Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-11AccentureAccenture
@online{accenture:20220811:how:c19491d, author = {Accenture}, title = {{How cybercriminals are weaponizing leaked ransomware data for follow-up attacks}}, date = {2022-08-11}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/security/cybercriminals-weaponizing-leaked-ransomware-data}, language = {English}, urldate = {2022-09-26} } How cybercriminals are weaponizing leaked ransomware data for follow-up attacks
2022-06-28AccentureAccenture
@online{accenture:20220628:stealbit:ec9bb0e, author = {Accenture}, title = {{Steal(Bit) or exfil, what does it (Ex)Matter? Comparative Analysis of Custom Exfiltration Tools}}, date = {2022-06-28}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/security/stealbit-exmatter-exfiltration-tool-analysis}, language = {English}, urldate = {2022-09-26} } Steal(Bit) or exfil, what does it (Ex)Matter? Comparative Analysis of Custom Exfiltration Tools
ExMatter StealBit
2022-06-09AccentureAccenture
@online{accenture:20220609:finding:1f4e3a0, author = {Accenture}, title = {{Finding Vulnerabilities with VulFi IDA Plugin}}, date = {2022-06-09}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/security/finding-vulnerabilities-vulfi-ida-plugin}, language = {English}, urldate = {2022-09-26} } Finding Vulnerabilities with VulFi IDA Plugin
2022-04-15AccentureAccenture
@techreport{accenture:20220415:global:7244169, author = {Accenture}, title = {{Global Incident Report: Russia-Ukraine Crisis}}, date = {2022-04-15}, institution = {Accenture}, url = {https://acn-marketing-blog.accenture.com/wp-content/uploads/2022/04/Global-incident-report-Russia-Ukraine-Crisis-April-14.pdf}, language = {English}, urldate = {2022-04-20} } Global Incident Report: Russia-Ukraine Crisis
2021-12-10AccentureAccenture
@online{accenture:20211210:karakurt:5bb6d9c, author = {Accenture}, title = {{Karakurt rises from its lair}}, date = {2021-12-10}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/karakurt-threat-mitigation}, language = {English}, urldate = {2021-12-15} } Karakurt rises from its lair
Cobalt Strike
2021-11-09PrevailionPrevailion, Accenture Cyber Threat Intelligence
@online{prevailion:20211109:who:f88228a, author = {Prevailion and Accenture Cyber Threat Intelligence}, title = {{Who are latest targets of cyber group Lyceum?}}, date = {2021-11-09}, organization = {Prevailion}, url = {https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/}, language = {English}, urldate = {2021-11-09} } Who are latest targets of cyber group Lyceum?
Milan Shark LYCEUM
2021-11-01AccentureHeather Larrieu, Curt Wilson, Katrina Hill
@online{larrieu:20211101:diving:a732a35, author = {Heather Larrieu and Curt Wilson and Katrina Hill}, title = {{Diving into double extortion campaigns}}, date = {2021-11-01}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/double-extortion-campaigns}, language = {English}, urldate = {2021-11-03} } Diving into double extortion campaigns
Cobalt Strike MimiKatz
2021-10-11AccentureAccenture Cyber Threat Intelligence
@online{intelligence:20211011:moving:3b0eaec, author = {Accenture Cyber Threat Intelligence}, title = {{Moving Left of the Ransomware Boom}}, date = {2021-10-11}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/moving-left-ransomware-boom}, language = {English}, urldate = {2021-11-03} } Moving Left of the Ransomware Boom
REvil Cobalt Strike MimiKatz RagnarLocker REvil
2021-06-29AccentureAccenture Security
@online{security:20210629:hades:2d4c606, author = {Accenture Security}, title = {{HADES ransomware operators continue attacks}}, date = {2021-06-29}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/security/ransomware-hades}, language = {English}, urldate = {2021-07-01} } HADES ransomware operators continue attacks
Cobalt Strike Hades MimiKatz
2021-03-26AccentureEric Welling, Jeff Beley, Ryan Leininger
@online{welling:20210326:its:33085a3, author = {Eric Welling and Jeff Beley and Ryan Leininger}, title = {{It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims}}, date = {2021-03-26}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/unknown-threat-group-using-hades-ransomware}, language = {English}, urldate = {2021-03-30} } It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims
Hades
2021-02-16AccentureAlexandrea Berninger
@online{berninger:20210216:hard:55e809e, author = {Alexandrea Berninger}, title = {{Hard lessons learned: Threat intel takeaways from the community response to Solarigate}}, date = {2021-02-16}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/threat-intel-takeaways-solarigate}, language = {English}, urldate = {2021-02-20} } Hard lessons learned: Threat intel takeaways from the community response to Solarigate
SUNBURST TEARDROP
2020-12-16AccenturePaul Mansfield
@online{mansfield:20201216:tracking:25540bd, author = {Paul Mansfield}, title = {{Tracking and combatting an evolving danger: Ransomware extortion}}, date = {2020-12-16}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/evolving-danger-ransomware-extortion}, language = {English}, urldate = {2020-12-17} } Tracking and combatting an evolving danger: Ransomware extortion
DarkSide Egregor Maze Nefilim RagnarLocker REvil Ryuk SunCrypt
2020-10-28AccentureCyber Defense
@online{defense:20201028:turla:6f32714, author = {Cyber Defense}, title = {{Turla uses HyperStack, Carbon, and Kazuar to compromise government entity}}, date = {2020-10-28}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/turla-belugasturgeon-compromises-government-entity}, language = {English}, urldate = {2020-10-29} } Turla uses HyperStack, Carbon, and Kazuar to compromise government entity
Cobra Carbon System Kazuar TurlaRPC Turla SilentMoon
2019-03-05AccentureAccenture
@techreport{accenture:20190305:mudcarps:2e785cc, author = {Accenture}, title = {{MUDCARP's Focus on Submarine Technologies}}, date = {2019-03-05}, institution = {Accenture}, url = {https://www.accenture.com/_acnmedia/pdf-96/accenture-security-mudcarp.pdf}, language = {English}, urldate = {2022-09-12} } MUDCARP's Focus on Submarine Technologies
8.t Dropper APT40
2019-02-13Accenture SecurityAccenture Security
@techreport{security:20190213:snakemackerel:17add25, author = {Accenture Security}, title = {{SNAKEMACKEREL: Threat Campaign Likely Targeting NATO Members, Defense and Military Outlets}}, date = {2019-02-13}, institution = {Accenture Security}, url = {https://www.accenture.com/t20190213T141124Z__w__/us-en/_acnmedia/PDF-94/Accenture-SNAKEMACKEREL-Threat-Campaign-Likely-Targeting-NATO-Members-Defense-and-Military-Outlets.pdf}, language = {English}, urldate = {2019-12-18} } SNAKEMACKEREL: Threat Campaign Likely Targeting NATO Members, Defense and Military Outlets
APT28
2019-01-17AccentureMatthew Brady
@online{brady:20190117:pond:572e6e8, author = {Matthew Brady}, title = {{Pond Loach delivers BadCake malware}}, date = {2019-01-17}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/blogs-pond-loach-delivers-badcake-malware}, language = {English}, urldate = {2020-03-03} } Pond Loach delivers BadCake malware
Salgorea APT32
2018-11-29AccentureMichael Yip
@online{yip:20181129:snakemackerel:aa02eba, author = {Michael Yip}, title = {{Snakemackerel delivers Zekapab malware}}, date = {2018-11-29}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/blogs-snakemackerel-delivers-zekapab-malware}, language = {English}, urldate = {2019-12-10} } Snakemackerel delivers Zekapab malware
Zebrocy APT28
2018-07-26Accenture SecurityMichael Yip, Bart Parys
@techreport{yip:20180726:goldfin:6798c5d, author = {Michael Yip and Bart Parys}, title = {{GOLDFIN: A Persistent Campaign Targeting CIS Countries with SOCKSBOT}}, date = {2018-07-26}, institution = {Accenture Security}, url = {https://www.accenture.com/t00010101T000000Z__w__/gb-en/_acnmedia/PDF-83/Accenture-Goldfin-Security-Alert.pdf}, language = {English}, urldate = {2020-10-02} } GOLDFIN: A Persistent Campaign Targeting CIS Countries with SOCKSBOT
SocksBot
2018-04-23Accenture SecurityBart Parys
@techreport{parys:20180423:hogfish:8cf32f8, author = {Bart Parys}, title = {{HOGFISH REDLEAVES CAMPAIGN: HOGFISH (APT10) targets Japan with RedLeaves implants in “new battle”}}, date = {2018-04-23}, institution = {Accenture Security}, url = {https://www.accenture.com/t20180423T055005Z__w__/se-en/_acnmedia/PDF-76/Accenture-Hogfish-Threat-Analysis.pdf}, language = {English}, urldate = {2020-06-18} } HOGFISH REDLEAVES CAMPAIGN: HOGFISH (APT10) targets Japan with RedLeaves implants in “new battle”
RedLeaves
2018-04-23Accenture SecurityBart Parys
@techreport{parys:20180423:hogfish:4dc2531, author = {Bart Parys}, title = {{HOGFISH REDLEAVES CAMPAIGN: HOGFISH (APT10) targets Japan with RedLeaves implants in “new battle”}}, date = {2018-04-23}, institution = {Accenture Security}, url = {https://www.accenture.com/t20180423T055005Z_w_/se-en/_acnmedia/PDF-76/Accenture-Hogfish-Threat-Analysis.pdf}, language = {English}, urldate = {2020-06-18} } HOGFISH REDLEAVES CAMPAIGN: HOGFISH (APT10) targets Japan with RedLeaves implants in “new battle”
RedLeaves APT10