambert
Tweet on ConMiner WebAssembly
CryptoNight
2018-04-08Gist (JohnLaTwC)John Lambert
Cryptonight currency miner WASM
CryptoNight
2018-03-09Adam Senft, Bill Marczak, Jakub Dalek, John Scott-Railton, Ron Deibert, Sarah McKune
Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?
StrongPity
2018-02-20Twitter (@JohnLaTwC)John Lambert
Tweet on EvilOSX
EvilOSX
2018-02-06ForcepointJohn Bergbom
DanderSpritz/PeddleCheap traffic analysis (Part 1 of 2)
PeddleCheap
2017-12-14FireEyeBlake Johnson, Christopher Glyer, Dan Caban, Dan Scali, Marina Krotofil, Nathan Brubaker
Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure
Triton TEMP.Veles
2017-12-06The Citizen LabBill Marczak, Geoffrey Alexander, John Scott-Railton, Ron Deibert, Sarah McKune
Champing at the Cyberbit Ethiopian Dissidents Targeted with New Commercial Spyware
PC Surveillance System