Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-09CrowdStrikeCounter Adversary Operations
@online{operations:20231109:imperial:8a2f4d0, author = {Counter Adversary Operations}, title = {{IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations}}, date = {2023-11-09}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/imperial-kitten-deploys-novel-malware-families/}, language = {English}, urldate = {2023-11-14} } IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations
IMAPLoader
2023-08-10CrowdStrikeNicolas Zilio, Marco Ortisi, Ken Balint, Counter Adversary Operations
@online{zilio:20230810:discovering:6b246d9, author = {Nicolas Zilio and Marco Ortisi and Ken Balint and Counter Adversary Operations}, title = {{Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874}}, date = {2023-08-10}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/falcon-complete-zero-day-exploit-cve-2023-36874/}, language = {English}, urldate = {2023-08-13} } Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874
2023-06-22CrowdStrikeThe Falcon Complete Team
@online{team:20230622:business:3af26f4, author = {The Falcon Complete Team}, title = {{Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft}}, date = {2023-06-22}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/falcon-complete-thwarts-vanguard-panda-tradecraft/}, language = {English}, urldate = {2023-06-27} } Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft
2023-05-15CrowdStrikeCrowdStrike
@online{crowdstrike:20230515:hypervisor:2fc5adc, author = {CrowdStrike}, title = {{Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to Adversary Attacks}}, date = {2023-05-15}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/hypervisor-jackpotting-lack-of-antivirus-support-opens-the-door-to-adversaries/}, language = {English}, urldate = {2023-07-31} } Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to Adversary Attacks
BlackCat SystemBC
2023-04-16YouTube (botconf eu)Suweera De Souza, Crowdstrike Technical Analysis Cell (TAC)
@online{souza:20230416:tracking:62b0316, author = {Suweera De Souza and Crowdstrike Technical Analysis Cell (TAC)}, title = {{Tracking Bumblebee’s Development}}, date = {2023-04-16}, organization = {YouTube (botconf eu)}, url = {https://www.youtube.com/watch?v=JoKJNfLAc0Y}, language = {English}, urldate = {2023-04-22} } Tracking Bumblebee’s Development
BumbleBee
2023-03-30CrowdStrikeCS ENGINEER
@online{engineer:20230330:20230329:49be400, author = {CS ENGINEER}, title = {{2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers}}, date = {2023-03-30}, organization = {CrowdStrike}, url = {https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/}, language = {English}, urldate = {2023-04-02} } 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
3CX Backdoor
2023-03-29CrowdStrikeResearch & Threat Intel
@online{intel:20230329:crowdstrike:cafb1f8, author = {Research & Threat Intel}, title = {{CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers}}, date = {2023-03-29}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/}, language = {English}, urldate = {2023-03-30} } CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers
3CX Backdoor
2023-03-14CrowdStrikeCrowdStrike
@online{crowdstrike:20230314:zeus:e01a1ed, author = {CrowdStrike}, title = {{The Zeus Trojan Malware - Definition and Prevention}}, date = {2023-03-14}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/cybersecurity-101/malware/trojan-zeus-malware}, language = {English}, urldate = {2023-06-06} } The Zeus Trojan Malware - Definition and Prevention
Zeus
2023-03-02CrowdStrikeCrowdStrike Threat Intel Team
@techreport{team:20230302:crowdstrike:7144658, author = {CrowdStrike Threat Intel Team}, title = {{Crowdstrike Global Threat Report 2023}}, date = {2023-03-02}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/CrowdStrike2023GlobalThreatReport.pdf}, language = {English}, urldate = {2023-06-09} } Crowdstrike Global Threat Report 2023
2023-03-01CrowdStrikeCrowdStrike
@online{crowdstrike:20230301:slippy:b2f0c0a, author = {CrowdStrike}, title = {{Slippy Spider}}, date = {2023-03-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/adversaries/slippy-spider/}, language = {English}, urldate = {2023-03-13} } Slippy Spider
LAPSUS
2022-12-19CrowdStrikeSarang Sonawane, Donato Onofri
@online{sonawane:20221219:malware:1e7d417, author = {Sarang Sonawane and Donato Onofri}, title = {{Malware Analysis: GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy}}, date = {2022-12-19}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/guloader-dissection-reveals-new-anti-analysis-techniques-and-code-injection-redundancy/}, language = {English}, urldate = {2022-12-24} } Malware Analysis: GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy
CloudEyE
2022-12-02CrowdStrikeTim Parisi
@online{parisi:20221202:not:7f9fee4, author = {Tim Parisi}, title = {{Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies}}, date = {2022-12-02}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/}, language = {English}, urldate = {2022-12-14} } Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies
2022-10-26CrowdStrikeManoj Ahuje
@online{ahuje:20221026:crowdstrike:92b8440, author = {Manoj Ahuje}, title = {{CrowdStrike Identifies New Kiss-a-Dog Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Infrastructure}}, date = {2022-10-26}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/new-kiss-a-dog-cryptojacking-campaign-targets-docker-and-kubernetes/}, language = {English}, urldate = {2023-11-17} } CrowdStrike Identifies New Kiss-a-Dog Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Infrastructure
xmrig
2022-09-26CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220926:anatomy:248e6ff, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 3: Input/Output Controls}}, date = {2022-09-26}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-3/}, language = {English}, urldate = {2022-09-29} } The Anatomy of Wiper Malware, Part 3: Input/Output Controls
CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-08-24CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220824:anatomy:64f6451, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 2: Third-Party Drivers}}, date = {2022-08-24}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-2}, language = {English}, urldate = {2022-08-31} } The Anatomy of Wiper Malware, Part 2: Third-Party Drivers
2022-08-12CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220812:anatomy:b13ce32, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 1: Common Techniques}}, date = {2022-08-12}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-1/}, language = {English}, urldate = {2023-01-19} } The Anatomy of Wiper Malware, Part 1: Common Techniques
Apostle CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper IsraBye KillDisk Meteor Olympic Destroyer Ordinypt Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-06-23CrowdStrikePatrick Bennett
@online{bennett:20220623:call:13d0e4e, author = {Patrick Bennett}, title = {{The Call Is Coming from Inside the House: CrowdStrike Identifies Novel Exploit in VOIP Appliance (CVE-2022-29499)}}, date = {2022-06-23}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/novel-exploit-detected-in-mitel-voip-appliance/}, language = {English}, urldate = {2023-08-01} } The Call Is Coming from Inside the House: CrowdStrike Identifies Novel Exploit in VOIP Appliance (CVE-2022-29499)
2022-06-02CrowdStrikeEPP Content Research Team
@online{team:20220602:crowdstrike:3ca0d32, author = {EPP Content Research Team}, title = {{CrowdStrike Uncovers New MacOS Browser Hijacking Campaign}}, date = {2022-06-02}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-uncovered-a-new-macos-browser-hijacking-campaign/}, language = {English}, urldate = {2022-07-18} } CrowdStrike Uncovers New MacOS Browser Hijacking Campaign
Choziosi
2022-05-25CrowdStrikeJamie Harris
@online{harris:20220525:hunting:48d53ea, author = {Jamie Harris}, title = {{Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun}}, date = {2022-05-25}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant/}, language = {English}, urldate = {2022-05-29} } Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun
BPFDoor
2022-05-20CrowdStrikeVlad Ciuleanu
@online{ciuleanu:20220520:mirai:77360aa, author = {Vlad Ciuleanu}, title = {{Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022}}, date = {2022-05-20}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/linux-mirai-malware-double-on-stronger-chips/}, language = {English}, urldate = {2022-05-25} } Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022
Mirai