Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-25ReutersRaphael Satter, James Pearson, Christopher Bing
@online{satter:20220525:russian:0d05639, author = {Raphael Satter and James Pearson and Christopher Bing}, title = {{Russian hackers are linked to new Brexit leak website, Google says}}, date = {2022-05-25}, organization = {Reuters}, url = {https://www.reuters.com/technology/exclusive-russian-hackers-are-linked-new-brexit-leak-website-google-says-2022-05-25/}, language = {English}, urldate = {2022-05-25} } Russian hackers are linked to new Brexit leak website, Google says
2022-05-17Advanced IntelligenceVitali Kremez, Yelisey Boguslavskiy
@online{kremez:20220517:hydra:16615d9, author = {Vitali Kremez and Yelisey Boguslavskiy}, title = {{Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups}}, date = {2022-05-17}, organization = {Advanced Intelligence}, url = {https://www.advintel.io/post/hydra-with-three-heads-blackbyte-the-future-of-ransomware-subsidiary-groups}, language = {English}, urldate = {2022-05-25} } Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups
BlackByte Conti
2022-04-27Trend MicroDaniel Lunghi, Jaromír Hořejší
@online{lunghi:20220427:new:9068f6e, author = {Daniel Lunghi and Jaromír Hořejší}, title = {{New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware}}, date = {2022-04-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/new-apt-group-earth-berberoka-targets-gambling-websites-with-old.html}, language = {English}, urldate = {2022-05-04} } New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware
AsyncRAT Ghost RAT PlugX Quasar RAT
2022-04-22SUCURISucuri
@techreport{sucuri:20220422:2021:e28e63b, author = {Sucuri}, title = {{2021 Website Threat Research Report}}, date = {2022-04-22}, institution = {SUCURI}, url = {https://sucuri.net/wp-content/uploads/2022/04/22-sucuri-2021-hacked-report.pdf}, language = {English}, urldate = {2022-05-04} } 2021 Website Threat Research Report
2022-04-20Expats.czČTK
@online{tk:20220420:russian:2925bf4, author = {ČTK}, title = {{Russian hackers target Czech websites in a series of cyberattacks}}, date = {2022-04-20}, organization = {Expats.cz}, url = {https://www.expats.cz/czech-news/article/pro-russian-hackers-target-czech-websites-in-a-series-of-attacks}, language = {English}, urldate = {2022-04-25} } Russian hackers target Czech websites in a series of cyberattacks
Killnet
2022-04-10Digital Information WorldHura Anwar
@online{anwar:20220410:threatening:784ed0e, author = {Hura Anwar}, title = {{Threatening Redirect Web Service Instills Malicious Campaigns In Over 16,500 Websites}}, date = {2022-04-10}, organization = {Digital Information World}, url = {https://www.digitalinformationworld.com/2022/04/threatening-redirect-web-service.html}, language = {English}, urldate = {2022-05-05} } Threatening Redirect Web Service Instills Malicious Campaigns In Over 16,500 Websites
FAKEUPDATES
2022-03-18RiskIQJennifer Grob, RiskIQ
@online{grob:20220318:riskiq:3c630e5, author = {Jennifer Grob and RiskIQ}, title = {{RiskIQ: Fraudulent Website Attempts to Collect Donations in Support of Ukraine Humanitarian Fund (UHF)}}, date = {2022-03-18}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/c9a9e8a6}, language = {English}, urldate = {2022-03-22} } RiskIQ: Fraudulent Website Attempts to Collect Donations in Support of Ukraine Humanitarian Fund (UHF)
2022-03-16RiskIQJennifer Grob, RiskIQ
@online{grob:20220316:riskiq:6615264, author = {Jennifer Grob and RiskIQ}, title = {{RiskIQ: Website Spoofed Ukrainian "Official site of the PrivatBank Charitable Foundation" to Skim Credit Card Data}}, date = {2022-03-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/57a3509b}, language = {English}, urldate = {2022-03-22} } RiskIQ: Website Spoofed Ukrainian "Official site of the PrivatBank Charitable Foundation" to Skim Credit Card Data
2022-03-10Bleeping ComputerBill Toulas
@online{toulas:20220310:corporate:30fac0b, author = {Bill Toulas}, title = {{Corporate website contact forms used to spread BazarBackdoor malware}}, date = {2022-03-10}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/corporate-website-contact-forms-used-to-spread-bazarbackdoor-malware/}, language = {English}, urldate = {2022-03-14} } Corporate website contact forms used to spread BazarBackdoor malware
BazarBackdoor
2022-03-09AbnormalBelem Regalado, Rachelle Chouinard
@online{regalado:20220309:bazarloader:09cc5d7, author = {Belem Regalado and Rachelle Chouinard}, title = {{BazarLoader Actors Initiate Contact via Website Contact Forms}}, date = {2022-03-09}, organization = {Abnormal}, url = {https://abnormalsecurity.com/blog/bazarloader-contact-form}, language = {English}, urldate = {2022-05-04} } BazarLoader Actors Initiate Contact via Website Contact Forms
BazarBackdoor
2022-03-01RiskIQJennifer Grob
@online{grob:20220301:riskiq:660957b, author = {Jennifer Grob}, title = {{RiskIQ: Fraudulent Website Spoofing UNHCR for Ukrainian Refugees Seeks Bitcoin Donations}}, date = {2022-03-01}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/1531a4e2}, language = {English}, urldate = {2022-03-07} } RiskIQ: Fraudulent Website Spoofing UNHCR for Ukrainian Refugees Seeks Bitcoin Donations
2022-02-20Cado SecurityCado Security
@online{security:20220220:technical:9232633, author = {Cado Security}, title = {{Technical Analysis of the DDoS Attacks against Ukrainian Websites}}, date = {2022-02-20}, organization = {Cado Security}, url = {https://www.cadosecurity.com/technical-analysis-of-the-ddos-attacks-against-ukrainian-websites/}, language = {English}, urldate = {2022-02-26} } Technical Analysis of the DDoS Attacks against Ukrainian Websites
Mirai
2021-12-31victory mediumZach Edwards
@online{edwards:20211231:compromised:3ee8044, author = {Zach Edwards}, title = {{Compromised Godaddy Infrastructure Attacking Numerous U.S. Government Websites to Promote “Canadian Pharmacy” Scam Websites}}, date = {2021-12-31}, organization = {victory medium}, url = {https://victorymedium.com/godaddy-global-issues-canadian-pharmacy-injections/}, language = {English}, urldate = {2022-01-25} } Compromised Godaddy Infrastructure Attacking Numerous U.S. Government Websites to Promote “Canadian Pharmacy” Scam Websites
2021-11-29Trend MicroJaromír Hořejší
@online{hoej:20211129:campaign:6e23cf5, author = {Jaromír Hořejší}, title = {{Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites}}, date = {2021-11-29}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/k/campaign-abusing-rats-uses-fake-websites.html}, language = {English}, urldate = {2021-12-07} } Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites
AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos
2021-11-15SUCURIBen Martin
@online{martin:20211115:fake:2be64ec, author = {Ben Martin}, title = {{Fake Ransomware Infection Spooks Website Owners}}, date = {2021-11-15}, organization = {SUCURI}, url = {https://blog.sucuri.net/2021/11/fake-ransomware-infection-spooks-website-owners.html}, language = {English}, urldate = {2021-11-18} } Fake Ransomware Infection Spooks Website Owners
2021-09-08FireEyeRyan Serabian, Lee Foster
@online{serabian:20210908:proprc:f8e9644, author = {Ryan Serabian and Lee Foster}, title = {{Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S.}}, date = {2021-09-08}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/09/pro-prc-influence-campaign-social-media-websites-forums.html}, language = {English}, urldate = {2021-09-10} } Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S.
2021-09-08US Department of JusticeUS Department of Justice
@online{justice:20210908:ukrainian:493bf23, author = {US Department of Justice}, title = {{Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website (Glib Oleksandr Ivanov-Tolpintsev)}}, date = {2021-09-08}, organization = {US Department of Justice}, url = {https://www.justice.gov/usao-mdfl/pr/ukrainian-cyber-criminal-extradited-decrypting-credentials-thousands-computers-across}, language = {English}, urldate = {2021-09-10} } Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website (Glib Oleksandr Ivanov-Tolpintsev)
2021-07-12JPCERT/CCYuma Masubuchi, Shusei Tomonaga
@online{masubuchi:20210712:attack:a8f8d3b, author = {Yuma Masubuchi and Shusei Tomonaga}, title = {{Attack Exploiting XSS Vulnerability in E-commerce Websites}}, date = {2021-07-12}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/07/water_pamola.html}, language = {English}, urldate = {2021-07-20} } Attack Exploiting XSS Vulnerability in E-commerce Websites
Unidentified JS 005 (Stealer)
2021-06-12YouTube (BSidesBoulder)Kurt Baumgartner, Kaspersky
@online{baumgartner:20210612:same:49bc254, author = {Kurt Baumgartner and Kaspersky}, title = {{Same and Different - sesame street level attribution}}, date = {2021-06-12}, organization = {YouTube (BSidesBoulder)}, url = {https://youtu.be/SW8kVkwDOrc?t=24706}, language = {English}, urldate = {2021-06-21} } Same and Different - sesame street level attribution
Kazuar SUNBURST
2021-05-06Group-IBViktor Okorokov
@online{okorokov:20210506:grelosgtm:7324b2c, author = {Viktor Okorokov}, title = {{GrelosGTM group abuses Google Tag Manager to attack e-commerce websites}}, date = {2021-05-06}, organization = {Group-IB}, url = {https://blog.group-ib.com/grelosgtm}, language = {English}, urldate = {2021-06-16} } GrelosGTM group abuses Google Tag Manager to attack e-commerce websites