Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-10CheckpointCheckpoint
@online{checkpoint:20220510:infostealer:33aee4a, author = {Checkpoint}, title = {{Info-stealer Campaign targets German Car Dealerships and Manufacturers}}, date = {2022-05-10}, organization = {Checkpoint}, url = {https://blog.checkpoint.com/2022/05/10/a-german-car-attack-on-german-vehicle-businesses/}, language = {English}, urldate = {2022-05-13} } Info-stealer Campaign targets German Car Dealerships and Manufacturers
Azorult BitRAT Raccoon
2022-04-04LAC WATCHTakehiko Takagen
@online{takagen:20220404:confirmation:c2fd43a, author = {Takehiko Takagen}, title = {{Confirmation of damage to domestic e-commerce sites, actual situation of Web skimming attacks and examples of countermeasures that Rack thinks (Water Pamola)}}, date = {2022-04-04}, organization = {LAC WATCH}, url = {https://www.lac.co.jp/lacwatch/report/20220407_002923.html}, language = {Japanese}, urldate = {2022-04-08} } Confirmation of damage to domestic e-commerce sites, actual situation of Web skimming attacks and examples of countermeasures that Rack thinks (Water Pamola)
FAKEUPDATES
2022-03-16DragosJosh Hanrahan
@online{hanrahan:20220316:suspected:325fc01, author = {Josh Hanrahan}, title = {{Suspected Conti Ransomware Activity in the Auto Manufacturing Sector}}, date = {2022-03-16}, organization = {Dragos}, url = {https://www.dragos.com/blog/industry-news/suspected-conti-ransomware-activity-in-the-auto-manufacturing-sector/}, language = {English}, urldate = {2022-03-17} } Suspected Conti Ransomware Activity in the Auto Manufacturing Sector
Conti Emotet
2022-01-16forensicitguyTony Lambert
@online{lambert:20220116:analyzing:2c8a9db, author = {Tony Lambert}, title = {{Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike}}, date = {2022-01-16}, organization = {forensicitguy}, url = {https://forensicitguy.github.io/analyzing-cactustorch-hta-cobaltstrike/}, language = {English}, urldate = {2022-01-25} } Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike
CACTUSTORCH Cobalt Strike
2021-05-05TRUESECMattias Wåhlén
@online{whln:20210505:are:61bb8a0, author = {Mattias Wåhlén}, title = {{Are The Notorious Cyber Criminals Evil Corp actually Russian Spies?}}, date = {2021-05-05}, organization = {TRUESEC}, url = {https://blog.truesec.com/2021/05/05/are-the-notorious-cyber-criminals-evil-corp-actually-russian-spies/}, language = {English}, urldate = {2021-05-08} } Are The Notorious Cyber Criminals Evil Corp actually Russian Spies?
Cobalt Strike Hades WastedLocker
2021-02-21AntiyAntiy CERT
@online{cert:20210221:analysis:84134cb, author = {Antiy CERT}, title = {{Analysis report on the attack activities of the "Baby Elephant" against Pakistani defense manufacturers}}, date = {2021-02-21}, organization = {Antiy}, url = {https://mp.weixin.qq.com/s/y2kRbYCt94yPu-5jtcZ_AA}, language = {Chinese}, urldate = {2021-02-25} } Analysis report on the attack activities of the "Baby Elephant" against Pakistani defense manufacturers
2020-12-01Trend MicroRyan Flores
@online{flores:20201201:impact:415bf2e, author = {Ryan Flores}, title = {{The Impact of Modern Ransomware on Manufacturing Networks}}, date = {2020-12-01}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/l/the-impact-of-modern-ransomware-on-manufacturing-networks.html}, language = {English}, urldate = {2020-12-08} } The Impact of Modern Ransomware on Manufacturing Networks
Maze Petya REvil
2020-11-12DragosDragos
@techreport{dragos:20201112:cyber:cf5b4fd, author = {Dragos}, title = {{Cyber Threat Perspective MANUFACTURING SECTOR}}, date = {2020-11-12}, institution = {Dragos}, url = {https://hub.dragos.com/hubfs/Whitepaper-Downloads/Dragos_Manufacturing%20Threat%20Perspective_1120.pdf}, language = {English}, urldate = {2020-11-18} } Cyber Threat Perspective MANUFACTURING SECTOR
Industroyer Snake
2020-08-13Kaspersky LabsKonstantin Zykov
@online{zykov:20200813:cactuspete:6753952, author = {Konstantin Zykov}, title = {{CactusPete APT group’s updated Bisonal backdoor}}, date = {2020-08-13}, organization = {Kaspersky Labs}, url = {https://securelist.com/cactuspete-apt-groups-updated-bisonal-backdoor/97962/}, language = {English}, urldate = {2020-08-14} } CactusPete APT group’s updated Bisonal backdoor
Korlia Tonto Team
2020-07-14CrowdStrikeFalcon OverWatch Team
@online{team:20200714:manufacturing:3e552ec, author = {Falcon OverWatch Team}, title = {{Manufacturing Industry in the Adversaries’ Crosshairs}}, date = {2020-07-14}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/adversaries-targeting-the-manufacturing-industry/}, language = {English}, urldate = {2020-07-23} } Manufacturing Industry in the Adversaries’ Crosshairs
ShadowPad Snake
2020-07-01Cisco TalosNick Biasini, Edmund Brumaghin, Mariano Graziano
@online{biasini:20200701:threat:a726b7e, author = {Nick Biasini and Edmund Brumaghin and Mariano Graziano}, title = {{Threat Spotlight: Valak Slithers Its Way Into Manufacturing and Transportation Networks}}, date = {2020-07-01}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/07/valak-emerges.html}, language = {English}, urldate = {2020-08-18} } Threat Spotlight: Valak Slithers Its Way Into Manufacturing and Transportation Networks
Valak IcedID ISFB MyKings Spreader
2020-05-22YoroiLuigi Martire, Giacomo d'Onofrio, Antonio Pirozzi, Luca Mella
@online{martire:20200522:cybercriminal:97a41b3, author = {Luigi Martire and Giacomo d'Onofrio and Antonio Pirozzi and Luca Mella}, title = {{Cyber-Criminal espionage Operation insists on Italian Manufacturing}}, date = {2020-05-22}, organization = {Yoroi}, url = {https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/}, language = {English}, urldate = {2022-02-02} } Cyber-Criminal espionage Operation insists on Italian Manufacturing
Agent Tesla
2020-03-02TechCrunchZack Whittaker, Kirsten Korosec
@online{whittaker:20200302:visser:7a6d06b, author = {Zack Whittaker and Kirsten Korosec}, title = {{Visser, a parts manufacturer for Tesla and SpaceX, confirms data breach}}, date = {2020-03-02}, organization = {TechCrunch}, url = {https://techcrunch.com/2020/03/01/visser-breach/}, language = {English}, urldate = {2020-03-09} } Visser, a parts manufacturer for Tesla and SpaceX, confirms data breach
DoppelPaymer
2020-01-28Macnica NetworksMacnica Networks
@online{networks:20200128:tick:e511a29, author = {Macnica Networks}, title = {{Tick ​​Group Aiming at Japanese Manufacturing}}, date = {2020-01-28}, organization = {Macnica Networks}, url = {https://www.macnica.net/mpressioncss/feature_05.html/}, language = {Japanese}, urldate = {2021-01-01} } Tick ​​Group Aiming at Japanese Manufacturing
Datper xxmm
2020-01-23Palo Alto Networks Unit 42Adrian McCabe, Unit42
@online{mccabe:20200123:fractured:399ff15, author = {Adrian McCabe and Unit42}, title = {{The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks}}, date = {2020-01-23}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/the-fractured-statue-campaign-u-s-government-targeted-in-spear-phishing-attacks/}, language = {English}, urldate = {2020-01-26} } The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks
CARROTBALL CarrotBat Syscon
2019-11-29Palo Alto Networks Unit 42Josh Grunzweig, Kyle Wilhoit
@online{grunzweig:20191129:fractured:65257b7, author = {Josh Grunzweig and Kyle Wilhoit}, title = {{The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia}}, date = {2019-11-29}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-the-fractured-block-campaign-carrotbat-malware-used-to-deliver-malware-targeting-southeast-asia/}, language = {English}, urldate = {2020-01-12} } The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
CarrotBat
2019-11-19ACTURédaction Normandie
@online{normandie:20191119:une:d09ec98, author = {Rédaction Normandie}, title = {{Une rançon après la cyberattaque au CHU de Rouen ? Ce que réclament les pirates}}, date = {2019-11-19}, organization = {ACTU}, url = {https://actu.fr/normandie/rouen_76540/une-rancon-apres-cyberattaque-chu-rouen-ce-reclament-pirates_29475649.html}, language = {French}, urldate = {2019-12-05} } Une rançon après la cyberattaque au CHU de Rouen ? Ce que réclament les pirates
Clop
2019-03-29Vice MotherboardLorenzo Franceschi-Bicchierai, Riccardo Coluccini
@online{franceschibicchierai:20190329:researchers:5987d8a, author = {Lorenzo Franceschi-Bicchierai and Riccardo Coluccini}, title = {{Researchers Find Google Play Store Apps Were Actually Government Malware}}, date = {2019-03-29}, organization = {Vice Motherboard}, url = {https://motherboard.vice.com/en_us/article/43z93g/hackers-hid-android-malware-in-google-play-store-exodus-esurv}, language = {English}, urldate = {2020-01-06} } Researchers Find Google Play Store Apps Were Actually Government Malware
Exodus
2017-11-16Github (mdsecactivebreach)Vincent Yiu
@online{yiu:20171116:cactustorch:be5ebfd, author = {Vincent Yiu}, title = {{CACTUSTORCH: Payload Generation for Adversary Simulations}}, date = {2017-11-16}, organization = {Github (mdsecactivebreach)}, url = {https://github.com/mdsecactivebreach/CACTUSTORCH}, language = {English}, urldate = {2020-01-09} } CACTUSTORCH: Payload Generation for Adversary Simulations
CACTUSTORCH
2017-05-10CybereasonAmit Serper
@online{serper:20170510:protonb:c490472, author = {Amit Serper}, title = {{Proton.B: What this Mac malware actually does}}, date = {2017-05-10}, organization = {Cybereason}, url = {https://www.cybereason.com/labs-blog/labs-proton-b-what-this-mac-malware-actually-does}, language = {English}, urldate = {2020-01-09} } Proton.B: What this Mac malware actually does
Proton RAT