Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-07-08BlackberryBlackBerry Research & Intelligence Team
@online{team:20230708:romcom:4c7d096, author = {BlackBerry Research & Intelligence Team}, title = {{RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit}}, date = {2023-07-08}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/07/romcom-targets-ukraine-nato-membership-talks-at-nato-summit}, language = {English}, urldate = {2023-07-10} } RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit
ROMCOM RAT
2023-05-08BlackberryBlackBerry Research & Intelligence Team
@online{team:20230508:sidewinder:ab9205d, author = {BlackBerry Research & Intelligence Team}, title = {{SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey}}, date = {2023-05-08}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/05/sidewinder-uses-server-side-polymorphism-to-target-pakistan}, language = {English}, urldate = {2023-05-10} } SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey
2023-03-31BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20230331:initial:6f10f80, author = {The BlackBerry Research & Intelligence Team}, title = {{Initial Implants and Network Analysis Suggest the 3CX Supply Chain Operation Goes Back to Fall 2022}}, date = {2023-03-31}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/03/initial-implants-and-network-analysis-suggest-the-3cx-supply-chain-operation-goes-back-to-fall-2022}, language = {English}, urldate = {2023-04-02} } Initial Implants and Network Analysis Suggest the 3CX Supply Chain Operation Goes Back to Fall 2022
3CX Backdoor
2023-03-14BlackberryBlackBerry Research & Intelligence Team
@online{team:20230314:nobelium:f35029b, author = {BlackBerry Research & Intelligence Team}, title = {{NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine}}, date = {2023-03-14}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine}, language = {English}, urldate = {2023-03-14} } NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine
EnvyScout GraphicalNeutrino
2023-02-15BlackberryBlackBerry Research & Intelligence Team
@online{team:20230215:darkbit:3185762, author = {BlackBerry Research & Intelligence Team}, title = {{DarkBit Ransomware Targets Israel with Command-Line Options and Optimized Encryption Routines}}, date = {2023-02-15}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/02/darkbit-ransomware-targets-israel}, language = {English}, urldate = {2023-02-16} } DarkBit Ransomware Targets Israel with Command-Line Options and Optimized Encryption Routines
DarkBit
2023-01-20BlackberryBlackBerry Research & Intelligence Team
@online{team:20230120:emotet:3d5fe7f, author = {BlackBerry Research & Intelligence Team}, title = {{Emotet Returns With New Methods of Evasion}}, date = {2023-01-20}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/01/emotet-returns-with-new-methods-of-evasion}, language = {English}, urldate = {2023-01-25} } Emotet Returns With New Methods of Evasion
Emotet IcedID
2023-01-19BlackberryBlackBerry Research & Intelligence Team
@online{team:20230119:gamaredon:ed20055, author = {BlackBerry Research & Intelligence Team}, title = {{Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations}}, date = {2023-01-19}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/01/gamaredon-abuses-telegram-to-target-ukrainian-organizations}, language = {English}, urldate = {2023-01-25} } Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations
Unidentified VBS 006 (Telegram Loader)
2022-12-06BlackberryBlackBerry Research & Intelligence Team
@online{team:20221206:mustang:fa0e3e1, author = {BlackBerry Research & Intelligence Team}, title = {{Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets}}, date = {2022-12-06}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/12/mustang-panda-uses-the-russian-ukrainian-war-to-attack-europe-and-asia-pacific-targets}, language = {English}, urldate = {2022-12-06} } Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets
PlugX
2022-11-21BlackberryBlackBerry Research & Intelligence Team
@online{team:20221121:gamaredon:da14d7a, author = {BlackBerry Research & Intelligence Team}, title = {{Gamaredon Leverages Microsoft Office Docs to Target Ukraine Government and Military}}, date = {2022-11-21}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/11/gamaredon-leverages-microsoft-office-docs-to-target-ukraine-government}, language = {English}, urldate = {2022-12-01} } Gamaredon Leverages Microsoft Office Docs to Target Ukraine Government and Military
Pteranodon
2022-10-23BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221023:unattributed:b83a409, author = {The BlackBerry Research & Intelligence Team}, title = {{Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries}}, date = {2022-10-23}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/unattributed-romcom-threat-actor-spoofing-popular-apps-now-hits-ukrainian-militaries}, language = {English}, urldate = {2022-10-30} } Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries
ROMCOM RAT RomCom
2022-10-13BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221013:bianlian:76ad15a, author = {The BlackBerry Research & Intelligence Team}, title = {{BianLian Ransomware Encrypts Files in the Blink of an Eye}}, date = {2022-10-13}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/bianlian-ransomware-encrypts-files-in-the-blink-of-an-eye}, language = {English}, urldate = {2022-10-24} } BianLian Ransomware Encrypts Files in the Blink of an Eye
BianLian
2022-10-06BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221006:mustang:a7e981c, author = {The BlackBerry Research & Intelligence Team}, title = {{Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims}}, date = {2022-10-06}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/mustang-panda-abuses-legitimate-apps-to-target-myanmar-based-victims}, language = {English}, urldate = {2022-10-24} } Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims
PlugX
2022-08-18BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220818:luca:4650d1f, author = {The BlackBerry Research & Intelligence Team}, title = {{Luca Stealer Targets Password Managers and Cryptocurrency Wallets}}, date = {2022-08-18}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/08/luca-stealer-targets-password-managers-and-cryptocurrency-wallets}, language = {English}, urldate = {2022-08-22} } Luca Stealer Targets Password Managers and Cryptocurrency Wallets
Luca Stealer
2022-08-04BlackberryBlackBerry Research & Intelligence Team
@online{team:20220804:north:395b87f, author = {BlackBerry Research & Intelligence Team}, title = {{North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics}}, date = {2022-08-04}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/08/h0lygh0st-ransomware}, language = {English}, urldate = {2022-08-22} } North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics
SiennaBlue SiennaPurple
2022-07-29BlackberryBlackBerry Research & Intelligence Team
@online{team:20220729:smokeloader:628912d, author = {BlackBerry Research & Intelligence Team}, title = {{SmokeLoader Malware Used to Augment Amadey Infostealer}}, date = {2022-07-29}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/07/smokeloader-malware-used-to-augment-amadey-infostealer}, language = {English}, urldate = {2022-08-22} } SmokeLoader Malware Used to Augment Amadey Infostealer
Amadey SmokeLoader
2022-07-14BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220714:gootloader:5b31240, author = {The BlackBerry Research & Intelligence Team}, title = {{GootLoader, From SEO Poisoning to Multi-Stage Downloader}}, date = {2022-07-14}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/07/gootloader-from-seo-poisoning-to-multi-stage-downloader}, language = {English}, urldate = {2022-07-18} } GootLoader, From SEO Poisoning to Multi-Stage Downloader
GootLoader
2022-06-30BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220630:threat:555a16b, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware}}, date = {2022-06-30}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-thursday-china-based-apt-plays-auto-updater-card-to-deliver-windealer-malware}, language = {English}, urldate = {2022-07-18} } Threat Thursday: China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware
WinDealer Red Nue
2022-06-27BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220627:threat:57f2bf9, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Spotlight: Eternity Project MaaS Goes On and On}}, date = {2022-06-27}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-spotlight-eternity-project-maas-goes-on-and-on}, language = {English}, urldate = {2022-07-18} } Threat Spotlight: Eternity Project MaaS Goes On and On
Eternity Stealer
2022-06-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220616:threat:1ef26f6, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Unique Delivery Method for Snake Keylogger}}, date = {2022-06-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-thursday-unique-delivery-method-for-snake-keylogger}, language = {English}, urldate = {2022-07-18} } Threat Thursday: Unique Delivery Method for Snake Keylogger
404 Keylogger
2022-06-09BlackberryJoakim Kennedy, The BlackBerry Research & Intelligence Team
@online{kennedy:20220609:symbiote:fcc031b, author = {Joakim Kennedy and The BlackBerry Research & Intelligence Team}, title = {{Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat}}, date = {2022-06-09}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat}, language = {English}, urldate = {2022-06-09} } Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Symbiote