Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:0cfa312, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers}, language = {English}, urldate = {2021-04-21} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-20NHK WORLD-JAPANNHK WORLD-JAPAN
@online{worldjapan:20210420:chinas:ecea155, author = {NHK WORLD-JAPAN}, title = {{China's PLA allegedly behind cyberattacks in Japan}}, date = {2021-04-20}, organization = {NHK WORLD-JAPAN}, url = {https://www3.nhk.or.jp/nhkworld/en/news/20210420_10/}, language = {English}, urldate = {2021-04-20} } China's PLA allegedly behind cyberattacks in Japan
2021-04-20Github (fireeye)FireEye, Mandiant
@online{fireeye:20210420:fireeye:287db5f, author = {FireEye and Mandiant}, title = {{FireEye Mandiant PulseSecure Exploitation Countermeasures}}, date = {2021-04-20}, organization = {Github (fireeye)}, url = {https://github.com/fireeye/pulsesecure_exploitation_countermeasures/}, language = {English}, urldate = {2021-04-20} } FireEye Mandiant PulseSecure Exploitation Countermeasures
2021-04-20NHK WORLD-JAPANNHK WORLD-JAPAN
@online{worldjapan:20210420:chinas:dc183a9, author = {NHK WORLD-JAPAN}, title = {{China's PLA blamed for cyberattacks in Japan}}, date = {2021-04-20}, organization = {NHK WORLD-JAPAN}, url = {https://www3.nhk.or.jp/nhkworld/en/news/20210420_22/}, language = {English}, urldate = {2021-04-20} } China's PLA blamed for cyberattacks in Japan
2021-04-20FireEyeDan Perez, Sarah Jones, Greg Wood, Stephen Eckels, Stroz Friedberg, Joshua Villanueva, Regina Elwell, Jonathan Lepore, Dimiter Andonov, Josh Triplett, Jacob Thompson
@online{perez:20210420:check:986d162, author = {Dan Perez and Sarah Jones and Greg Wood and Stephen Eckels and Stroz Friedberg and Joshua Villanueva and Regina Elwell and Jonathan Lepore and Dimiter Andonov and Josh Triplett and Jacob Thompson}, title = {{Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day}}, date = {2021-04-20}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html}, language = {English}, urldate = {2021-04-21} } Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:66ff4cf, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/}, language = {English}, urldate = {2021-04-20} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-20Medium walmartglobaltechJason Reaves
@online{reaves:20210420:cobaltstrike:d18d4c4, author = {Jason Reaves}, title = {{CobaltStrike Stager Utilizing Floating Point Math}}, date = {2021-04-20}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/cobaltstrike-stager-utilizing-floating-point-math-9bc13f9b9718}, language = {English}, urldate = {2021-04-20} } CobaltStrike Stager Utilizing Floating Point Math
Cobalt Strike
2021-04-19Twitter (@_alex_il_)Alex Ilgayev
@online{ilgayev:20210419:qakbots:b3b929c, author = {Alex Ilgayev}, title = {{Tweet on QakBot's additional decryption mechanism}}, date = {2021-04-19}, organization = {Twitter (@_alex_il_)}, url = {https://twitter.com/_alex_il_/status/1384094623270727685}, language = {English}, urldate = {2021-04-20} } Tweet on QakBot's additional decryption mechanism
QakBot
2021-04-19InfoSec Handlers Diary BlogJan Kopriva
@online{kopriva:20210419:hunting:021a759, author = {Jan Kopriva}, title = {{Hunting phishing websites with favicon hashes}}, date = {2021-04-19}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/forums/diary/Hunting+phishing+websites+with+favicon+hashes/27326/}, language = {English}, urldate = {2021-04-20} } Hunting phishing websites with favicon hashes
2021-04-19Medium elis531989Eli Salem
@online{salem:20210419:dancing:7fbe743, author = {Eli Salem}, title = {{Dancing With Shellcodes: Cracking the latest version of Guloader}}, date = {2021-04-19}, organization = {Medium elis531989}, url = {https://elis531989.medium.com/dancing-with-shellcodes-cracking-the-latest-version-of-guloader-75083fb15cb4}, language = {English}, urldate = {2021-04-20} } Dancing With Shellcodes: Cracking the latest version of Guloader
CloudEyE
2021-04-19NEW YORKEREd Caesar
@online{caesar:20210419:incredible:5435b11, author = {Ed Caesar}, title = {{The Incredible Rise of North Korea’s Hacking Army}}, date = {2021-04-19}, organization = {NEW YORKER}, url = {https://www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army}, language = {English}, urldate = {2021-04-20} } The Incredible Rise of North Korea’s Hacking Army
2021-04-19NetresecErik Hjelmvik
@online{hjelmvik:20210419:analysing:c6bff49, author = {Erik Hjelmvik}, title = {{Analysing a malware PCAP with IcedID and Cobalt Strike traffic}}, date = {2021-04-19}, organization = {Netresec}, url = {https://netresec.com/?b=214d7ff}, language = {English}, urldate = {2021-04-20} } Analysing a malware PCAP with IcedID and Cobalt Strike traffic
Cobalt Strike IcedID
2021-04-19CERT NZCERT NZ
@online{nz:20210419:microsoft:70f3a4e, author = {CERT NZ}, title = {{Microsoft 365 phishing using fake voicemail messages}}, date = {2021-04-19}, organization = {CERT NZ}, url = {https://www.cert.govt.nz/individuals/alerts/microsoft-365-phishing-using-fake-voicemail/}, language = {English}, urldate = {2021-04-20} } Microsoft 365 phishing using fake voicemail messages
2021-04-19Intel 471Intel 471
@online{471:20210419:how:2cba4f2, author = {Intel 471}, title = {{How China’s cybercrime underground is making money off big data}}, date = {2021-04-19}, organization = {Intel 471}, url = {https://intel471.com/blog/china-cybercrime-big-data-privacy-laws/}, language = {English}, urldate = {2021-04-20} } How China’s cybercrime underground is making money off big data
2021-04-19Washington ExaminerTom Rogan
@online{rogan:20210419:inside:4ef6ddb, author = {Tom Rogan}, title = {{Inside the CIA and NSA disagreement over Russian bounties story}}, date = {2021-04-19}, organization = {Washington Examiner}, url = {https://www.washingtonexaminer.com/opinion/inside-the-cia-and-nsa-disagreement-over-russian-bounties-story}, language = {English}, urldate = {2021-04-20} } Inside the CIA and NSA disagreement over Russian bounties story
2021-04-19AnomaliGage Mele, Yury Polozov, Tara Gould
@online{mele:20210419:primitive:25a3c2c, author = {Gage Mele and Yury Polozov and Tara Gould}, title = {{PRIMITIVE BEAR (Gamaredon) Targets Ukraine with Timely Themes}}, date = {2021-04-19}, organization = {Anomali}, url = {https://www.anomali.com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes}, language = {English}, urldate = {2021-04-20} } PRIMITIVE BEAR (Gamaredon) Targets Ukraine with Timely Themes
2021-04-19Sentinel LABSMarco Figueroa
@online{figueroa:20210419:deep:f5cf649, author = {Marco Figueroa}, title = {{A Deep Dive into Zebrocy’s Dropper Docs}}, date = {2021-04-19}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/a-deep-dive-into-zebrocys-dropper-docs/}, language = {English}, urldate = {2021-04-20} } A Deep Dive into Zebrocy’s Dropper Docs
Downdelph
2021-04-19MalwarebytesHossein Jazi
@online{jazi:20210419:lazarus:dd2c372, author = {Hossein Jazi}, title = {{Lazarus APT conceals malicious code within BMP image to drop its RAT}}, date = {2021-04-19}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/malwarebytes-news/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/}, language = {English}, urldate = {2021-04-20} } Lazarus APT conceals malicious code within BMP image to drop its RAT
2021-04-19Youtube (AhmedS Kasmani)AhmedS Kasmani
@online{kasmani:20210419:malware:72a87a6, author = {AhmedS Kasmani}, title = {{Malware Analysis of a Password Stealer}}, date = {2021-04-19}, organization = {Youtube (AhmedS Kasmani)}, url = {https://www.youtube.com/watch?v=MaPXDCq-Gf4}, language = {English}, urldate = {2021-04-21} } Malware Analysis of a Password Stealer
Poulight Stealer
2021-04-18xorl %eax, %eaxAnastasios Pingios
@online{pingios:20210418:us:489347a, author = {Anastasios Pingios}, title = {{US Cyber Operations Groups}}, date = {2021-04-18}, organization = {xorl %eax, %eax}, url = {https://xorl.wordpress.com/2021/04/18/us-cyber-operations-groups/}, language = {English}, urldate = {2021-04-20} } US Cyber Operations Groups