Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-11AT&TOfer Caspi
@online{caspi:20211111:att:4c2bbed, author = {Ofer Caspi}, title = {{AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits}}, date = {2021-11-11}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits}, language = {English}, urldate = {2021-11-17} } AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits
BotenaGo
2021-11-10AT&TJosh Gomez
@online{gomez:20211110:stories:4ce1168, author = {Josh Gomez}, title = {{Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!}}, date = {2021-11-10}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/security-essentials/stories-from-the-soc-powershell-proxyshell-conti-ttps-oh-my}, language = {English}, urldate = {2021-11-17} } Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!
Cobalt Strike Conti
2021-10-27AT&TFernando Dominguez
@online{dominguez:20211027:code:2d1f1be, author = {Fernando Dominguez}, title = {{Code similarity analysis with r2diaphora}}, date = {2021-10-27}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/code-similarity-analysis-with-r2diaphora}, language = {English}, urldate = {2021-11-03} } Code similarity analysis with r2diaphora
Bashlite
2021-09-08AT&TOfer Caspi
@online{caspi:20210908:teamtnt:f9ad39d, author = {Ofer Caspi}, title = {{TeamTNT with new campaign aka “Chimaera”}}, date = {2021-09-08}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/teamtnt-with-new-campaign-aka-chimaera}, language = {English}, urldate = {2021-09-10} } TeamTNT with new campaign aka “Chimaera”
TeamTNT
2021-08-23AT&TFernando Dominguez
@online{dominguez:20210823:prism:f3b6d3d, author = {Fernando Dominguez}, title = {{PRISM attacks fly under the radar}}, date = {2021-08-23}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/prism-attacks-fly-under-the-radar}, language = {English}, urldate = {2021-08-25} } PRISM attacks fly under the radar
PRISM
2021-08-19cybleCyble
@online{cyble:20210819:shinyhunters:58b6c1a, author = {Cyble}, title = {{ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems}}, date = {2021-08-19}, organization = {cyble}, url = {https://blog.cyble.com/2021/08/19/shinyhunters-selling-alleged-att-database-with-70-million-ssn-and-date-of-birth/}, language = {English}, urldate = {2021-09-19} } ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems
2021-08-02AT&TOfer Caspi, Javier Ruiz
@online{caspi:20210802:new:65cbd77, author = {Ofer Caspi and Javier Ruiz}, title = {{New sophisticated RAT in town: FatalRat analysis}}, date = {2021-08-02}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/new-sophisticated-rat-in-town-fatalrat-analysis}, language = {English}, urldate = {2021-08-02} } New sophisticated RAT in town: FatalRat analysis
FatalRat
2021-07-06AT&TFernando Martinez
@online{martinez:20210706:lazarus:99dc50f, author = {Fernando Martinez}, title = {{Lazarus campaign TTPs and evolution}}, date = {2021-07-06}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/lazarus-campaign-ttps-and-evolution}, language = {English}, urldate = {2021-07-11} } Lazarus campaign TTPs and evolution
2021-07-01AT&T CybersecurityOfer Caspi, Fernando Martinez
@online{caspi:20210701:revils:20b42ae, author = {Ofer Caspi and Fernando Martinez}, title = {{REvil’s new Linux version}}, date = {2021-07-01}, organization = {AT&T Cybersecurity}, url = {https://cybersecurity.att.com/blogs/labs-research/revils-new-linux-version}, language = {English}, urldate = {2021-07-02} } REvil’s new Linux version
REvil REvil
2021-06-28AT&TAlienVault
@online{alienvault:20210628:revil:1b4ddb9, author = {AlienVault}, title = {{REvil ransomware Linux version (with YARA rule)}}, date = {2021-06-28}, organization = {AT&T}, url = {https://otx.alienvault.com/pulse/60da2c80aa5400db8f1561d5}, language = {English}, urldate = {2021-07-02} } REvil ransomware Linux version (with YARA rule)
REvil
2021-06-22AT&TOfer Caspi
@online{caspi:20210622:darkside:2889f3c, author = {Ofer Caspi}, title = {{Darkside RaaS in Linux version}}, date = {2021-06-22}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/darkside-raas-in-linux-version}, language = {English}, urldate = {2021-06-24} } Darkside RaaS in Linux version
DarkSide
2021-06-21AlienVaultAT&T Alien Labs
@online{labs:20210621:darkside:9f1da07, author = {AT&T Alien Labs}, title = {{Darkside RaaS in Linux version}}, date = {2021-06-21}, organization = {AlienVault}, url = {https://otx.alienvault.com/pulse/60d0afbc395c24edefb33bb9}, language = {English}, urldate = {2021-06-22} } Darkside RaaS in Linux version
DarkSide
2021-04-15AT&TDax Morrow, Ofer Caspi
@online{morrow:20210415:rise:73d9a21, author = {Dax Morrow and Ofer Caspi}, title = {{The rise of QakBot}}, date = {2021-04-15}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/the-rise-of-qakbot}, language = {English}, urldate = {2021-04-16} } The rise of QakBot
QakBot
2021-01-27AT&TOfer Caspi
@online{caspi:20210127:teamtnt:8ebf267, author = {Ofer Caspi}, title = {{TeamTNT delivers malware with new detection evasion tool}}, date = {2021-01-27}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/teamtnt-delivers-malware-with-new-detection-evasion-tool}, language = {English}, urldate = {2021-01-27} } TeamTNT delivers malware with new detection evasion tool
TeamTNT TeamTNT
2021-01-07AT&TOfer Caspi, Fernando Martinez
@online{caspi:20210107:malware:2ad7d86, author = {Ofer Caspi and Fernando Martinez}, title = {{Malware using new Ezuri memory loader}}, date = {2021-01-07}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/malware-using-new-ezuri-memory-loader}, language = {English}, urldate = {2021-01-11} } Malware using new Ezuri memory loader
Cephei
2020-01-15AT&T CybersecurityFernando Martinez
@online{martinez:20200115:alien:a57585f, author = {Fernando Martinez}, title = {{Alien Labs 2019 Analysis of Threat Groups Molerats and APT-C-37}}, date = {2020-01-15}, organization = {AT&T Cybersecurity}, url = {https://cybersecurity.att.com/blogs/labs-research/alien-labs-2019-analysis-of-threat-groups-molerats-and-apt-c-37}, language = {English}, urldate = {2020-01-22} } Alien Labs 2019 Analysis of Threat Groups Molerats and APT-C-37
Houdini
2019-04-02AT&TJaime Blasco, Chris Doman
@online{blasco:20190402:xwo:11817a2, author = {Jaime Blasco and Chris Doman}, title = {{Xwo - A Python-based bot scanner}}, date = {2019-04-02}, organization = {AT&T}, url = {https://www.alienvault.com/blogs/labs-research/xwo-a-python-based-bot-scanner}, language = {English}, urldate = {2020-01-06} } Xwo - A Python-based bot scanner
Xwo
2019-03-06AT&TChris Doman
@online{doman:20190306:internet:c3afbc0, author = {Chris Doman}, title = {{Internet of Termites}}, date = {2019-03-06}, organization = {AT&T}, url = {https://www.alienvault.com/blogs/labs-research/internet-of-termites}, language = {English}, urldate = {2020-01-07} } Internet of Termites
Termite
2018-10-08AT&T CybersecurityChris Doman
@online{doman:20181008:delivery:8f2c9ed, author = {Chris Doman}, title = {{Delivery (Key)Boy}}, date = {2018-10-08}, organization = {AT&T Cybersecurity}, url = {https://www.alienvault.com/blogs/labs-research/delivery-keyboy}, language = {English}, urldate = {2019-10-15} } Delivery (Key)Boy
Titan
2018-06-01AT&TJavier Ruiz
@online{ruiz:20180601:satan:f427b73, author = {Javier Ruiz}, title = {{Satan Ransomware Spawns New Methods to Spread}}, date = {2018-06-01}, organization = {AT&T}, url = {https://www.alienvault.com/blogs/labs-research/satan-ransomware-spawns-new-methods-to-spread}, language = {English}, urldate = {2019-11-26} } Satan Ransomware Spawns New Methods to Spread
Satan