Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-24Palo Alto Networks Unit 42Lucas Hu
@online{hu:20210324:fake:c715b76, author = {Lucas Hu}, title = {{Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech}}, date = {2021-03-24}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/covid-19-themed-phishing-attacks/}, language = {English}, urldate = {2021-03-25} } Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech
2021-03-24BitdefenderSilvia Pripoae, Silviu Stahie
@online{pripoae:20210324:golang:3b5156a, author = {Silvia Pripoae and Silviu Stahie}, title = {{Golang Bot Starts Targeting WordPress Websites}}, date = {2021-03-24}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/03/golang-bot-starts-targeting-wordpress-websites/}, language = {English}, urldate = {2021-03-25} } Golang Bot Starts Targeting WordPress Websites
2021-03-02Cisco TalosAsheer Malhotra
@online{malhotra:20210302:obliquerat:f7504fa, author = {Asheer Malhotra}, title = {{ObliqueRAT returns with new campaign using hijacked websites}}, date = {2021-03-02}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2021/02/obliquerat-new-campaign.html}, language = {English}, urldate = {2021-03-04} } ObliqueRAT returns with new campaign using hijacked websites
Oblique RAT
2021-02-20MalpediaMalpedia
@online{malpedia:20210220:malpedia:db1282e, author = {Malpedia}, title = {{Malpedia Website for Malware Family Team TNT}}, date = {2021-02-20}, organization = {Malpedia}, url = {https://malpedia.caad.fkie.fraunhofer.de/details/elf.teamtnt}, language = {English}, urldate = {2021-03-12} } Malpedia Website for Malware Family Team TNT
TeamTNT TeamTNT
2021-01-24Darren’s WebsiteDarren Martyn
@online{martyn:20210124:visualdoor:3e91780, author = {Darren Martyn}, title = {{VisualDoor: SonicWall SSL-VPN Exploit}}, date = {2021-01-24}, organization = {Darren’s Website}, url = {https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/amp/?__twitter_impression=true}, language = {English}, urldate = {2021-01-25} } VisualDoor: SonicWall SSL-VPN Exploit
2020-12-23FBIFBI
@online{fbi:20201223:iranian:e252f2e, author = {FBI}, title = {{Iranian Cyber Actors Responsible for Website Threatening U.S. Election Officials}}, date = {2020-12-23}, organization = {FBI}, url = {https://www.fbi.gov/news/pressrel/press-releases/iranian-cyber-actors-responsible-for-website-threatening-us-election-officials}, language = {English}, urldate = {2020-12-26} } Iranian Cyber Actors Responsible for Website Threatening U.S. Election Officials
2020-11-06VolexitySteven Adair, Thomas Lancaster, Volexity Threat Research
@online{adair:20201106:oceanlotus:f7b11ac, author = {Steven Adair and Thomas Lancaster and Volexity Threat Research}, title = {{OceanLotus: Extending Cyber Espionage Operations Through Fake Websites}}, date = {2020-11-06}, organization = {Volexity}, url = {https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/}, language = {English}, urldate = {2020-11-09} } OceanLotus: Extending Cyber Espionage Operations Through Fake Websites
Cobalt Strike KerrDown APT32
2020-10-20Bundesamt für Sicherheit in der InformationstechnikBSI
@online{bsi:20201020:die:0683ad4, author = {BSI}, title = {{Die Lage der IT-Sicherheit in Deutschland 2020}}, date = {2020-10-20}, organization = {Bundesamt für Sicherheit in der Informationstechnik}, url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2020.pdf?__blob=publicationFile&v=2}, language = {German}, urldate = {2020-10-21} } Die Lage der IT-Sicherheit in Deutschland 2020
Clop Emotet REvil Ryuk TrickBot
2020-10-14FBIFBI
@techreport{fbi:20201014:cp000135dm:13d0f65, author = {FBI}, title = {{CP-000135-DM: Unattributed Entities Register Domains Spoofing the US Census Bureau’s Websites, Likely for Malicious Use}}, date = {2020-10-14}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2020/201106.pdf}, language = {English}, urldate = {2020-11-09} } CP-000135-DM: Unattributed Entities Register Domains Spoofing the US Census Bureau’s Websites, Likely for Malicious Use
2020-07-29FireEyeLee Foster, Sam Riddell, David Mainor, Gabby Roncone
@online{foster:20200729:ghostwriter:0d042f4, author = {Lee Foster and Sam Riddell and David Mainor and Gabby Roncone}, title = {{'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests}}, date = {2020-07-29}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/07/ghostwriter-influence-campaign.html}, language = {English}, urldate = {2021-04-06} } 'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests
Ghostwriter
2020-07-29MandiantMandiant
@techreport{mandiant:20200729:ghostwriter:c81a10a, author = {Mandiant}, title = {{‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests}}, date = {2020-07-29}, institution = {Mandiant}, url = {https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/Ghostwriter-Influence-Campaign.pdf}, language = {English}, urldate = {2020-07-30} } ‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests
2020-06-26Department of JusticeDepartment of Justice
@online{justice:20200626:russian:276b274, author = {Department of Justice}, title = {{Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities}}, date = {2020-06-26}, organization = {Department of Justice}, url = {https://www.justice.gov/opa/pr/russian-national-sentenced-prison-operating-websites-devoted-fraud-and-malicious-cyber}, language = {English}, urldate = {2020-06-29} } Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities
2020-06-15ZDNetCatalin Cimpanu
@online{cimpanu:20200615:web:a10a55d, author = {Catalin Cimpanu}, title = {{Web skimmers found on the websites of Intersport, Claire's, and Icing}}, date = {2020-06-15}, organization = {ZDNet}, url = {https://www.zdnet.com/article/web-skimmers-found-on-the-websites-of-intersport-claires-and-icing/}, language = {English}, urldate = {2020-06-16} } Web skimmers found on the websites of Intersport, Claire's, and Icing
magecart
2020-01-27Group-IBVesta Matveeva
@online{matveeva:20200127:operation:0a2260a, author = {Vesta Matveeva}, title = {{Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world}}, date = {2020-01-27}, organization = {Group-IB}, url = {https://www.group-ib.com/media/night-fury/}, language = {English}, urldate = {2020-01-28} } Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world
2020-01-03Youtube (BSides Belfast)Brian Bartholomew
@online{bartholomew:20200103:nice:ddc5c57, author = {Brian Bartholomew}, title = {{Nice One, Dad: Dissecting A Rare Malware Used By Leviathan}}, date = {2020-01-03}, organization = {Youtube (BSides Belfast)}, url = {https://www.youtube.com/watch?v=vx9IB88wXSE}, language = {English}, urldate = {2020-01-13} } Nice One, Dad: Dissecting A Rare Malware Used By Leviathan
DADJOKE
2020-01-03Youtube (BSides Belfast)Nick Summerlin, Jorge Rodriguez
@online{summerlin:20200103:demystifying:c0a1a19, author = {Nick Summerlin and Jorge Rodriguez}, title = {{Demystifying QBot Banking Trojan}}, date = {2020-01-03}, organization = {Youtube (BSides Belfast)}, url = {https://www.youtube.com/watch?v=iB1psRMtlqg}, language = {English}, urldate = {2020-02-21} } Demystifying QBot Banking Trojan
QakBot
2019-09-24Cisco TalosWarren Mercer, Paul Rascagnères, Jungsoo An
@online{mercer:20190924:how:ac2b53e, author = {Warren Mercer and Paul Rascagnères and Jungsoo An}, title = {{How Tortoiseshell created a fake veteran hiring website to host malware}}, date = {2019-09-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/09/tortoiseshell-fake-veterans.html}, language = {English}, urldate = {2019-12-02} } How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit
2019-09-20Trend MicroLuis Magisa
@online{magisa:20190920:mac:c83a228, author = {Luis Magisa}, title = {{Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website}}, date = {2019-09-20}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/mac-malware-that-spoofs-trading-app-steals-user-information-uploads-it-to-website/}, language = {English}, urldate = {2020-05-19} } Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website
Gmera
2019-04-11Dr.WebDr. Web
@online{web:20190411:official:b0ce6e2, author = {Dr. Web}, title = {{The official website of a popular video editing software was infected with a banking trojan}}, date = {2019-04-11}, organization = {Dr.Web}, url = {https://news.drweb.com/show/?i=13242&lng=en}, language = {English}, urldate = {2020-01-10} } The official website of a popular video editing software was infected with a banking trojan
KPOT Stealer
2019-03-02Ido Naor
@online{naor:20190302:israeli:f2685e6, author = {Ido Naor}, title = {{An Israeli website nagish[.]co[.]il was compromised and one of its subdomains (embedded in dozens of websites (including gov and media) became temporary water holes for Israeli residents.}}, date = {2019-03-02}, url = {https://twitter.com/IdoNaor1/status/1101936940297924608}, language = {English}, urldate = {2019-10-17} } An Israeli website nagish[.]co[.]il was compromised and one of its subdomains (embedded in dozens of websites (including gov and media) became temporary water holes for Israeli residents.
JCry