Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-19Cisco TalosAsheer Malhotra, Caitlin Huey, Sean Taylor, Vitor Ventura, Arnaud Zobec
@online{malhotra:20230919:new:a39af36, author = {Asheer Malhotra and Caitlin Huey and Sean Taylor and Vitor Ventura and Arnaud Zobec}, title = {{New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants}}, date = {2023-09-19}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/introducing-shrouded-snooper/}, language = {English}, urldate = {2023-09-20} } New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
HTTPSnoop PipeSnoop
2023-08-31Cisco TalosEdmund Brumaghin
@online{brumaghin:20230831:sapphirestealer:59b335d, author = {Edmund Brumaghin}, title = {{SapphireStealer: Open-source information stealer enables credential and data theft}}, date = {2023-08-31}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/sapphirestealer-goes-open-source/}, language = {English}, urldate = {2023-09-01} } SapphireStealer: Open-source information stealer enables credential and data theft
2023-08-24Cisco TalosAsheer Malhotra, Vitor Ventura, Jungsoo An
@online{malhotra:20230824:lazarus:094409b, author = {Asheer Malhotra and Vitor Ventura and Jungsoo An}, title = {{Lazarus Group's infrastructure reuse leads to discovery of new malware}}, date = {2023-08-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/lazarus-collectionrat/}, language = {English}, urldate = {2023-08-28} } Lazarus Group's infrastructure reuse leads to discovery of new malware
Collection RAT
2023-08-24Cisco TalosAsheer Malhotra, Vitor Ventura, Jungsoo An
@online{malhotra:20230824:lazarus:f5c3c14, author = {Asheer Malhotra and Vitor Ventura and Jungsoo An}, title = {{Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT}}, date = {2023-08-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/lazarus-quiterat/}, language = {English}, urldate = {2023-08-25} } Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT
QuiteRAT
2023-08-08Cisco TalosCisco Talos
@online{talos:20230808:what:0316750, author = {Cisco Talos}, title = {{What Cisco Talos knows about the Rhysida ransomware}}, date = {2023-08-08}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/rhysida-ransomware/}, language = {English}, urldate = {2023-08-10} } What Cisco Talos knows about the Rhysida ransomware
Rhysida
2023-08-07Cisco TalosChetan Raghuprasad
@online{raghuprasad:20230807:new:0147488, author = {Chetan Raghuprasad}, title = {{New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware}}, date = {2023-08-07}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/new-threat-actor-using-yashma-ransomware/}, language = {English}, urldate = {2023-08-09} } New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware
Chaos
2023-04-18Cisco TalosMatthew Olney
@online{olney:20230418:statesponsored:9bf8908, author = {Matthew Olney}, title = {{State-sponsored campaigns target global network infrastructure}}, date = {2023-04-18}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/state-sponsored-campaigns-target-global-network-infrastructure/}, language = {English}, urldate = {2023-04-22} } State-sponsored campaigns target global network infrastructure
2023-04-04Cisco TalosEdmund Brumaghin
@online{brumaghin:20230404:typhon:8666307, author = {Edmund Brumaghin}, title = {{Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities}}, date = {2023-04-04}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/typhon-reborn-v2-features-enhanced-anti-analysis/}, language = {English}, urldate = {2023-04-08} } Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities
Typhon Stealer
2023-03-22Cisco TalosEdmund Brumaghin, Jaeson Schultz
@online{brumaghin:20230322:emotet:fa8054c, author = {Edmund Brumaghin and Jaeson Schultz}, title = {{Emotet Resumes Spam Operations, Switches to OneNote}}, date = {2023-03-22}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/emotet-switches-to-onenote/}, language = {English}, urldate = {2023-03-23} } Emotet Resumes Spam Operations, Switches to OneNote
Emotet
2023-03-14Cisco TalosAsheer Malhotra, Vitor Ventura
@online{malhotra:20230314:talos:f709c24, author = {Asheer Malhotra and Vitor Ventura}, title = {{Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency}}, date = {2023-03-14}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/yorotrooper-espionage-campaign-cis-turkey-europe/}, language = {English}, urldate = {2023-03-20} } Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency
Poet RAT Loda
2022-12-08Cisco TalosTiago Pereira
@online{pereira:20221208:breaking:7f00030, author = {Tiago Pereira}, title = {{Breaking the silence - Recent Truebot activity}}, date = {2022-12-08}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/breaking-the-silence-recent-truebot-activity/}, language = {English}, urldate = {2022-12-12} } Breaking the silence - Recent Truebot activity
Clop Cobalt Strike FlawedGrace Raspberry Robin Silence Teleport
2022-11-09Cisco TalosEdmund Brumaghin
@online{brumaghin:20221109:threat:151d926, author = {Edmund Brumaghin}, title = {{Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns}}, date = {2022-11-09}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/ipfs-abuse/}, language = {English}, urldate = {2022-11-11} } Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns
Agent Tesla
2022-09-08Cisco TalosJung soo An, Asheer Malhotra, Vitor Ventura
@online{an:20220908:lazarus:236b4b4, author = {Jung soo An and Asheer Malhotra and Vitor Ventura}, title = {{Lazarus and the tale of three RATs}}, date = {2022-09-08}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/09/lazarus-three-rats.html}, language = {English}, urldate = {2023-01-19} } Lazarus and the tale of three RATs
MagicRAT MimiKatz VSingle YamaBot
2022-09-07Cisco TalosJung soo An, Asheer Malhotra, Vitor Ventura
@online{an:20220907:magicrat:efb6a3d, author = {Jung soo An and Asheer Malhotra and Vitor Ventura}, title = {{MagicRAT: Lazarus’ latest gateway into victim networks}}, date = {2022-09-07}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/09/lazarus-magicrat.html}, language = {English}, urldate = {2022-09-16} } MagicRAT: Lazarus’ latest gateway into victim networks
MagicRAT Tiger RAT
2022-08-10CiscoNick Biasini
@online{biasini:20220810:cisco:81eec81, author = {Nick Biasini}, title = {{Cisco Talos shares insights related to recent cyber attack on Cisco}}, date = {2022-08-10}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html}, language = {English}, urldate = {2022-08-11} } Cisco Talos shares insights related to recent cyber attack on Cisco
Yanluowang
2022-08-04Cisco TalosEdmund Brumaghin, Azim Khodjibaev, Matt Thaxton, Arnaud Zobec
@online{brumaghin:20220804:attackers:682f446, author = {Edmund Brumaghin and Azim Khodjibaev and Matt Thaxton and Arnaud Zobec}, title = {{Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns}}, date = {2022-08-04}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/dark-utilities/}, language = {English}, urldate = {2023-03-23} } Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns
2022-08-02Cisco TalosAsheer Malhotra, Vitor Ventura
@online{malhotra:20220802:manjusaka:706c14a, author = {Asheer Malhotra and Vitor Ventura}, title = {{Manjusaka: A Chinese sibling of Sliver and Cobalt Strike}}, date = {2022-08-02}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html}, language = {English}, urldate = {2022-08-02} } Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
Manjusaka Cobalt Strike Manjusaka
2022-06-21Cisco TalosFlavio Costa, Chris Neal, Guilherme Venere
@online{costa:20220621:avos:b60a2ad, author = {Flavio Costa and Chris Neal and Guilherme Venere}, title = {{Avos ransomware group expands with new attack arsenal}}, date = {2022-06-21}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/06/avoslocker-new-arsenal.html}, language = {English}, urldate = {2022-06-22} } Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz
2022-05-18Cisco TalosHolger Unterbrink
@online{unterbrink:20220518:blackbyte:00c8696, author = {Holger Unterbrink}, title = {{The BlackByte ransomware group is striking users all over the globe}}, date = {2022-05-18}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/05/the-blackbyte-ransomware-group-is.html}, language = {English}, urldate = {2022-05-25} } The BlackByte ransomware group is striking users all over the globe
BlackByte
2022-05-11Cisco TalosCisco Talos
@online{talos:20220511:bitter:c463e99, author = {Cisco Talos}, title = {{Bitter APT adds Bangladesh to their targets}}, date = {2022-05-11}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/05/bitter-apt-adds-bangladesh-to-their.html}, language = {English}, urldate = {2022-05-13} } Bitter APT adds Bangladesh to their targets
AndroRAT Artra Downloader Bitter RAT ZxxZ