Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-15SUCURIBen Martin
@online{martin:20211115:fake:2be64ec, author = {Ben Martin}, title = {{Fake Ransomware Infection Spooks Website Owners}}, date = {2021-11-15}, organization = {SUCURI}, url = {https://blog.sucuri.net/2021/11/fake-ransomware-infection-spooks-website-owners.html}, language = {English}, urldate = {2021-11-18} } Fake Ransomware Infection Spooks Website Owners
2021-09-08FireEyeRyan Serabian, Lee Foster
@online{serabian:20210908:proprc:f8e9644, author = {Ryan Serabian and Lee Foster}, title = {{Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S.}}, date = {2021-09-08}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/09/pro-prc-influence-campaign-social-media-websites-forums.html}, language = {English}, urldate = {2021-09-10} } Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S.
2021-09-08US Department of JusticeUS Department of Justice
@online{justice:20210908:ukrainian:493bf23, author = {US Department of Justice}, title = {{Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website (Glib Oleksandr Ivanov-Tolpintsev)}}, date = {2021-09-08}, organization = {US Department of Justice}, url = {https://www.justice.gov/usao-mdfl/pr/ukrainian-cyber-criminal-extradited-decrypting-credentials-thousands-computers-across}, language = {English}, urldate = {2021-09-10} } Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website (Glib Oleksandr Ivanov-Tolpintsev)
2021-07-12JPCERT/CCYuma Masubuchi, Shusei Tomonaga
@online{masubuchi:20210712:attack:a8f8d3b, author = {Yuma Masubuchi and Shusei Tomonaga}, title = {{Attack Exploiting XSS Vulnerability in E-commerce Websites}}, date = {2021-07-12}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/07/water_pamola.html}, language = {English}, urldate = {2021-07-20} } Attack Exploiting XSS Vulnerability in E-commerce Websites
Unidentified JS 005 (Stealer)
2021-06-12YouTube (BSidesBoulder)Kurt Baumgartner, Kaspersky
@online{baumgartner:20210612:same:49bc254, author = {Kurt Baumgartner and Kaspersky}, title = {{Same and Different - sesame street level attribution}}, date = {2021-06-12}, organization = {YouTube (BSidesBoulder)}, url = {https://youtu.be/SW8kVkwDOrc?t=24706}, language = {English}, urldate = {2021-06-21} } Same and Different - sesame street level attribution
Kazuar SUNBURST
2021-05-06Group-IBViktor Okorokov
@online{okorokov:20210506:grelosgtm:7324b2c, author = {Viktor Okorokov}, title = {{GrelosGTM group abuses Google Tag Manager to attack e-commerce websites}}, date = {2021-05-06}, organization = {Group-IB}, url = {https://blog.group-ib.com/grelosgtm}, language = {English}, urldate = {2021-06-16} } GrelosGTM group abuses Google Tag Manager to attack e-commerce websites
2021-04-19InfoSec Handlers Diary BlogJan Kopriva
@online{kopriva:20210419:hunting:021a759, author = {Jan Kopriva}, title = {{Hunting phishing websites with favicon hashes}}, date = {2021-04-19}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/forums/diary/Hunting+phishing+websites+with+favicon+hashes/27326/}, language = {English}, urldate = {2021-04-20} } Hunting phishing websites with favicon hashes
2021-03-24BitdefenderSilvia Pripoae, Silviu Stahie
@online{pripoae:20210324:golang:3b5156a, author = {Silvia Pripoae and Silviu Stahie}, title = {{Golang Bot Starts Targeting WordPress Websites}}, date = {2021-03-24}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/03/golang-bot-starts-targeting-wordpress-websites/}, language = {English}, urldate = {2021-03-25} } Golang Bot Starts Targeting WordPress Websites
2021-03-24Palo Alto Networks Unit 42Lucas Hu
@online{hu:20210324:fake:c715b76, author = {Lucas Hu}, title = {{Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech}}, date = {2021-03-24}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/covid-19-themed-phishing-attacks/}, language = {English}, urldate = {2021-03-25} } Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech
2021-03-02Cisco TalosAsheer Malhotra
@online{malhotra:20210302:obliquerat:f7504fa, author = {Asheer Malhotra}, title = {{ObliqueRAT returns with new campaign using hijacked websites}}, date = {2021-03-02}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2021/02/obliquerat-new-campaign.html}, language = {English}, urldate = {2021-03-04} } ObliqueRAT returns with new campaign using hijacked websites
Oblique RAT
2021-02-20MalpediaMalpedia
@online{malpedia:20210220:malpedia:db1282e, author = {Malpedia}, title = {{Malpedia Website for Malware Family Team TNT}}, date = {2021-02-20}, organization = {Malpedia}, url = {https://malpedia.caad.fkie.fraunhofer.de/details/elf.teamtnt}, language = {English}, urldate = {2021-03-12} } Malpedia Website for Malware Family Team TNT
TeamTNT TeamTNT
2021-01-24Darren’s WebsiteDarren Martyn
@online{martyn:20210124:visualdoor:3e91780, author = {Darren Martyn}, title = {{VisualDoor: SonicWall SSL-VPN Exploit}}, date = {2021-01-24}, organization = {Darren’s Website}, url = {https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/amp/?__twitter_impression=true}, language = {English}, urldate = {2021-01-25} } VisualDoor: SonicWall SSL-VPN Exploit
2020-12-23FBIFBI
@online{fbi:20201223:iranian:e252f2e, author = {FBI}, title = {{Iranian Cyber Actors Responsible for Website Threatening U.S. Election Officials}}, date = {2020-12-23}, organization = {FBI}, url = {https://www.fbi.gov/news/pressrel/press-releases/iranian-cyber-actors-responsible-for-website-threatening-us-election-officials}, language = {English}, urldate = {2020-12-26} } Iranian Cyber Actors Responsible for Website Threatening U.S. Election Officials
2020-11-06VolexitySteven Adair, Thomas Lancaster, Volexity Threat Research
@online{adair:20201106:oceanlotus:f7b11ac, author = {Steven Adair and Thomas Lancaster and Volexity Threat Research}, title = {{OceanLotus: Extending Cyber Espionage Operations Through Fake Websites}}, date = {2020-11-06}, organization = {Volexity}, url = {https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/}, language = {English}, urldate = {2020-11-09} } OceanLotus: Extending Cyber Espionage Operations Through Fake Websites
Cobalt Strike KerrDown APT32
2020-10-20Bundesamt für Sicherheit in der InformationstechnikBSI
@online{bsi:20201020:die:0683ad4, author = {BSI}, title = {{Die Lage der IT-Sicherheit in Deutschland 2020}}, date = {2020-10-20}, organization = {Bundesamt für Sicherheit in der Informationstechnik}, url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2020.pdf?__blob=publicationFile&v=2}, language = {German}, urldate = {2020-10-21} } Die Lage der IT-Sicherheit in Deutschland 2020
Clop Emotet REvil Ryuk TrickBot
2020-10-14FBIFBI
@techreport{fbi:20201014:cp000135dm:13d0f65, author = {FBI}, title = {{CP-000135-DM: Unattributed Entities Register Domains Spoofing the US Census Bureau’s Websites, Likely for Malicious Use}}, date = {2020-10-14}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2020/201106.pdf}, language = {English}, urldate = {2020-11-09} } CP-000135-DM: Unattributed Entities Register Domains Spoofing the US Census Bureau’s Websites, Likely for Malicious Use
2020-07-29FireEyeLee Foster, Sam Riddell, David Mainor, Gabby Roncone
@online{foster:20200729:ghostwriter:0d042f4, author = {Lee Foster and Sam Riddell and David Mainor and Gabby Roncone}, title = {{'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests}}, date = {2020-07-29}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/07/ghostwriter-influence-campaign.html}, language = {English}, urldate = {2021-04-06} } 'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests
Ghostwriter
2020-07-29MandiantMandiant
@techreport{mandiant:20200729:ghostwriter:c81a10a, author = {Mandiant}, title = {{‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests}}, date = {2020-07-29}, institution = {Mandiant}, url = {https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/Ghostwriter-Influence-Campaign.pdf}, language = {English}, urldate = {2020-07-30} } ‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests
2020-06-26Department of JusticeDepartment of Justice
@online{justice:20200626:russian:276b274, author = {Department of Justice}, title = {{Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities}}, date = {2020-06-26}, organization = {Department of Justice}, url = {https://www.justice.gov/opa/pr/russian-national-sentenced-prison-operating-websites-devoted-fraud-and-malicious-cyber}, language = {English}, urldate = {2020-06-29} } Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities
2020-06-15ZDNetCatalin Cimpanu
@online{cimpanu:20200615:web:a10a55d, author = {Catalin Cimpanu}, title = {{Web skimmers found on the websites of Intersport, Claire's, and Icing}}, date = {2020-06-15}, organization = {ZDNet}, url = {https://www.zdnet.com/article/web-skimmers-found-on-the-websites-of-intersport-claires-and-icing/}, language = {English}, urldate = {2020-06-16} } Web skimmers found on the websites of Intersport, Claire's, and Icing
magecart