Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-02360 Total Securitykate
@online{kate:20210402:txt:1216a3c, author = {kate}, title = {{A “txt file” can steal all your secrets}}, date = {2021-04-02}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/a-txt-file-can-steal-all-your-secrets/?web_view=true}, language = {English}, urldate = {2021-04-06} } A “txt file” can steal all your secrets
Poulight Stealer
2021-03-23360 Core Security360 Core Security
@online{security:20210323:remrat:895cb4e, author = {360 Core Security}, title = {{RemRAT: Android spyware that has been lurking in the Middle East for many years}}, date = {2021-03-23}, organization = {360 Core Security}, url = {https://blogs.360.cn/post/analysis-of-RemRAT.html}, language = {Chinese}, urldate = {2021-03-25} } RemRAT: Android spyware that has been lurking in the Middle East for many years
RemRAT
2021-03-18360 netlabJinye, YANG XU
@online{jinye:20210318:necro:e22f5c1, author = {Jinye and YANG XU}, title = {{Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux}}, date = {2021-03-18}, organization = {360 netlab}, url = {https://blog.netlab.360.com/necro-upgrades-again-using-tor-dynamic-domain-dga-and-aiming-at-both-windows-linux/}, language = {English}, urldate = {2021-03-19} } Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux
N3Cr0m0rPh
2021-03-12360 netlabAlex.Turing, liuyang, YANG XU
@online{alexturing:20210312:new:37158fe, author = {Alex.Turing and liuyang and YANG XU}, title = {{New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims}}, date = {2021-03-12}, organization = {360 netlab}, url = {https://blog.netlab.360.com/new_threat_zhtrap_botnet_en/}, language = {English}, urldate = {2021-03-16} } New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims
ZHtrap
2021-03-09360 netlabJiaYu
@online{jiayu:20210309:threat:fa2a2a3, author = {JiaYu}, title = {{Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities}}, date = {2021-03-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/threat-alert-z0miner-is-spreading-quickly-by-exploiting-elasticsearch-and-jenkins-vulnerabilities/}, language = {English}, urldate = {2021-03-11} } Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
2021-03-05360 netlabYanlong Ma, JiaYu, GenShen Ye
@online{ma:20210305:qnap:c353950, author = {Yanlong Ma and JiaYu and GenShen Ye}, title = {{QNAP NAS users, make sure you check your system}}, date = {2021-03-05}, organization = {360 netlab}, url = {https://blog.netlab.360.com/qnap-nas-users-make-sure-you-check-your-system/}, language = {English}, urldate = {2021-03-22} } QNAP NAS users, make sure you check your system
QNAPCrypt
2021-03-04360 netlabJinye
@online{jinye:20210304:gafgtyttor:ba71f67, author = {Jinye}, title = {{Gafgtyt_tor and Necro are on the move again}}, date = {2021-03-04}, organization = {360 netlab}, url = {https://blog.netlab.360.com/gafgtyt_tor-and-necro-are-on-the-move-again/}, language = {English}, urldate = {2021-03-06} } Gafgtyt_tor and Necro are on the move again
Bashlite N3Cr0m0rPh
2021-03-03360 netlabGenShen Ye, Alex Turing
@online{ye:20210303:fbot:4bee771, author = {GenShen Ye and Alex Turing}, title = {{Fbot is now riding the traffic and transportation smart devices}}, date = {2021-03-03}, organization = {360 netlab}, url = {https://blog.netlab.360.com/fbot-is-now-riding-the-traffic-and-transportation-smart-devices-en/}, language = {English}, urldate = {2021-03-04} } Fbot is now riding the traffic and transportation smart devices
FBot
2021-02-25360 Total Securitykate
@online{kate:20210225:darkworld:c49b538, author = {kate}, title = {{DarkWorld Ransomware}}, date = {2021-02-25}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/darkworld-ransomware/}, language = {English}, urldate = {2021-02-25} } DarkWorld Ransomware
2021-02-10360 netlabLiu Ya
@online{ya:20210210:rinfo:52ad312, author = {Liu Ya}, title = {{Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed}}, date = {2021-02-10}, organization = {360 netlab}, url = {https://blog.netlab.360.com/rinfo-is-making-a-comeback-and-is-scanning-and-mining-in-full-speed/}, language = {English}, urldate = {2021-02-20} } Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed
2021-01-26360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210126:shell:b75c032, author = {Advanced Threat Institute}, title = {{Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret}}, date = {2021-01-26}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/W-C_tKVnXco8C3ctgAjoNQ}, language = {Chinese}, urldate = {2021-01-27} } Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret
2021-01-21360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210121:disclosure:7709c9e, author = {Advanced Threat Institute}, title = {{Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack}}, date = {2021-01-21}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/C09P0al1nhsyyujHRp0FAw}, language = {Chinese}, urldate = {2021-01-26} } Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria
2020-12-18360Quake360Quake
@online{360quake:20201218:solarwinds:1b22539, author = {360Quake}, title = {{SolarWinds失陷服务器测绘分析报告}}, date = {2020-12-18}, organization = {360Quake}, url = {https://www.anquanke.com/post/id/226029}, language = {Chinese}, urldate = {2020-12-23} } SolarWinds失陷服务器测绘分析报告
SUPERNOVA
2020-12-16360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20201216:aptc47clickonce:8643850, author = {Advanced Threat Institute}, title = {{旺刺组织(APT-C-47)使用ClickOnce技术的攻击活动披露}}, date = {2020-12-16}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/h_MUJfa3QGM9SqT_kzcdHQ}, language = {Chinese}, urldate = {2021-01-01} } 旺刺组织(APT-C-47)使用ClickOnce技术的攻击活动披露
2020-12-15360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20201215:operation:899bf4d, author = {Advanced Threat Institute}, title = {{Operation Falling Eagle-the secret of the most influential supply chain attack in history}}, date = {2020-12-15}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/lh7y_KHUxag_-pcFBC7d0Q}, language = {Chinese}, urldate = {2020-12-18} } Operation Falling Eagle-the secret of the most influential supply chain attack in history
SUNBURST
2020-12-04360 Core Security360
@online{360:20201204:domestic:4c457ee, author = {360}, title = {{Domestic Kitten组织(APT-C-50)针对中东地区反政府群体的监控活动}}, date = {2020-12-04}, organization = {360 Core Security}, url = {https://blogs.360.cn/post/APT-C-50.html}, language = {Chinese}, urldate = {2020-12-17} } Domestic Kitten组织(APT-C-50)针对中东地区反政府群体的监控活动
2020-12-03360 netlabYanlong Ma, GenShen Ye
@online{ma:20201203:another:bb8fa99, author = {Yanlong Ma and GenShen Ye}, title = {{Another LILIN DVR 0-day being used to spread Mirai}}, date = {2020-12-03}, organization = {360 netlab}, url = {https://blog.netlab.360.com/another-lilin-dvr-0-day-being-used-to-spread-mirai-en/}, language = {English}, urldate = {2020-12-08} } Another LILIN DVR 0-day being used to spread Mirai
Mirai
2020-12-01360.cnjindanlong
@online{jindanlong:20201201:hunting:b9e2674, author = {jindanlong}, title = {{Hunting Beacons}}, date = {2020-12-01}, organization = {360.cn}, url = {https://quake.360.cn/quake/#/reportDetail?id=5fc6fedd191038c3b25c4950}, language = {English}, urldate = {2021-01-10} } Hunting Beacons
Cobalt Strike
2020-11-24360 netlabJiaYu
@online{jiayu:20201124:blackrota:8a46a54, author = {JiaYu}, title = {{Blackrota, a heavily obfuscated backdoor written in Go}}, date = {2020-11-24}, organization = {360 netlab}, url = {https://blog.netlab.360.com/blackrota-an-obfuscated-backdoor-written-in-go-en/}, language = {English}, urldate = {2020-12-03} } Blackrota, a heavily obfuscated backdoor written in Go
Blackrota
2020-11-20360kate
@online{kate:20201120:360:949bcc5, author = {kate}, title = {{360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico}}, date = {2020-11-20}, organization = {360}, url = {https://blog.360totalsecurity.com/en/360-file-less-attack-protection-intercepts-the-banker-trojan-bbtok-active-in-mexico/}, language = {English}, urldate = {2020-11-25} } 360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico
BBtok