Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-11AhnLabASEC
@online{asec:20221111:magniber:7426c1e, author = {ASEC}, title = {{Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)}}, date = {2022-11-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41889/}, language = {English}, urldate = {2022-11-15} } Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)
Magniber
2022-11-10AhnLabASEC
@online{asec:20221110:penetration:d92badf, author = {ASEC}, title = {{Penetration and Distribution Method of Gwisin Attacker}}, date = {2022-11-10}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41565/}, language = {English}, urldate = {2022-11-11} } Penetration and Distribution Method of Gwisin Attacker
Gwisin
2022-11-08AhnLabASEC
@online{asec:20221108:lockbit:6acb17e, author = {ASEC}, title = {{LockBit 3.0 Being Distributed via Amadey Bot}}, date = {2022-11-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41450/}, language = {English}, urldate = {2022-11-09} } LockBit 3.0 Being Distributed via Amadey Bot
Amadey Gandcrab LockBit
2022-11-02ASECASEC
@online{asec:20221102:appleseed:0cc5b91, author = {ASEC}, title = {{Appleseed Being Distributed to Nuclear Power Plant-Related Companies}}, date = {2022-11-02}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/41015/}, language = {English}, urldate = {2022-11-03} } Appleseed Being Distributed to Nuclear Power Plant-Related Companies
Appleseed
2022-10-24AhnLabASEC Analysis Team
@online{team:20221024:malware:495a611, author = {ASEC Analysis Team}, title = {{Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique}}, date = {2022-10-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/40495/}, language = {Korean}, urldate = {2022-10-25} } Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique
LazarDoor
2022-10-12AhnLabASEC Analysis Team
@online{team:20221012:lazarus:871078f, author = {ASEC Analysis Team}, title = {{Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)}}, date = {2022-10-12}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/39828/}, language = {Korean}, urldate = {2022-10-14} } Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)
2022-10-11AhnLabASEC Analysis Team
@online{team:20221011:from:a35b468, author = {ASEC Analysis Team}, title = {{From Exchange Server vulnerability to ransomware infection in just 7 days}}, date = {2022-10-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/39682/}, language = {Korean}, urldate = {2022-10-11} } From Exchange Server vulnerability to ransomware infection in just 7 days
LockBit MimiKatz
2022-09-22AhnLabAhnLab ASEC Analysis Team
@techreport{team:20220922:analysis:9dea34b, author = {AhnLab ASEC Analysis Team}, title = {{Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD}}, date = {2022-09-22}, institution = {AhnLab}, url = {https://asec.ahnlab.com/wp-content/uploads/2022/09/Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf}, language = {English}, urldate = {2022-09-22} } Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD
2022-09-15AquasecAssaf Morag, Asaf Eitani
@online{morag:20220915:threat:b35ec09, author = {Assaf Morag and Asaf Eitani}, title = {{Threat Alert: New Malware in the Cloud By TeamTNT}}, date = {2022-09-15}, organization = {Aquasec}, url = {https://blog.aquasec.com/new-malware-in-the-cloud-by-teamtnt}, language = {English}, urldate = {2022-09-19} } Threat Alert: New Malware in the Cloud By TeamTNT
Tsunami
2022-08-03AhnLabASEC Analysis Team
@online{team:20220803:gwisin:b89efa2, author = {ASEC Analysis Team}, title = {{Gwisin Ransomware Targeting Korean Companies}}, date = {2022-08-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/37483}, language = {English}, urldate = {2022-08-30} } Gwisin Ransomware Targeting Korean Companies
Gwisin
2022-08-02ASECASEC Analysis Team
@online{team:20220802:word:dbe2c7e, author = {ASEC Analysis Team}, title = {{Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky)}}, date = {2022-08-02}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/37396/}, language = {English}, urldate = {2022-08-02} } Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky)
Kimsuky
2022-07-28AhnLabASEC
@online{asec:20220728:attackers:666ffd0, author = {ASEC}, title = {{Attackers Profiting from Proxyware}}, date = {2022-07-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/37276/}, language = {English}, urldate = {2022-08-18} } Attackers Profiting from Proxyware
2022-07-21ASECASEC Analysis Team
@online{team:20220721:malware:6c62ac8, author = {ASEC Analysis Team}, title = {{Malware Being Distributed by Disguising Itself as Icon of V3 Lite}}, date = {2022-07-21}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/36629/}, language = {English}, urldate = {2022-07-25} } Malware Being Distributed by Disguising Itself as Icon of V3 Lite
Ave Maria
2022-07-21ASECASEC Analysis Team
@online{team:20220721:dissemination:586ca95, author = {ASEC Analysis Team}, title = {{Dissemination of AppleSeed to Specific Military Maintenance Companies}}, date = {2022-07-21}, organization = {ASEC}, url = {https://asec.ahnlab.com/ko/36918/}, language = {Korean}, urldate = {2022-07-25} } Dissemination of AppleSeed to Specific Military Maintenance Companies
Appleseed
2022-07-11ASECASEC
@online{asec:20220711:appleseed:c064586, author = {ASEC}, title = {{AppleSeed Disguised as Purchase Order and Request Form Being Distributed}}, date = {2022-07-11}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/36368/}, language = {English}, urldate = {2022-11-03} } AppleSeed Disguised as Purchase Order and Request Form Being Distributed
Appleseed
2022-06-28AhnLabASEC
@online{asec:20220628:new:df3f9bf, author = {ASEC}, title = {{New Info-stealer Disguised as Crack Being Distributed}}, date = {2022-06-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/35981/}, language = {English}, urldate = {2022-06-30} } New Info-stealer Disguised as Crack Being Distributed
ClipBanker CryptBot Raccoon RedLine Stealer
2022-06-24AhnLabASEC
@online{asec:20220624:lockbit:a98a9bb, author = {ASEC}, title = {{LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed}}, date = {2022-06-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/35822/}, language = {English}, urldate = {2022-06-27} } LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed
LockBit
2022-05-20AhnLabASEC
@online{asec:20220520:why:c6efba7, author = {ASEC}, title = {{Why Remediation Alone Is Not Enough When Infected by Malware}}, date = {2022-05-20}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/34549/}, language = {English}, urldate = {2022-05-24} } Why Remediation Alone Is Not Enough When Infected by Malware
Cobalt Strike DarkSide
2022-05-03AhnLabASEC
@online{asec:20220503:backdoors:43e357a, author = {ASEC}, title = {{Backdoors disguised as document editing and messenger programs (*.chm)}}, date = {2022-05-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/33948/}, language = {Korean}, urldate = {2022-05-05} } Backdoors disguised as document editing and messenger programs (*.chm)
2022-04-18ASECASEC Analysis Team
@online{team:20220418:new:4825c0e, author = {ASEC Analysis Team}, title = {{A new type of malware from the Lazarus attack group that exploits the INITECH process.}}, date = {2022-04-18}, organization = {ASEC}, url = {https://asec.ahnlab.com/ko/33706/}, language = {Korean}, urldate = {2022-04-20} } A new type of malware from the Lazarus attack group that exploits the INITECH process.