Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-17ClearSkyClearSky
@techreport{clearsky:20210817:new:573e4e4, author = {ClearSky}, title = {{New Iranian Espionage Campaign By “Siamesekitten” - Lyceum}}, date = {2021-08-17}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/08/Siamesekitten.pdf}, language = {English}, urldate = {2021-08-25} } New Iranian Espionage Campaign By “Siamesekitten” - Lyceum
danbot Milan Shark
2021-05ClearSkyClearSky
@techreport{clearsky:202105:attributing:67fb261, author = {ClearSky}, title = {{Attributing Attacks Against Crypto Exchanges to LAZARUS – North Korea}}, date = {2021-05}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf}, language = {English}, urldate = {2021-06-09} } Attributing Attacks Against Crypto Exchanges to LAZARUS – North Korea
CageyChameleon
2021-03-31Twitter (@ClearskySec)ClearSky Cyber Security
@online{security:20210331:adamantium:524c265, author = {ClearSky Cyber Security}, title = {{Tweet on Adamantium stealer}}, date = {2021-03-31}, organization = {Twitter (@ClearskySec)}, url = {https://twitter.com/ClearskySec/status/1377176015189929989}, language = {English}, urldate = {2021-03-31} } Tweet on Adamantium stealer
Adamantium Thief
2021-02-04ClearSkyClearSky Research Team
@techreport{team:20210204:conti:27cb3a2, author = {ClearSky Research Team}, title = {{CONTI Modus Operandi and Bitcoin Tracking}}, date = {2021-02-04}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/02/Conti-Ransomware.pdf}, language = {English}, urldate = {2021-02-06} } CONTI Modus Operandi and Bitcoin Tracking
Conti Ryuk
2021-01-28ClearSkyClearSky Research Team
@techreport{team:20210128:lebanese:94effe4, author = {ClearSky Research Team}, title = {{“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers}}, date = {2021-01-28}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf}, language = {English}, urldate = {2021-01-29} } “Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Volatile Cedar
2021-01-07ClearSkyClearSky Research Team
@online{team:20210107:operation:c3e2e28, author = {ClearSky Research Team}, title = {{Operation ‘Kremlin’}}, date = {2021-01-07}, organization = {ClearSky}, url = {https://www.clearskysec.com/operation-kremlin/}, language = {English}, urldate = {2021-01-11} } Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)
2020-12-17ClearSkyClearSky Research Team
@techreport{team:20201217:pay2kitten:2298e19, author = {ClearSky Research Team}, title = {{Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten}}, date = {2020-12-17}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/12/Pay2Kitten.pdf}, language = {English}, urldate = {2020-12-17} } Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten
Pay2Key
2020-10-15ClearSkyClearSky
@techreport{clearsky:20201015:operation:dead010, author = {ClearSky}, title = {{Operation Quicksand: MuddyWater’s Offensive Attack Against Israeli Organizations}}, date = {2020-10-15}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/10/Operation-Quicksand.pdf}, language = {English}, urldate = {2020-10-21} } Operation Quicksand: MuddyWater’s Offensive Attack Against Israeli Organizations
PowGoop Covicli
2020-08-27ClearSkyClearSky Research Team
@techreport{team:20200827:kittens:1d41d9a, author = {ClearSky Research Team}, title = {{The Kittens Are Back in Town 3: Charming Kitten Campaign Evolved and Deploying Spear-Phishing link by WhatsApp}}, date = {2020-08-27}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/08/The-Kittens-are-Back-in-Town-3.pdf}, language = {English}, urldate = {2020-08-31} } The Kittens Are Back in Town 3: Charming Kitten Campaign Evolved and Deploying Spear-Phishing link by WhatsApp
2020-08-13ClearSkyClearSky Research Team
@techreport{team:20200813:operation:429bf86, author = {ClearSky Research Team}, title = {{Operation ‘Dream Job’ Widespread North Korean Espionage Campaign}}, date = {2020-08-13}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf}, language = {English}, urldate = {2020-08-14} } Operation ‘Dream Job’ Widespread North Korean Espionage Campaign
DRATzarus
2020-06-24ClearSkyClearSky Research Team
@online{team:20200624:cryptocore:16e4ad2, author = {ClearSky Research Team}, title = {{CryptoCore Group : A Threat Actor Targeting Cryptocurrency Exchanges}}, date = {2020-06-24}, organization = {ClearSky}, url = {https://www.clearskysec.com/cryptocore-group/}, language = {English}, urldate = {2021-06-21} } CryptoCore Group : A Threat Actor Targeting Cryptocurrency Exchanges
CageyChameleon
2020-06-24ClearSkyClearSky Research Team
@techreport{team:20200624:cryptocore:c9dde67, author = {ClearSky Research Team}, title = {{CryptoCore: A Threat Actor Targeting Cryptocurrency Exchanges}}, date = {2020-06-24}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/06/CryptoCore_Group.pdf}, language = {English}, urldate = {2021-06-09} } CryptoCore: A Threat Actor Targeting Cryptocurrency Exchanges
CageyChameleon
2020-02-16ClearSkyClearSky Research Team
@techreport{team:20200216:fox:23f1677, author = {ClearSky Research Team}, title = {{Fox Kitten Campaign: Widespread Iranian Espionage-Offensive Campaign}}, date = {2020-02-16}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign.pdf}, language = {English}, urldate = {2020-04-20} } Fox Kitten Campaign: Widespread Iranian Espionage-Offensive Campaign
SSHNET Fox Kitten
2019-11-20ClearSkyClearSky Cyber Security
@online{security:20191120:muddywater:5c4adfd, author = {ClearSky Cyber Security}, title = {{MuddyWater Uses New Attack Methods in a Recent Attack Wave}}, date = {2019-11-20}, organization = {ClearSky}, url = {https://docs.google.com/document/d/1oYX3uN6KxIX_StzTH0s0yFNNoHDnV8VgmVqU5WoeErc/edit#heading=h.ez428aw98bca}, language = {English}, urldate = {2019-12-16} } MuddyWater Uses New Attack Methods in a Recent Attack Wave
QUADAGENT RogueRobin
2019-08ClearSkyClearSky Cyber Security
@techreport{security:201908:2019:716d69e, author = {ClearSky Cyber Security}, title = {{2019 H1 Cyber Events Summary Report}}, date = {2019-08}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2019/08/ClearSky-2019-H1-Cyber-Events-Summary-Report.pdf}, language = {English}, urldate = {2020-06-29} } 2019 H1 Cyber Events Summary Report
EVILNUM Cardinal RAT SappyCache
2019-05ClearSkyClearSky Research Team
@techreport{team:201905:iranian:536dc45, author = {ClearSky Research Team}, title = {{Iranian Nation-State APT Groups 'Black Box' Leak}}, date = {2019-05}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2019/05/Iranian-Nation-State-APT-Leak-Analysis-and-Overview.pdf}, language = {English}, urldate = {2019-12-24} } Iranian Nation-State APT Groups 'Black Box' Leak
[Unnamed group]
2019-04-30ClearSkyClearSky Cyber Security
@online{security:20190430:raw:327940f, author = {ClearSky Cyber Security}, title = {{Raw Threat Intelligence 2019-04-30: Oilrig data dump link analysis}}, date = {2019-04-30}, organization = {ClearSky}, url = {https://docs.google.com/document/d/1oYX3uN6KxIX_StzTH0s0yFNNoHDnV8VgmVqU5WoeErc/edit#heading=h.hcd1wvpsrgfr}, language = {English}, urldate = {2019-10-23} } Raw Threat Intelligence 2019-04-30: Oilrig data dump link analysis
SpyNote OopsIE
2019-04-15ClearSkyClearSky Research Team
@online{team:20190415:iranian:5a7f4ff, author = {ClearSky Research Team}, title = {{Iranian APT MuddyWater Attack Infrastructure Targeting Kurdish Political Groups and Organizations in Turkey}}, date = {2019-04-15}, organization = {ClearSky}, url = {https://www.clearskysec.com/muddywater-targets-kurdish-groups-turkish-orgs/}, language = {English}, urldate = {2020-01-07} } Iranian APT MuddyWater Attack Infrastructure Targeting Kurdish Political Groups and Organizations in Turkey
POWERSTATS MuddyWater
2019-03-27Twitter (@ClearskySec)ClearSky Cyber Security
@online{security:20190327:timelines:36e1fb0, author = {ClearSky Cyber Security}, title = {{Tweet on "Timelines - ECRL.docx"}}, date = {2019-03-27}, organization = {Twitter (@ClearskySec)}, url = {https://twitter.com/ClearskySec/status/1110941178231484417}, language = {English}, urldate = {2020-01-08} } Tweet on "Timelines - ECRL.docx"
DADJOKE
2018-11-28ClearSkyClearSky Research Team
@online{team:20181128:muddywater:89a520f, author = {ClearSky Research Team}, title = {{MuddyWater Operations in Lebanon and Oman}}, date = {2018-11-28}, organization = {ClearSky}, url = {https://www.clearskysec.com/muddywater-operations-in-lebanon-and-oman/}, language = {English}, urldate = {2019-07-09} } MuddyWater Operations in Lebanon and Oman
POWERSTATS