Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-19GoogleBilly Leonard
@online{leonard:20220719:continued:2a97da1, author = {Billy Leonard}, title = {{Continued cyber activity in Eastern Europe observed by TAG}}, date = {2022-07-19}, organization = {Google}, url = {https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag}, language = {English}, urldate = {2022-08-05} } Continued cyber activity in Eastern Europe observed by TAG
CyberAzov Callisto Ghostwriter Sandworm Sofacy Turla Group
2022-07-19GoogleBilly Leonard
@online{leonard:20220719:continued:e1dd77e, author = {Billy Leonard}, title = {{Continued cyber activity in Eastern Europe observed by TAG}}, date = {2022-07-19}, organization = {Google}, url = {https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag/}, language = {English}, urldate = {2022-07-25} } Continued cyber activity in Eastern Europe observed by TAG
CyberAzov
2022-07-08Twitter (@billyleonard)Billy Leonard
@online{leonard:20220708:twiiter:d77eb54, author = {Billy Leonard}, title = {{Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.}}, date = {2022-07-08}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1545461166377508865}, language = {English}, urldate = {2022-07-25} } Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.
2022-05-03GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20220503:update:cee4563, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Update on cyber activity in Eastern Europe}}, date = {2022-05-03}, organization = {Google}, url = {https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/}, language = {English}, urldate = {2022-05-04} } Update on cyber activity in Eastern Europe
Curious Gorge
2022-03-30GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20220330:tracking:faab472, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tracking cyber activity in Eastern Europe}}, date = {2022-03-30}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe/}, language = {English}, urldate = {2022-03-31} } Tracking cyber activity in Eastern Europe
2022-03-30GoogleBilly Leonard
@online{leonard:20220330:tracking:ff3709f, author = {Billy Leonard}, title = {{Tracking cyber activity in Eastern Europe}}, date = {2022-03-30}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe}, language = {English}, urldate = {2022-05-08} } Tracking cyber activity in Eastern Europe
Curious Gorge
2022-01-14Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20220114:apt28:6c659cc, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on APT28 credential phishing campaigns targeting Ukraine}}, date = {2022-01-14}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1482034733072752640}, language = {English}, urldate = {2022-01-18} } Tweet on APT28 credential phishing campaigns targeting Ukraine
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211110:rekoobe:2f64840, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012}}, date = {2021-11-10}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1458531997576572929}, language = {English}, urldate = {2021-11-17} } Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-10-07Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211007:iocs:db42716, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on IOCs related to APT28}}, date = {2021-10-07}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1446226367008313344}, language = {English}, urldate = {2021-11-17} } Tweet on IOCs related to APT28
2021-07-21Twitter (@billyleonard)Billy Leonard
@online{leonard:20210721:apt31:95e177c, author = {Billy Leonard}, title = {{Tweet on APT31 using a router implant.}}, date = {2021-07-21}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1417910729005490177}, language = {English}, urldate = {2021-12-17} } Tweet on APT31 using a router implant.
SoWaT
2017-12-09BlueHat Security ConferenceBilly Leonard, Google Threat Analysis Group
@online{leonard:20171209:10:8af1565, author = {Billy Leonard and Google Threat Analysis Group}, title = {{10 Years of Targeted Credential Phishing}}, date = {2017-12-09}, organization = {BlueHat Security Conference}, url = {https://www.slideshare.net/MSbluehat/10-years-of-targeted-credential-phishing-billy-leonard}, language = {English}, urldate = {2021-05-17} } 10 Years of Targeted Credential Phishing
2014-09-05GoogleNeel Mehta, Billy Leonard, Shane Huntiey
@techreport{mehta:20140905:peering:8ce5720, author = {Neel Mehta and Billy Leonard and Shane Huntiey}, title = {{Peering Into the Aquarium: Analysis of a Sophisticated Multi-Stage Malware Family}}, date = {2014-09-05}, institution = {Google}, url = {https://assets.documentcloud.org/documents/3461560/Google-Aquarium-Clean.pdf}, language = {English}, urldate = {2020-07-30} } Peering Into the Aquarium: Analysis of a Sophisticated Multi-Stage Malware Family
X-Agent