Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-03-23MalwarebytesThreat Intelligence Team
@online{team:20200323:fake:f3a2cbc, author = {Threat Intelligence Team}, title = {{Fake “Corona Antivirus” distributes BlackNET remote administration tool}}, date = {2020-03-23}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2020/03/fake-corona-antivirus-distributes-blacknet-remote-administration-tool/}, language = {English}, urldate = {2020-07-13} } Fake “Corona Antivirus” distributes BlackNET remote administration tool
BlackNET RAT
2020-03-19Twitter (@MBThreatIntel)Malwarebytes Threat Intelligence Team
@online{team:20200319:poulight:b94731b, author = {Malwarebytes Threat Intelligence Team}, title = {{Tweet on Poulight Stealer}}, date = {2020-03-19}, organization = {Twitter (@MBThreatIntel)}, url = {https://twitter.com/MBThreatIntel/status/1240389621638402049?s=20}, language = {English}, urldate = {2020-03-25} } Tweet on Poulight Stealer
Poulight Stealer
2020-03-05MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200305:humanoperated:d90a28e, author = {Microsoft Threat Protection Intelligence Team}, title = {{Human-operated ransomware attacks: A preventable disaster}}, date = {2020-03-05}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/}, language = {English}, urldate = {2020-03-06} } Human-operated ransomware attacks: A preventable disaster
Dharma DoppelPaymer Dridex EternalPetya Gandcrab Hermes LockerGoga MegaCortex MimiKatz REvil RobinHood Ryuk SamSam TrickBot WannaCryptor PARINACOTA
2019-12-03MalwarebytesThreat Intelligence Team
@online{team:20191203:new:39b59e1, author = {Threat Intelligence Team}, title = {{New version of IcedID Trojan uses steganographic payloads}}, date = {2019-12-03}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2019/12/new-version-of-icedid-trojan-uses-steganographic-payloads/}, language = {English}, urldate = {2019-12-24} } New version of IcedID Trojan uses steganographic payloads
IcedID
2019-09-25CylanceCylance Research and Intelligence Team
@online{team:20190925:pcshare:ac2d45a, author = {Cylance Research and Intelligence Team}, title = {{PcShare Backdoor Attacks Targeting Windows Users with FakeNarrator Malware}}, date = {2019-09-25}, organization = {Cylance}, url = {https://web.archive.org/web/20191115210757/https://threatvector.cylance.com/en_us/home/pcshare-backdoor-attacks-targeting-windows-users-with-fakenarrator-malware.html}, language = {English}, urldate = {2021-10-24} } PcShare Backdoor Attacks Targeting Windows Users with FakeNarrator Malware
PcShare
2019-09-16MalwarebytesThreat Intelligence Team
@online{team:20190916:emotet:9c6c8f3, author = {Threat Intelligence Team}, title = {{Emotet is back: botnet springs back to life with new spam campaign}}, date = {2019-09-16}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/botnets/2019/09/emotet-is-back-botnet-springs-back-to-life-with-new-spam-campaign/}, language = {English}, urldate = {2019-12-20} } Emotet is back: botnet springs back to life with new spam campaign
Emotet
2019-06-20SymantecSymantec DeepSight Adversary Intelligence Team, Symantec Network Protection Security Labs
@online{team:20190620:waterbug:9c50dd1, author = {Symantec DeepSight Adversary Intelligence Team and Symantec Network Protection Security Labs}, title = {{Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments}}, date = {2019-06-20}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/waterbug-espionage-governments}, language = {English}, urldate = {2020-01-13} } Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments
LightNeuron
2019-05-14CylanceCylance Research, Intelligence Team
@online{research:20190514:reaver:1c6651d, author = {Cylance Research and Intelligence Team}, title = {{Reaver: Mapping Connections Between Disparate Chinese APT Groups}}, date = {2019-05-14}, organization = {Cylance}, url = {https://threatvector.cylance.com/en_us/home/reaver-mapping-connections-between-disparate-chinese-apt-groups.html}, language = {English}, urldate = {2019-12-24} } Reaver: Mapping Connections Between Disparate Chinese APT Groups
Reaver Sparkle
2019-04-02CylanceCylance Research, Intelligence Team
@online{research:20190402:report:83c188f, author = {Cylance Research and Intelligence Team}, title = {{Report: OceanLotus APT Group Leveraging Steganography}}, date = {2019-04-02}, organization = {Cylance}, url = {https://threatvector.cylance.com/en_us/home/report-oceanlotus-apt-group-leveraging-steganography.html}, language = {English}, urldate = {2019-10-22} } Report: OceanLotus APT Group Leveraging Steganography
Remy
2019-03-27SymantecCritical Attack Discovery and Intelligence Team
@online{team:20190327:elfin:d90a330, author = {Critical Attack Discovery and Intelligence Team}, title = {{Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.}}, date = {2019-03-27}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/threat-intelligence/elfin-apt33-espionage}, language = {English}, urldate = {2020-04-21} } Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.
DarkComet MimiKatz Nanocore RAT NetWire RC pupy Quasar RAT Remcos StoneDrill TURNEDUP APT33
2019-02-16AvastThreat Intelligence Team
@online{team:20190216:spoofing:eeffd53, author = {Threat Intelligence Team}, title = {{Spoofing in the reeds with Rietspoof}}, date = {2019-02-16}, organization = {Avast}, url = {https://blog.avast.com/rietspoof-malware-increases-activity}, language = {English}, urldate = {2020-01-10} } Spoofing in the reeds with Rietspoof
Rietspoof
2018-12-14SymantecCritical Attack Discovery and Intelligence Team
@online{team:20181214:shamoon:1f24fa5, author = {Critical Attack Discovery and Intelligence Team}, title = {{Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail}}, date = {2018-12-14}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/threat-intelligence/shamoon-destructive-threat-re-emerges-new-sting-its-tail}, language = {English}, urldate = {2020-04-21} } Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail
DistTrack Filerase StoneDrill OilRig
2018-12-10SymantecSymantec DeepSight Adversary Intelligence Team
@online{team:20181210:seedworm:d6dba3c, author = {Symantec DeepSight Adversary Intelligence Team}, title = {{Seedworm: Group Compromises Government Agencies, Oil & Gas, NGOs, Telecoms, and IT Firms}}, date = {2018-12-10}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/seedworm-espionage-group}, language = {English}, urldate = {2019-11-17} } Seedworm: Group Compromises Government Agencies, Oil & Gas, NGOs, Telecoms, and IT Firms
MuddyWater
2018-11-08SymantecCritical Attack Discovery and Intelligence Team
@online{team:20181108:fastcash:acf8e38, author = {Critical Attack Discovery and Intelligence Team}, title = {{FASTCash: How the Lazarus Group is Emptying Millions from ATMs}}, date = {2018-11-08}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware}, language = {English}, urldate = {2020-04-21} } FASTCash: How the Lazarus Group is Emptying Millions from ATMs
FastCash Lazarus Group
2018-10-04SymantecCritical Attack Discovery and Intelligence Team
@online{team:20181004:apt28:97a1356, author = {Critical Attack Discovery and Intelligence Team}, title = {{APT28: New Espionage Operations Target Military and Government Organizations}}, date = {2018-10-04}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/election-security/apt28-espionage-military-government}, language = {English}, urldate = {2020-04-21} } APT28: New Espionage Operations Target Military and Government Organizations
LoJax Seduploader X-Agent XTunnel Zebrocy APT28
2018-09-27AvastThreat Intelligence Team
@online{team:20180927:torii:186f7d7, author = {Threat Intelligence Team}, title = {{Torii botnet - Not another Mirai variant}}, date = {2018-09-27}, organization = {Avast}, url = {https://blog.avast.com/new-torii-botnet-threat-research}, language = {English}, urldate = {2020-01-13} } Torii botnet - Not another Mirai variant
Torii
2018-07-25SymantecCritical Attack Discovery and Intelligence Team, Network Protection Security Labs
@online{team:20180725:leafminer:0591f9b, author = {Critical Attack Discovery and Intelligence Team and Network Protection Security Labs}, title = {{Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions}}, date = {2018-07-25}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/threat-intelligence/leafminer-espionage-middle-east}, language = {English}, urldate = {2020-04-21} } Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions
Imecab MimiKatz Sorgu RASPITE
2018-03-08AvastThreat Intelligence Team
@online{team:20180308:new:f825c46, author = {Threat Intelligence Team}, title = {{New investigations into the CCleaner incident point to a possible third stage that had keylogger capacities}}, date = {2018-03-08}, organization = {Avast}, url = {https://blog.avast.com/new-investigations-in-ccleaner-incident-point-to-a-possible-third-stage-that-had-keylogger-capacities}, language = {English}, urldate = {2020-01-08} } New investigations into the CCleaner incident point to a possible third stage that had keylogger capacities
CCleaner Backdoor
2018-02-28SymantecCritical Attack Discovery and Intelligence Team
@online{team:20180228:chafer:5b5b77b, author = {Critical Attack Discovery and Intelligence Team}, title = {{Chafer: Latest Attacks Reveal Heightened Ambitions}}, date = {2018-02-28}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/threat-intelligence/chafer-latest-attacks-reveal-heightened-ambitions}, language = {English}, urldate = {2020-04-21} } Chafer: Latest Attacks Reveal Heightened Ambitions
MimiKatz Remexi
2018-02-21AvastThreat Intelligence Team
@online{team:20180221:avast:3991fd0, author = {Threat Intelligence Team}, title = {{Avast tracks down Tempting Cedar Spyware}}, date = {2018-02-21}, organization = {Avast}, url = {https://blog.avast.com/avast-tracks-down-tempting-cedar-spyware}, language = {English}, urldate = {2020-01-08} } Avast tracks down Tempting Cedar Spyware
TemptingCedar Spyware