Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-08ProofpointAxel F
@online{f:20230208:screentime:6bc258a, author = {Axel F}, title = {{Screentime: Sometimes It Feels Like Somebody's Watching Me}}, date = {2023-02-08}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/screentime-sometimes-it-feels-like-somebodys-watching-me}, language = {English}, urldate = {2023-02-13} } Screentime: Sometimes It Feels Like Somebody's Watching Me
WasabiSeed
2022-11-16ProofpointPim Trouerbach, Axel F
@online{trouerbach:20221116:comprehensive:8278b4e, author = {Pim Trouerbach and Axel F}, title = {{A Comprehensive Look at Emotet Virus’ Fall 2022 Return}}, date = {2022-11-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/comprehensive-look-emotets-fall-2022-return}, language = {English}, urldate = {2023-08-11} } A Comprehensive Look at Emotet Virus’ Fall 2022 Return
BumbleBee Emotet PHOTOLITE
2022-05-11ProofpointAndrew Northern, Pim Trouerbach, Tony Robinson, Axel F
@online{northern:20220511:nerbian:bd26bbb, author = {Andrew Northern and Pim Trouerbach and Tony Robinson and Axel F}, title = {{Nerbian RAT Using COVID-19 Themes Features Sophisticated Evasion Techniques}}, date = {2022-05-11}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/nerbian-rat-using-covid-19-themes-features-sophisticated-evasion-techniques}, language = {English}, urldate = {2022-05-11} } Nerbian RAT Using COVID-19 Themes Features Sophisticated Evasion Techniques
Nerbian RAT
2022-04-26ProofpointAxel F
@online{f:20220426:emotet:afb4f87, author = {Axel F}, title = {{Emotet Tests New Delivery Techniques}}, date = {2022-04-26}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/emotet-tests-new-delivery-techniques}, language = {English}, urldate = {2022-04-29} } Emotet Tests New Delivery Techniques
Emotet
2021-10-28ProofpointAxel F, Selena Larson
@online{f:20211028:ta575:c1cfdd7, author = {Axel F and Selena Larson}, title = {{TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware}}, date = {2021-10-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta575-uses-squid-game-lures-distribute-dridex-malware}, language = {English}, urldate = {2021-11-03} } TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware
DoppelDridex
2021-10-19ProofpointZydeca Cass, Axel F, Crista Giering, Matthew Mesa, Georgi Mladenov, Brandon Murphy
@online{cass:20211019:whatta:4d969e1, author = {Zydeca Cass and Axel F and Crista Giering and Matthew Mesa and Georgi Mladenov and Brandon Murphy}, title = {{Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant}}, date = {2021-10-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/whatta-ta-ta505-ramps-activity-delivers-new-flawedgrace-variant}, language = {English}, urldate = {2021-10-24} } Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
FlawedGrace MirrorBlast
2021-06-10ProofpointAxel F
@online{f:20210610:ransom:749613f, author = {Axel F}, title = {{Ransom DDoS Extortion Actor “Fancy Lazarus” Returns}}, date = {2021-06-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ransom-ddos-extortion-actor-fancy-lazarus-returns}, language = {English}, urldate = {2021-06-16} } Ransom DDoS Extortion Actor “Fancy Lazarus” Returns
2021-01-26ProofpointDennis Schwarz, Axel F., Brandon Murphy
@online{schwarz:20210126:new:2eefe69, author = {Dennis Schwarz and Axel F. and Brandon Murphy}, title = {{New Year, New Version of DanaBot}}, date = {2021-01-26}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-year-new-version-danabot}, language = {English}, urldate = {2021-01-27} } New Year, New Version of DanaBot
DanaBot
2020-10-01ProofpointAxel F, Proofpoint Threat Research Team
@online{f:20201001:emotet:59780d9, author = {Axel F and Proofpoint Threat Research Team}, title = {{Emotet Makes Timely Adoption of Political and Elections Lures}}, date = {2020-10-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/emotet-makes-timely-adoption-political-and-elections-lures}, language = {English}, urldate = {2020-10-05} } Emotet Makes Timely Adoption of Political and Elections Lures
Emotet
2020-08-28ProofpointAxel F, Proofpoint Threat Research Team
@online{f:20200828:comprehensive:df5ff9b, author = {Axel F and Proofpoint Threat Research Team}, title = {{A Comprehensive Look at Emotet’s Summer 2020 Return}}, date = {2020-08-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/comprehensive-look-emotets-summer-2020-return}, language = {English}, urldate = {2020-08-30} } A Comprehensive Look at Emotet’s Summer 2020 Return
Emotet MUMMY SPIDER
2020-03-18ProofpointAxel F, Sam Scholten
@online{f:20200318:coronavirus:8fe12a3, author = {Axel F and Sam Scholten}, title = {{Coronavirus Threat Landscape Update}}, date = {2020-03-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/coronavirus-threat-landscape-update}, language = {English}, urldate = {2020-03-26} } Coronavirus Threat Landscape Update
Agent Tesla Get2 ISFB Remcos
2020-03-16ProofpointJeremy H, Axel F, Proofpoint Threat Insight Team
@online{h:20200316:new:60f8c3d, author = {Jeremy H and Axel F and Proofpoint Threat Insight Team}, title = {{New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign}}, date = {2020-03-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/new-redline-stealer-distributed-using-coronavirus-themed-email-campaign}, language = {English}, urldate = {2020-03-17} } New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign
RedLine Stealer
2019-12-04ProofpointKelsey Merriman, Dennis Schwarz, Kafeine, Axel F
@online{merriman:20191204:buer:6c413aa, author = {Kelsey Merriman and Dennis Schwarz and Kafeine and Axel F}, title = {{Buer, a new loader emerges in the underground marketplace}}, date = {2019-12-04}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/buer-new-loader-emerges-underground-marketplace}, language = {English}, urldate = {2020-01-06} } Buer, a new loader emerges in the underground marketplace
Buer
2019-10-16ProofpointDennis Schwarz, Kafeine, Matthew Mesa, Axel F, Proofpoint Threat Insight Team
@online{schwarz:20191016:ta505:9d7155a, author = {Dennis Schwarz and Kafeine and Matthew Mesa and Axel F and Proofpoint Threat Insight Team}, title = {{TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader}}, date = {2019-10-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/ta505-distributes-new-sdbbot-remote-access-trojan-get2-downloader}, language = {English}, urldate = {2020-01-10} } TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader
Get2 SDBbot TA505
2019-05-15ProofpointAxel F, Proofpoint Threat Insight Team
@online{f:20190515:threat:06b415a, author = {Axel F and Proofpoint Threat Insight Team}, title = {{Threat Actor Profile: TA542, From Banker to Malware Distribution Service}}, date = {2019-05-15}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta542-banker-malware-distribution-service}, language = {English}, urldate = {2019-12-20} } Threat Actor Profile: TA542, From Banker to Malware Distribution Service
Emotet MUMMY SPIDER
2017-10-16ProofpointAxel F, Pierre T
@online{f:20171016:leviathan:a898346, author = {Axel F and Pierre T}, title = {{Leviathan: Espionage actor spearphishes maritime and defense targets}}, date = {2017-10-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets}, language = {English}, urldate = {2019-12-20} } Leviathan: Espionage actor spearphishes maritime and defense targets
NanHaiShu SeDll APT40
2017-06-01ProofpointMatthew Mesa, Axel F, Pierre T, Travis Green
@online{mesa:20170601:microsoft:77dd3ab, author = {Matthew Mesa and Axel F and Pierre T and Travis Green}, title = {{Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions}}, date = {2017-06-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/microsoft-word-intruder-integrates-cve-2017-0199-utilized-cobalt-group-target}, language = {English}, urldate = {2019-12-20} } Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions
Cobalt
2017-04-27ProofpointAxel F
@online{f:20170427:targets:b3540fd, author = {Axel F}, title = {{APT Targets Financial Analysts with CVE-2017-0199}}, date = {2017-04-27}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/apt-targets-financial-analysts}, language = {English}, urldate = {2019-12-20} } APT Targets Financial Analysts with CVE-2017-0199
TA459
2017-02-02ProofpointDarien Huss, Pierre T, Axel F, Proofpoint Staff
@online{huss:20170202:oops:ea454d5, author = {Darien Huss and Pierre T and Axel F and Proofpoint Staff}, title = {{Oops, they did it again: APT Targets Russia and Belarus with ZeroT and PlugX}}, date = {2017-02-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/APT-targets-russia-belarus-zerot-plugx}, language = {English}, urldate = {2019-12-20} } Oops, they did it again: APT Targets Russia and Belarus with ZeroT and PlugX
ZeroT
2016-07-07ProofpointAxel F
@online{f:20160707:nettraveler:a613df3, author = {Axel F}, title = {{NetTraveler APT Targets Russian, European Interests}}, date = {2016-07-07}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/nettraveler-apt-targets-russian-european-interests}, language = {English}, urldate = {2019-12-20} } NetTraveler APT Targets Russian, European Interests
NetTraveler APT21