Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-14BlackberryBlackBerry Research & Intelligence Team
@online{team:20230314:nobelium:f35029b, author = {BlackBerry Research & Intelligence Team}, title = {{NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine}}, date = {2023-03-14}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine}, language = {English}, urldate = {2023-03-14} } NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine
EnvyScout GraphicalNeutrino
2023-02-15BlackberryBlackBerry Research & Intelligence Team
@online{team:20230215:darkbit:3185762, author = {BlackBerry Research & Intelligence Team}, title = {{DarkBit Ransomware Targets Israel with Command-Line Options and Optimized Encryption Routines}}, date = {2023-02-15}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/02/darkbit-ransomware-targets-israel}, language = {English}, urldate = {2023-02-16} } DarkBit Ransomware Targets Israel with Command-Line Options and Optimized Encryption Routines
DarkBit
2023-01-20BlackberryBlackBerry Research & Intelligence Team
@online{team:20230120:emotet:3d5fe7f, author = {BlackBerry Research & Intelligence Team}, title = {{Emotet Returns With New Methods of Evasion}}, date = {2023-01-20}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/01/emotet-returns-with-new-methods-of-evasion}, language = {English}, urldate = {2023-01-25} } Emotet Returns With New Methods of Evasion
Emotet IcedID
2023-01-19BlackberryBlackBerry Research & Intelligence Team
@online{team:20230119:gamaredon:ed20055, author = {BlackBerry Research & Intelligence Team}, title = {{Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations}}, date = {2023-01-19}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2023/01/gamaredon-abuses-telegram-to-target-ukrainian-organizations}, language = {English}, urldate = {2023-01-25} } Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations
Unidentified VBS 006 (Telegram Loader)
2022-12-06BlackberryBlackBerry Research & Intelligence Team
@online{team:20221206:mustang:fa0e3e1, author = {BlackBerry Research & Intelligence Team}, title = {{Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets}}, date = {2022-12-06}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/12/mustang-panda-uses-the-russian-ukrainian-war-to-attack-europe-and-asia-pacific-targets}, language = {English}, urldate = {2022-12-06} } Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets
PlugX
2022-11-21BlackberryBlackBerry Research & Intelligence Team
@online{team:20221121:gamaredon:da14d7a, author = {BlackBerry Research & Intelligence Team}, title = {{Gamaredon Leverages Microsoft Office Docs to Target Ukraine Government and Military}}, date = {2022-11-21}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/11/gamaredon-leverages-microsoft-office-docs-to-target-ukraine-government}, language = {English}, urldate = {2022-12-01} } Gamaredon Leverages Microsoft Office Docs to Target Ukraine Government and Military
Pteranodon
2022-11-02BlackberryBlackberry Research
@online{research:20221102:romcom:73ba97d, author = {Blackberry Research}, title = {{RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom}}, date = {2022-11-02}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/11/romcom-spoofing-solarwinds-keepass}, language = {English}, urldate = {2023-01-03} } RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
ROMCOM RAT RomCom
2022-10-23BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221023:unattributed:b83a409, author = {The BlackBerry Research & Intelligence Team}, title = {{Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries}}, date = {2022-10-23}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/unattributed-romcom-threat-actor-spoofing-popular-apps-now-hits-ukrainian-militaries}, language = {English}, urldate = {2022-10-30} } Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries
ROMCOM RAT RomCom
2022-10-13BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221013:bianlian:76ad15a, author = {The BlackBerry Research & Intelligence Team}, title = {{BianLian Ransomware Encrypts Files in the Blink of an Eye}}, date = {2022-10-13}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/bianlian-ransomware-encrypts-files-in-the-blink-of-an-eye}, language = {English}, urldate = {2022-10-24} } BianLian Ransomware Encrypts Files in the Blink of an Eye
BianLian
2022-10-06BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20221006:mustang:a7e981c, author = {The BlackBerry Research & Intelligence Team}, title = {{Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims}}, date = {2022-10-06}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/10/mustang-panda-abuses-legitimate-apps-to-target-myanmar-based-victims}, language = {English}, urldate = {2022-10-24} } Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims
PlugX
2022-08-18BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220818:luca:4650d1f, author = {The BlackBerry Research & Intelligence Team}, title = {{Luca Stealer Targets Password Managers and Cryptocurrency Wallets}}, date = {2022-08-18}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/08/luca-stealer-targets-password-managers-and-cryptocurrency-wallets}, language = {English}, urldate = {2022-08-22} } Luca Stealer Targets Password Managers and Cryptocurrency Wallets
Luca Stealer
2022-08-04BlackberryBlackBerry Research & Intelligence Team
@online{team:20220804:north:395b87f, author = {BlackBerry Research & Intelligence Team}, title = {{North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics}}, date = {2022-08-04}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/08/h0lygh0st-ransomware}, language = {English}, urldate = {2022-08-22} } North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics
SiennaBlue SiennaPurple
2022-07-29BlackberryBlackBerry Research & Intelligence Team
@online{team:20220729:smokeloader:628912d, author = {BlackBerry Research & Intelligence Team}, title = {{SmokeLoader Malware Used to Augment Amadey Infostealer}}, date = {2022-07-29}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/07/smokeloader-malware-used-to-augment-amadey-infostealer}, language = {English}, urldate = {2022-08-22} } SmokeLoader Malware Used to Augment Amadey Infostealer
Amadey SmokeLoader
2022-07-14BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220714:gootloader:5b31240, author = {The BlackBerry Research & Intelligence Team}, title = {{GootLoader, From SEO Poisoning to Multi-Stage Downloader}}, date = {2022-07-14}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/07/gootloader-from-seo-poisoning-to-multi-stage-downloader}, language = {English}, urldate = {2022-07-18} } GootLoader, From SEO Poisoning to Multi-Stage Downloader
GootLoader
2022-06-30BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220630:threat:555a16b, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware}}, date = {2022-06-30}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-thursday-china-based-apt-plays-auto-updater-card-to-deliver-windealer-malware}, language = {English}, urldate = {2022-07-18} } Threat Thursday: China-Based APT Plays Auto-Updater Card to Deliver WinDealer Malware
WinDealer Red Nue
2022-06-27BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220627:threat:57f2bf9, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Spotlight: Eternity Project MaaS Goes On and On}}, date = {2022-06-27}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-spotlight-eternity-project-maas-goes-on-and-on}, language = {English}, urldate = {2022-07-18} } Threat Spotlight: Eternity Project MaaS Goes On and On
Eternity Stealer
2022-06-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220616:threat:1ef26f6, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Unique Delivery Method for Snake Keylogger}}, date = {2022-06-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/threat-thursday-unique-delivery-method-for-snake-keylogger}, language = {English}, urldate = {2022-07-18} } Threat Thursday: Unique Delivery Method for Snake Keylogger
404 Keylogger
2022-06-09BlackberryJoakim Kennedy, The BlackBerry Research & Intelligence Team
@online{kennedy:20220609:symbiote:fcc031b, author = {Joakim Kennedy and The BlackBerry Research & Intelligence Team}, title = {{Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat}}, date = {2022-06-09}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat}, language = {English}, urldate = {2022-06-09} } Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Symbiote
2022-05-24BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220524:yashma:33b80cb, author = {The BlackBerry Research & Intelligence Team}, title = {{Yashma Ransomware, Tracing the Chaos Family Tree}}, date = {2022-05-24}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/05/yashma-ransomware-tracing-the-chaos-family-tree}, language = {English}, urldate = {2022-05-24} } Yashma Ransomware, Tracing the Chaos Family Tree
Chaos
2022-05-19BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220519:net:ecf311c, author = {The BlackBerry Research & Intelligence Team}, title = {{.NET Stubs: Sowing the Seeds of Discord (PureCrypter)}}, date = {2022-05-19}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/05/dot-net-stubs-sowing-the-seeds-of-discord}, language = {English}, urldate = {2022-06-09} } .NET Stubs: Sowing the Seeds of Discord (PureCrypter)
Aberebot AbstractEmu AdoBot 404 Keylogger Agent Tesla Amadey AsyncRAT Ave Maria BitRAT BluStealer Formbook LimeRAT Loki Password Stealer (PWS) Nanocore RAT Orcus RAT Quasar RAT Raccoon RedLine Stealer WhisperGate