Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-18IBMCharlotte Hammond, Ole Villadsen
@online{hammond:20220818:from:501e8ac, author = {Charlotte Hammond and Ole Villadsen}, title = {{From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers}}, date = {2022-08-18}, organization = {IBM}, url = {https://securityintelligence.com/posts/from-ramnit-to-bumblebee-via-neverquest}, language = {English}, urldate = {2022-08-28} } From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers
BumbleBee Karius Ramnit TrickBot Vawtrak
2022-07-07IBMOle Villadsen, Charlotte Hammond, Kat Weinberger
@online{villadsen:20220707:unprecedented:d0a6add, author = {Ole Villadsen and Charlotte Hammond and Kat Weinberger}, title = {{Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine}}, date = {2022-07-07}, organization = {IBM}, url = {https://securityintelligence.com/posts/trickbot-group-systematically-attacking-ukraine}, language = {English}, urldate = {2022-07-12} } Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
AnchorMail BumbleBee Cobalt Strike IcedID Meterpreter
2022-05-19IBMCharlotte Hammond, Ole Villadsen, Golo Mühr
@online{hammond:20220519:itg23:eab10e2, author = {Charlotte Hammond and Ole Villadsen and Golo Mühr}, title = {{ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups}}, date = {2022-05-19}, organization = {IBM}, url = {https://securityintelligence.com/posts/itg23-crypters-cooperation-between-cybercriminal-groups/}, language = {English}, urldate = {2022-05-25} } ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups
IcedID ISFB Mount Locker
2022-02-25IBMCharlotte Hammond, Ole Villadsen
@online{hammond:20220225:trickbot:fdf2254, author = {Charlotte Hammond and Ole Villadsen}, title = {{Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail}}, date = {2022-02-25}, organization = {IBM}, url = {https://securityintelligence.com/posts/new-malware-trickbot-anchordns-backdoor-upgrades-anchormail/}, language = {English}, urldate = {2022-03-02} } Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail
AnchorDNS AnchorMail
2022-01-24IBMMichael Gal, Segev Fogel, Itzik Chimino, Limor Kessem, Charlotte Hammond
@online{gal:20220124:trickbot:8a030b3, author = {Michael Gal and Segev Fogel and Itzik Chimino and Limor Kessem and Charlotte Hammond}, title = {{TrickBot Bolsters Layered Defenses to Prevent Injection Research}}, date = {2022-01-24}, organization = {IBM}, url = {https://securityintelligence.com/posts/trickbot-bolsters-layered-defenses-prevent-injection/}, language = {English}, urldate = {2022-01-25} } TrickBot Bolsters Layered Defenses to Prevent Injection Research
TrickBot
2021-10-13IBMOle Villadsen, Charlotte Hammond
@online{villadsen:20211013:trickbot:e0d4233, author = {Ole Villadsen and Charlotte Hammond}, title = {{Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds}}, date = {2021-10-13}, organization = {IBM}, url = {https://securityintelligence.com/posts/trickbot-gang-doubles-down-enterprise-infection/}, language = {English}, urldate = {2021-10-25} } Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds
BazarBackdoor TrickBot
2021-08-17IBM X-Force ExchangeCharlotte Hammond, Chris Caridi
@online{hammond:20210817:analysis:03981d3, author = {Charlotte Hammond and Chris Caridi}, title = {{Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang}}, date = {2021-08-17}, organization = {IBM X-Force Exchange}, url = {https://securityintelligence.com/posts/analysis-of-diavol-ransomware-link-trickbot-gang/}, language = {English}, urldate = {2021-08-18} } Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang
Diavol