Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-09Advanced IntelligenceYelisey Boguslavskiy, Anastasia Sentsova
@online{boguslavskiy:20210909:groove:f678f6d, author = {Yelisey Boguslavskiy and Anastasia Sentsova}, title = {{Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret Inner Workings}}, date = {2021-09-09}, organization = {Advanced Intelligence}, url = {https://www.advintel.io/post/groove-vs-babuk-groove-ransom-manifesto-ramp-underground-platform-secret-inner-workings}, language = {English}, urldate = {2021-09-12} } Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret Inner Workings
Babuk Babuk
2021-08-26Advanced IntelligenceAnastasia Sentsova
@online{sentsova:20210826:from:29830d8, author = {Anastasia Sentsova}, title = {{From Russia With… LockBit Ransomware: Inside Look & Preventive Solutions}}, date = {2021-08-26}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/from-russia-with-lockbit-ransomware-inside-look-preventive-solutions}, language = {English}, urldate = {2021-08-31} } From Russia With… LockBit Ransomware: Inside Look & Preventive Solutions
LockBit
2021-08-17Advanced IntelligenceVitali Kremez, Yelisey Boguslavskiy
@online{kremez:20210817:hunting:1dc14d0, author = {Vitali Kremez and Yelisey Boguslavskiy}, title = {{Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration}}, date = {2021-08-17}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/hunting-for-corporate-insurance-policies-indicators-of-ransom-exfiltrations}, language = {English}, urldate = {2021-08-31} } Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration
Cobalt Strike Conti
2021-08-11Advanced IntelligenceVitali Kremez
@online{kremez:20210811:secret:5c5f06c, author = {Vitali Kremez}, title = {{Secret "Backdoor" Behind Conti Ransomware Operation: Introducing Atera Agent}}, date = {2021-08-11}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/secret-backdoor-behind-conti-ransomware-operation-introducing-atera-agent}, language = {English}, urldate = {2021-08-31} } Secret "Backdoor" Behind Conti Ransomware Operation: Introducing Atera Agent
Cobalt Strike Conti
2021-07-14Advanced IntelligenceYelisey Boguslavskiy, AdvIntel Security & Development Team
@online{boguslavskiy:20210714:revil:7729e3d, author = {Yelisey Boguslavskiy and AdvIntel Security & Development Team}, title = {{REvil Vanishes From Underground - Infrastructure Down}}, date = {2021-07-14}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/revil-vanishes-from-underground-infrastructure-down-support-staff-adverts-silent}, language = {English}, urldate = {2021-07-20} } REvil Vanishes From Underground - Infrastructure Down
REvil
2021-06-30Advanced IntelligenceYelisey Boguslavskiy, Brandon Rudisel, AdvIntel Security & Development Team
@online{boguslavskiy:20210630:ransomwarecve:deae6a7, author = {Yelisey Boguslavskiy and Brandon Rudisel and AdvIntel Security & Development Team}, title = {{Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets}}, date = {2021-06-30}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/adversarial-perspective-advintel-breach-avoidance-through-monitoring-initial-vulnerabilities}, language = {English}, urldate = {2021-07-01} } Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets
BlackKingdom Ransomware Clop dearcry Hades REvil
2021-06-16Advanced IntelligenceVitali Kremez, Yelisey Boguslavskiy
@online{kremez:20210616:rise:8cfe240, author = {Vitali Kremez and Yelisey Boguslavskiy}, title = {{The Rise & Demise of Multi-Million Ransomware Business Empire}}, date = {2021-06-16}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/the-rise-demise-of-multi-million-ransomware-business-empire}, language = {English}, urldate = {2021-06-21} } The Rise & Demise of Multi-Million Ransomware Business Empire
Avaddon
2021-06-08Advanced IntelligenceVitali Kremez, Yelisey Boguslavskiy
@online{kremez:20210608:from:62f4d20, author = {Vitali Kremez and Yelisey Boguslavskiy}, title = {{From QBot...with REvil Ransomware: Initial Attack Exposure of JBS}}, date = {2021-06-08}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/from-qbot-with-revil-ransomware-initial-attack-exposure-of-jbs}, language = {English}, urldate = {2021-06-09} } From QBot...with REvil Ransomware: Initial Attack Exposure of JBS
QakBot REvil
2021-05-14Advanced IntelligenceVitali Kremez
@online{kremez:20210514:from:958e38d, author = {Vitali Kremez}, title = {{From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution}}, date = {2021-05-14}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/from-dawn-to-silent-night-darkside-ransomware-initial-attack-vector-evolution}, language = {English}, urldate = {2021-05-17} } From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution
DarkSide
2021-04-17Advanced IntelligenceVitali Kremez, Al Calleo, Yelisey Boguslavskiy
@online{kremez:20210417:adversary:197fcfa, author = {Vitali Kremez and Al Calleo and Yelisey Boguslavskiy}, title = {{Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021}}, date = {2021-04-17}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/adversary-dossier-ryuk-ransomware-anatomy-of-an-attack-in-2021}, language = {English}, urldate = {2021-04-19} } Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Ryuk
2021-02-01Twitter (@IntelAdvanced)Advanced Intelligence
@online{intelligence:20210201:active:0a4f59f, author = {Advanced Intelligence}, title = {{Tweet on Active Directory Exploitation by RYUK "one" group}}, date = {2021-02-01}, organization = {Twitter (@IntelAdvanced)}, url = {https://twitter.com/IntelAdvanced/status/1356114606780002308}, language = {English}, urldate = {2021-02-04} } Tweet on Active Directory Exploitation by RYUK "one" group
Ryuk
2021-01-25Twitter (@IntelAdvanced)Advanced Intelligence
@online{intelligence:20210125:ryuk:25a96a7, author = {Advanced Intelligence}, title = {{Tweet on Ryuk Ransomware group's post exploitation tactics including usage of Keethief tool}}, date = {2021-01-25}, organization = {Twitter (@IntelAdvanced)}, url = {https://twitter.com/IntelAdvanced/status/1353546534676258816}, language = {English}, urldate = {2021-01-25} } Tweet on Ryuk Ransomware group's post exploitation tactics including usage of Keethief tool
Ryuk
2021-01-07Advanced IntelligenceVitali Kremez, Brian Carter, HYAS
@online{kremez:20210107:crime:4c6f5c3, author = {Vitali Kremez and Brian Carter and HYAS}, title = {{Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders}}, date = {2021-01-07}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/crime-laundering-primer-inside-ryuk-crime-crypto-ledger-risky-asian-crypto-traders}, language = {English}, urldate = {2021-01-11} } Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders
Ryuk
2020-11-06Advanced IntelligenceVitali Kremez
@online{kremez:20201106:anatomy:b2ce3ae, author = {Vitali Kremez}, title = {{Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike}}, date = {2020-11-06}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/anatomy-of-attack-inside-bazarbackdoor-to-ryuk-ransomware-one-group-via-cobalt-strike}, language = {English}, urldate = {2020-11-09} } Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike
BazarBackdoor Cobalt Strike Ryuk
2020-10-12Advanced IntelligenceRoman Marshanski, Vitali Kremez
@online{marshanski:20201012:front:686add1, author = {Roman Marshanski and Vitali Kremez}, title = {{"Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon}}, date = {2020-10-12}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/front-door-into-bazarbackdoor-stealthy-cybercrime-weapon}, language = {English}, urldate = {2020-10-13} } "Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon
BazarBackdoor Cobalt Strike Ryuk
2020-07-15Advanced IntelligenceYelisey Boguslavskiy, Samantha van de Ven
@online{boguslavskiy:20200715:inside:f9b95b1, author = {Yelisey Boguslavskiy and Samantha van de Ven}, title = {{Inside REvil Extortionist “Machine”: Predictive Insights}}, date = {2020-07-15}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/inside-revil-extortionist-machine-predictive-insights}, language = {English}, urldate = {2020-07-16} } Inside REvil Extortionist “Machine”: Predictive Insights
Gandcrab REvil
2020-07-11Advanced IntelligenceVitali Kremez
@online{kremez:20200711:trickbot:602fd73, author = {Vitali Kremez}, title = {{TrickBot Group Launches Test Module Alerting on Fraud Activity}}, date = {2020-07-11}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/trickbot-group-launches-test-module-alerting-on-fraud-activity}, language = {English}, urldate = {2020-07-13} } TrickBot Group Launches Test Module Alerting on Fraud Activity
TrickBot
2020-07-10Advanced IntelligenceAdvanced Intelligence
@online{intelligence:20200710:dark:a29ccb4, author = {Advanced Intelligence}, title = {{The Dark Web of Intrigue: How REvil Used the Underground Ecosystem to Form an Extortion Cartel}}, date = {2020-07-10}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/the-dark-web-of-intrigue-how-revil-used-the-underground-ecosystem-to-form-an-extortion-cartel}, language = {English}, urldate = {2020-07-13} } The Dark Web of Intrigue: How REvil Used the Underground Ecosystem to Form an Extortion Cartel
Gandcrab REvil
2020-05-19Advanced IntelligenceAdvanced Intelligence, Bridgit Sullivan, Daniel Frey
@online{intelligence:20200519:netwalker:4681272, author = {Advanced Intelligence and Bridgit Sullivan and Daniel Frey}, title = {{NetWalker Ransomware Group Enters Advanced Targeting “Game”}}, date = {2020-05-19}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/netwalker-ransomware-group-enters-advanced-targeting-game}, language = {English}, urldate = {2020-05-23} } NetWalker Ransomware Group Enters Advanced Targeting “Game”
Mailto
2020-04-24Advanced IntelligenceBridgit Sullivan
@online{sullivan:20200424:inside:ee63bb1, author = {Bridgit Sullivan}, title = {{Inside "Phobos" Ransomware: "Dharma" Past & Underground}}, date = {2020-04-24}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/inside-phobos-ransomware-dharma-past-underground}, language = {English}, urldate = {2020-07-30} } Inside "Phobos" Ransomware: "Dharma" Past & Underground
Dharma Phobos