Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-16YouTube (botconf eu)Suweera De Souza, Crowdstrike Technical Analysis Cell (TAC)
@online{souza:20230416:tracking:62b0316, author = {Suweera De Souza and Crowdstrike Technical Analysis Cell (TAC)}, title = {{Tracking Bumblebee’s Development}}, date = {2023-04-16}, organization = {YouTube (botconf eu)}, url = {https://www.youtube.com/watch?v=JoKJNfLAc0Y}, language = {English}, urldate = {2023-04-22} } Tracking Bumblebee’s Development
BumbleBee
2023-03-30CrowdStrikeCS ENGINEER
@online{engineer:20230330:20230329:49be400, author = {CS ENGINEER}, title = {{2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers}}, date = {2023-03-30}, organization = {CrowdStrike}, url = {https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/}, language = {English}, urldate = {2023-04-02} } 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
3CX Backdoor
2023-03-29CrowdStrikeResearch & Threat Intel
@online{intel:20230329:crowdstrike:cafb1f8, author = {Research & Threat Intel}, title = {{CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers}}, date = {2023-03-29}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/}, language = {English}, urldate = {2023-03-30} } CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers
3CX Backdoor
2023-03-14CrowdStrikeCrowdStrike
@online{crowdstrike:20230314:zeus:e01a1ed, author = {CrowdStrike}, title = {{The Zeus Trojan Malware - Definition and Prevention}}, date = {2023-03-14}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/cybersecurity-101/malware/trojan-zeus-malware}, language = {English}, urldate = {2023-06-06} } The Zeus Trojan Malware - Definition and Prevention
Zeus
2023-03-02CrowdStrikeCrowdStrike Threat Intel Team
@techreport{team:20230302:crowdstrike:7144658, author = {CrowdStrike Threat Intel Team}, title = {{Crowdstrike Global Threat Report 2023}}, date = {2023-03-02}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/CrowdStrike2023GlobalThreatReport.pdf}, language = {English}, urldate = {2023-06-09} } Crowdstrike Global Threat Report 2023
2023-03-01CrowdStrikeCrowdStrike
@online{crowdstrike:20230301:slippy:b2f0c0a, author = {CrowdStrike}, title = {{Slippy Spider}}, date = {2023-03-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/adversaries/slippy-spider/}, language = {English}, urldate = {2023-03-13} } Slippy Spider
LAPSUS
2022-12-19CrowdStrikeSarang Sonawane, Donato Onofri
@online{sonawane:20221219:malware:1e7d417, author = {Sarang Sonawane and Donato Onofri}, title = {{Malware Analysis: GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy}}, date = {2022-12-19}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/guloader-dissection-reveals-new-anti-analysis-techniques-and-code-injection-redundancy/}, language = {English}, urldate = {2022-12-24} } Malware Analysis: GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy
CloudEyE
2022-12-02CrowdStrikeTim Parisi
@online{parisi:20221202:not:7f9fee4, author = {Tim Parisi}, title = {{Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies}}, date = {2022-12-02}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/}, language = {English}, urldate = {2022-12-14} } Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies
2022-09-26CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220926:anatomy:248e6ff, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 3: Input/Output Controls}}, date = {2022-09-26}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-3/}, language = {English}, urldate = {2022-09-29} } The Anatomy of Wiper Malware, Part 3: Input/Output Controls
CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-08-24CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220824:anatomy:64f6451, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 2: Third-Party Drivers}}, date = {2022-08-24}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-2}, language = {English}, urldate = {2022-08-31} } The Anatomy of Wiper Malware, Part 2: Third-Party Drivers
2022-08-12CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220812:anatomy:b13ce32, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 1: Common Techniques}}, date = {2022-08-12}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-1/}, language = {English}, urldate = {2023-01-19} } The Anatomy of Wiper Malware, Part 1: Common Techniques
Apostle CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper IsraBye KillDisk Meteor Olympic Destroyer Ordinypt Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-06-02CrowdStrikeEPP Content Research Team
@online{team:20220602:crowdstrike:3ca0d32, author = {EPP Content Research Team}, title = {{CrowdStrike Uncovers New MacOS Browser Hijacking Campaign}}, date = {2022-06-02}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-uncovered-a-new-macos-browser-hijacking-campaign/}, language = {English}, urldate = {2022-07-18} } CrowdStrike Uncovers New MacOS Browser Hijacking Campaign
Choziosi
2022-05-25CrowdStrikeJamie Harris
@online{harris:20220525:hunting:48d53ea, author = {Jamie Harris}, title = {{Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun}}, date = {2022-05-25}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant/}, language = {English}, urldate = {2022-05-29} } Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun
BPFDoor
2022-05-20CrowdStrikeVlad Ciuleanu
@online{ciuleanu:20220520:mirai:77360aa, author = {Vlad Ciuleanu}, title = {{Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022}}, date = {2022-05-20}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/linux-mirai-malware-double-on-stronger-chips/}, language = {English}, urldate = {2022-05-25} } Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022
Mirai
2022-05-11CrowdStrikeAdrian Justice
@online{justice:20220511:proactive:a23c54f, author = {Adrian Justice}, title = {{Proactive Threat Hunting Bears Fruit: Falcon OverWatch Detects Novel IceApple Post-Exploitation Framework}}, date = {2022-05-11}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/falcon-overwatch-detects-iceapple-framework/}, language = {English}, urldate = {2022-05-11} } Proactive Threat Hunting Bears Fruit: Falcon OverWatch Detects Novel IceApple Post-Exploitation Framework
2022-05-11CrowdStrikeAdrian Justice, CrowdStrike Overwatch Team
@techreport{justice:20220511:iceapple:608746f, author = {Adrian Justice and CrowdStrike Overwatch Team}, title = {{IceApple: A Novel Internet Information Services (IIS) Post-Exploitation Framework}}, date = {2022-05-11}, institution = {CrowdStrike}, url = {https://www.crowdstrike.com/wp-content/uploads/2022/05/crowdstrike-iceapple-a-novel-internet-information-services-post-exploitation-framework.pdf}, language = {English}, urldate = {2022-05-11} } IceApple: A Novel Internet Information Services (IIS) Post-Exploitation Framework
2022-05-06CrowdStrikePaul-Danut Urian
@online{urian:20220506:macos:f1223a9, author = {Paul-Danut Urian}, title = {{macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis}}, date = {2022-05-06}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-analyzes-macos-malware-to-optimize-automated-detection-capabilities/}, language = {English}, urldate = {2022-05-17} } macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis
Lador
2022-05-06CrowdStrikePaul-Danut Urian
@online{urian:20220506:macos:59df492, author = {Paul-Danut Urian}, title = {{macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis}}, date = {2022-05-06}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-analyzes-macos-malware-to-optimize-automated-detection-capabilities}, language = {English}, urldate = {2022-05-11} } macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis
EvilQuest FlashBack Shlayer XCSSET
2022-05-04CrowdStrikeSebastian Walla
@online{walla:20220504:compromised:b2b1f9b, author = {Sebastian Walla}, title = {{Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack}}, date = {2022-05-04}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/compromised-docker-honeypots-used-for-pro-ukrainian-dos-attack/}, language = {English}, urldate = {2022-05-05} } Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack
2022-04-21CrowdStrikeManoj Ahuje
@online{ahuje:20220421:lemonduck:6b61d01, author = {Manoj Ahuje}, title = {{LemonDuck Targets Docker for Cryptomining Operations}}, date = {2022-04-21}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/lemonduck-botnet-targets-docker-for-cryptomining-operations/}, language = {English}, urldate = {2022-04-24} } LemonDuck Targets Docker for Cryptomining Operations
Lemon Duck