Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-06AT&TOfer Caspi
@online{caspi:20220906:shikitega:bee20db, author = {Ofer Caspi}, title = {{Shikitega - New stealthy malware targeting Linux}}, date = {2022-09-06}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linux}, language = {English}, urldate = {2023-01-19} } Shikitega - New stealthy malware targeting Linux
BotenaGo EnemyBot Meterpreter Monero Miner
2022-08-29AT&TFernando Martinez
@online{martinez:20220829:crypto:b9c06fe, author = {Fernando Martinez}, title = {{Crypto miners’ latest techniques}}, date = {2022-08-29}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/crypto-miners-latest-techniques}, language = {English}, urldate = {2022-08-31} } Crypto miners’ latest techniques
2022-05-26AT&T CybersecurityOfer Caspi
@online{caspi:20220526:rapidly:cbc0d84, author = {Ofer Caspi}, title = {{Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices}}, date = {2022-05-26}, organization = {AT&T Cybersecurity}, url = {https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers}, language = {English}, urldate = {2022-05-31} } Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices
EnemyBot
2022-05-02AT&TFernando Martinez
@online{martinez:20220502:analysis:e5d626b, author = {Fernando Martinez}, title = {{Analysis on recent wiper attacks: examples and how wiper malware works}}, date = {2022-05-02}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works}, language = {English}, urldate = {2022-05-04} } Analysis on recent wiper attacks: examples and how wiper malware works
AcidRain CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper
2022-01-26AT&T CybersecurityOfer Caspi
@online{caspi:20220126:botenago:0c74142, author = {Ofer Caspi}, title = {{BotenaGo strikes again - malware source code uploaded to GitHub}}, date = {2022-01-26}, organization = {AT&T Cybersecurity}, url = {https://cybersecurity.att.com/blogs/labs-research/botenago-strike-again-malware-source-code-uploaded-to-github}, language = {English}, urldate = {2022-04-24} } BotenaGo strikes again - malware source code uploaded to GitHub
BotenaGo
2021-12-16AT&TSantiago Cortes
@online{cortes:20211216:global:815f2b2, author = {Santiago Cortes}, title = {{Global outbreak of Log4Shell}}, date = {2021-12-16}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/global-outbreak-of-log4shell}, language = {English}, urldate = {2022-01-05} } Global outbreak of Log4Shell
2021-11-30360 netlabAlex.Turing, Hui Wang
@online{alexturing:20211130:ewdoor:aa6e76e, author = {Alex.Turing and Hui Wang}, title = {{EwDoor Botnet Is Attacking AT&T Customers}}, date = {2021-11-30}, organization = {360 netlab}, url = {https://blog.netlab.360.com/warning-ewdoor-botnet-is-attacking-att-customers/}, language = {English}, urldate = {2021-12-07} } EwDoor Botnet Is Attacking AT&T Customers
EwDoor
2021-11-11AT&TOfer Caspi
@online{caspi:20211111:att:4c2bbed, author = {Ofer Caspi}, title = {{AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits}}, date = {2021-11-11}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits}, language = {English}, urldate = {2021-11-17} } AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits
BotenaGo
2021-11-10AT&TJosh Gomez
@online{gomez:20211110:stories:4ce1168, author = {Josh Gomez}, title = {{Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!}}, date = {2021-11-10}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/security-essentials/stories-from-the-soc-powershell-proxyshell-conti-ttps-oh-my}, language = {English}, urldate = {2021-11-17} } Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!
Cobalt Strike Conti
2021-10-27AT&TFernando Dominguez
@online{dominguez:20211027:code:2d1f1be, author = {Fernando Dominguez}, title = {{Code similarity analysis with r2diaphora}}, date = {2021-10-27}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/code-similarity-analysis-with-r2diaphora}, language = {English}, urldate = {2021-11-03} } Code similarity analysis with r2diaphora
Bashlite
2021-09-08AT&TOfer Caspi
@online{caspi:20210908:teamtnt:f9ad39d, author = {Ofer Caspi}, title = {{TeamTNT with new campaign aka “Chimaera”}}, date = {2021-09-08}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/teamtnt-with-new-campaign-aka-chimaera}, language = {English}, urldate = {2021-09-10} } TeamTNT with new campaign aka “Chimaera”
TeamTNT
2021-08-23AT&TFernando Dominguez
@online{dominguez:20210823:prism:f3b6d3d, author = {Fernando Dominguez}, title = {{PRISM attacks fly under the radar}}, date = {2021-08-23}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/prism-attacks-fly-under-the-radar}, language = {English}, urldate = {2021-08-25} } PRISM attacks fly under the radar
PRISM
2021-08-19cybleCyble
@online{cyble:20210819:shinyhunters:58b6c1a, author = {Cyble}, title = {{ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems}}, date = {2021-08-19}, organization = {cyble}, url = {https://blog.cyble.com/2021/08/19/shinyhunters-selling-alleged-att-database-with-70-million-ssn-and-date-of-birth/}, language = {English}, urldate = {2021-09-19} } ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems
2021-08-02AT&TOfer Caspi, Javier Ruiz
@online{caspi:20210802:new:65cbd77, author = {Ofer Caspi and Javier Ruiz}, title = {{New sophisticated RAT in town: FatalRat analysis}}, date = {2021-08-02}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/new-sophisticated-rat-in-town-fatalrat-analysis}, language = {English}, urldate = {2021-08-02} } New sophisticated RAT in town: FatalRat analysis
FatalRat
2021-07-06AT&TFernando Martinez
@online{martinez:20210706:lazarus:99dc50f, author = {Fernando Martinez}, title = {{Lazarus campaign TTPs and evolution}}, date = {2021-07-06}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/lazarus-campaign-ttps-and-evolution}, language = {English}, urldate = {2021-07-11} } Lazarus campaign TTPs and evolution
2021-07-01AT&T CybersecurityOfer Caspi, Fernando Martinez
@online{caspi:20210701:revils:20b42ae, author = {Ofer Caspi and Fernando Martinez}, title = {{REvil’s new Linux version}}, date = {2021-07-01}, organization = {AT&T Cybersecurity}, url = {https://cybersecurity.att.com/blogs/labs-research/revils-new-linux-version}, language = {English}, urldate = {2021-07-02} } REvil’s new Linux version
REvil REvil
2021-06-28AT&TAlienVault
@online{alienvault:20210628:revil:1b4ddb9, author = {AlienVault}, title = {{REvil ransomware Linux version (with YARA rule)}}, date = {2021-06-28}, organization = {AT&T}, url = {https://otx.alienvault.com/pulse/60da2c80aa5400db8f1561d5}, language = {English}, urldate = {2021-07-02} } REvil ransomware Linux version (with YARA rule)
REvil
2021-06-22AT&TOfer Caspi
@online{caspi:20210622:darkside:2889f3c, author = {Ofer Caspi}, title = {{Darkside RaaS in Linux version}}, date = {2021-06-22}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/darkside-raas-in-linux-version}, language = {English}, urldate = {2021-06-24} } Darkside RaaS in Linux version
DarkSide
2021-06-21AlienVaultAT&T Alien Labs
@online{labs:20210621:darkside:9f1da07, author = {AT&T Alien Labs}, title = {{Darkside RaaS in Linux version}}, date = {2021-06-21}, organization = {AlienVault}, url = {https://otx.alienvault.com/pulse/60d0afbc395c24edefb33bb9}, language = {English}, urldate = {2021-06-22} } Darkside RaaS in Linux version
DarkSide
2021-04-15AT&TDax Morrow, Ofer Caspi
@online{morrow:20210415:rise:73d9a21, author = {Dax Morrow and Ofer Caspi}, title = {{The rise of QakBot}}, date = {2021-04-15}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/the-rise-of-qakbot}, language = {English}, urldate = {2021-04-16} } The rise of QakBot
QakBot