Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-14BlackberryBlackBerry Research & Intelligence Team
@online{team:20230314:nobelium:f35029b, author = {BlackBerry Research & Intelligence Team}, title = {{NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine}}, date = {2023-03-14}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine}, language = {English}, urldate = {2023-03-14} } NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine
EnvyScout GraphicalNeutrino
2023-03-14GoogleBenoit Sevens
@online{sevens:20230314:magniber:5f03fd7, author = {Benoit Sevens}, title = {{Magniber ransomware actors used a variant of Microsoft SmartScreen bypass}}, date = {2023-03-14}, organization = {Google}, url = {https://blog.google/threat-analysis-group/magniber-ransomware-actors-used-a-variant-of-microsoft-smartscreen-bypass/}, language = {English}, urldate = {2023-03-20} } Magniber ransomware actors used a variant of Microsoft SmartScreen bypass
Magniber
2023-03-14ESET ResearchFacundo Muñoz
@online{muoz:20230314:slow:328edad, author = {Facundo Muñoz}, title = {{The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia}}, date = {2023-03-14}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/03/14/slow-ticking-time-bomb-tick-apt-group-dlp-software-developer-east-asia/}, language = {English}, urldate = {2023-03-20} } The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
2023-03-13SentinelOneJim Walter
@online{walter:20230313:catb:ea73312, author = {Jim Walter}, title = {{CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking}}, date = {2023-03-13}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/decrypting-catb-ransomware-analyzing-their-latest-attack-methods/}, language = {English}, urldate = {2023-03-15} } CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking
CatB
2023-03-09Cyble
@online{cyble:20230309:blacksnake:fa8970a, author = {Cyble}, title = {{BlackSnake Ransomware Emerges from Chaos Ransomware’s Shadow}}, date = {2023-03-09}, url = {https://blog.cyble.com/2023/03/09/blacksnake-ransomware-emerges-from-chaos-ransomwares-shadow/}, language = {English}, urldate = {2023-03-13} } BlackSnake Ransomware Emerges from Chaos Ransomware’s Shadow
BlackSnake
2023-03-09State Service of Special Communication and Information Protection of Ukraine (CIP)
@online{cip:20230309:russias:f40dc09, author = {State Service of Special Communication and Information Protection of Ukraine (CIP)}, title = {{Russia's Cyber Tactics: Lessons Learned 2022}}, date = {2023-03-09}, url = {https://cip.gov.ua/services/cm/api/attachment/download?id=53466}, language = {English}, urldate = {2023-03-13} } Russia's Cyber Tactics: Lessons Learned 2022
2023-03-09VulnCheckJacob Baines
@online{baines:20230309:vulncheck:55f2b21, author = {Jacob Baines}, title = {{The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries}}, date = {2023-03-09}, organization = {VulnCheck}, url = {https://vulncheck.com/blog/2022-missing-kev-report}, language = {English}, urldate = {2023-03-13} } The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries
2023-03-09binarlyAleksandr Matrosov
@online{matrosov:20230309:untold:ccb6198, author = {Aleksandr Matrosov}, title = {{The Untold Story of the BlackLotus UEFI Bootkit}}, date = {2023-03-09}, organization = {binarly}, url = {https://www.binarly.io/posts/The_Untold_Story_of_the_BlackLotus_UEFI_Bootkit/index.html}, language = {English}, urldate = {2023-03-20} } The Untold Story of the BlackLotus UEFI Bootkit
BlackLotus
2023-03-07Check Point ResearchCheck Point Research
@online{research:20230307:pandas:2e3c757, author = {Check Point Research}, title = {{Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities}}, date = {2023-03-07}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/pandas-with-a-soul-chinese-espionage-attacks-against-southeast-asian-government-entities/}, language = {English}, urldate = {2023-03-13} } Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities
8.t Dropper Soul Unidentified 089 (Downloader)
2023-03-07BleepingComputerLawrence Abrams
@online{abrams:20230307:emotet:734058c, author = {Lawrence Abrams}, title = {{Emotet malware attacks return after three-month break}}, date = {2023-03-07}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/emotet-malware-attacks-return-after-three-month-break/}, language = {English}, urldate = {2023-03-13} } Emotet malware attacks return after three-month break
Emotet
2023-03-06LumenBlack Lotus Labs
@online{labs:20230306:new:5e68769, author = {Black Lotus Labs}, title = {{New HiatusRAT Router Malware Covertly Spies On Victims}}, date = {2023-03-06}, organization = {Lumen}, url = {https://blog.lumen.com/new-hiatusrat-router-malware-covertly-spies-on-victims/}, language = {English}, urldate = {2023-03-13} } New HiatusRAT Router Malware Covertly Spies On Victims
HiatusRAT
2023-03-02ESET ResearchAlexandre Côté Cyr
@online{cyr:20230302:mqsttang:b7dee51, author = {Alexandre Côté Cyr}, title = {{MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT}}, date = {2023-03-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/}, language = {English}, urldate = {2023-03-13} } MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT
MQsTTang
2023-03-02ThreatMonThreatMon Malware Research Team
@online{team:20230302:behind:ecf31e4, author = {ThreatMon Malware Research Team}, title = {{Behind the Breaches: Mapping Threat Actors and Their CVE Exploits}}, date = {2023-03-02}, organization = {ThreatMon}, url = {https://threatmon.io/behind-the-breaches-mapping-threat-actors-and-their-cve-exploits/}, language = {English}, urldate = {2023-03-13} } Behind the Breaches: Mapping Threat Actors and Their CVE Exploits
2023-03-02Wiz.ioAmitai Cohen, Barak Sharoni
@online{cohen:20230302:redirection:99da152, author = {Amitai Cohen and Barak Sharoni}, title = {{Redirection Roulette: Thousands of hijacked websites in East Asia redirecting visitors to other sites}}, date = {2023-03-02}, organization = {Wiz.io}, url = {https://www.wiz.io/blog/redirection-roulette}, language = {English}, urldate = {2023-03-13} } Redirection Roulette: Thousands of hijacked websites in East Asia redirecting visitors to other sites
2023-03-01ESET ResearchMartin Smolár
@online{smolr:20230301:blacklotus:5ce99dc, author = {Martin Smolár}, title = {{BlackLotus UEFI bootkit: Myth confirmed}}, date = {2023-03-01}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/}, language = {English}, urldate = {2023-03-04} } BlackLotus UEFI bootkit: Myth confirmed
BlackLotus
2023-02-28UptycsUptycs Threat Research
@online{research:20230228:cryptocurrency:11d4475, author = {Uptycs Threat Research}, title = {{Cryptocurrency Entities at Risk: Threat Actor Uses Parallax RAT for Infiltration}}, date = {2023-02-28}, organization = {Uptycs}, url = {https://www.uptycs.com/blog/cryptocurrency-entities-at-risk-threat-actor-uses-parallax-rat-for-infiltration}, language = {English}, urldate = {2023-03-04} } Cryptocurrency Entities at Risk: Threat Actor Uses Parallax RAT for Infiltration
Parallax RAT
2023-02-23Jamf BlogMatt Benyo, Ferdous Saljooki, Jaron Bradley
@online{benyo:20230223:evasive:71d600c, author = {Matt Benyo and Ferdous Saljooki and Jaron Bradley}, title = {{Evasive cryptojacking malware targeting macOS found lurking in pirated applications}}, date = {2023-02-23}, organization = {Jamf Blog}, url = {https://www.jamf.com/blog/cryptojacking-macos-malware-discovered-by-jamf-threat-labs/}, language = {English}, urldate = {2023-02-27} } Evasive cryptojacking malware targeting macOS found lurking in pirated applications
2023-02-23BitdefenderMartin Zugec, Bitdefender Team
@online{zugec:20230223:technical:710242c, author = {Martin Zugec and Bitdefender Team}, title = {{Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966}}, date = {2023-02-23}, organization = {Bitdefender}, url = {https://businessinsights.bitdefender.com/tech-advisory-manageengine-cve-2022-47966}, language = {English}, urldate = {2023-02-27} } Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966
Cobalt Strike DarkComet RATel
2023-02-23CERT.PLJarosław Jedynak, Michał Praszmo
@online{jedynak:20230223:tale:4a0d4cd, author = {Jarosław Jedynak and Michał Praszmo}, title = {{A tale of Phobos - how we almost cracked a ransomware using CUDA}}, date = {2023-02-23}, organization = {CERT.PL}, url = {https://cert.pl/en/posts/2023/02/breaking-phobos/}, language = {English}, urldate = {2023-02-27} } A tale of Phobos - how we almost cracked a ransomware using CUDA
Phobos
2023-02-23ESET ResearchVladislav Hrčka
@online{hrka:20230223:winordll64:73e8cbf, author = {Vladislav Hrčka}, title = {{WinorDLL64: A backdoor from the vast Lazarus arsenal?}}, date = {2023-02-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/02/23/winordll64-backdoor-vast-lazarus-arsenal/}, language = {English}, urldate = {2023-02-27} } WinorDLL64: A backdoor from the vast Lazarus arsenal?
WinorDLL64