Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-11CybereasonOmri Refaeli, Chen Erlich, Ofir Ozer, Niv Yona, Daichi Shimabukuro
@online{refaeli:20220111:threat:fd22089, author = {Omri Refaeli and Chen Erlich and Ofir Ozer and Niv Yona and Daichi Shimabukuro}, title = {{Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike}}, date = {2022-01-11}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-analysis-report-datoploader-exploits-proxyshell-to-deliver-qbot-and-cobalt-strike}, language = {English}, urldate = {2022-01-18} } Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle
2021-12-16CybereasonCybereason Global SOC Team
@online{team:20211216:inside:40c2e51, author = {Cybereason Global SOC Team}, title = {{Inside the LockBit Arsenal - The StealBit Exfiltration Tool}}, date = {2021-12-16}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-analysis-report-inside-the-lockbit-arsenal-the-stealbit-exfiltration-tool}, language = {English}, urldate = {2021-12-21} } Inside the LockBit Arsenal - The StealBit Exfiltration Tool
LockBit StealBit
2021-11-09CybereasonCybereason Global SOC Team
@online{team:20211109:threat:9f898c9, author = {Cybereason Global SOC Team}, title = {{THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware}}, date = {2021-11-09}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-analysis-report-from-shatak-emails-to-the-conti-ransomware}, language = {English}, urldate = {2021-11-25} } THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware
Cobalt Strike Conti
2021-10-28CybereasonAleksandar Milenkoski, Brian Janower
@online{milenkoski:20211028:threat:8d45698, author = {Aleksandar Milenkoski and Brian Janower}, title = {{THREAT ANALYSIS REPORT: Snake Infostealer Malware}}, date = {2021-10-28}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-analysis-report-snake-infostealer-malware}, language = {English}, urldate = {2021-11-03} } THREAT ANALYSIS REPORT: Snake Infostealer Malware
404 Keylogger
2021-10-27CybereasonGal Romano, Rotem Rostami, Aleksandar Milenkoski
@online{romano:20211027:threat:f8b736b, author = {Gal Romano and Rotem Rostami and Aleksandar Milenkoski}, title = {{THREAT ALERT: Malicious Code Implant in the UAParser.js Library}}, date = {2021-10-27}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-alert-malicious-code-implant-in-the-uaparser.js-library}, language = {English}, urldate = {2021-11-03} } THREAT ALERT: Malicious Code Implant in the UAParser.js Library
2021-10-06CybereasonTom Fakterman, Daniel Frank, Chen Erlich, Assaf Dahan
@online{fakterman:20211006:operation:9a1ec21, author = {Tom Fakterman and Daniel Frank and Chen Erlich and Assaf Dahan}, title = {{Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms}}, date = {2021-10-06}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/operation-ghostshell-novel-rat-targets-global-aerospace-and-telecoms-firms}, language = {English}, urldate = {2021-10-24} } Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms
ShellClient RAT
2021-09-27CybereasonAleksandar Milenkoski
@online{milenkoski:20210927:threat:843919b, author = {Aleksandar Milenkoski}, title = {{Threat Analysis Report: Inside the Destructive PYSA Ransomware}}, date = {2021-09-27}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-analysis-report-inside-the-destructive-pysa-ransomware}, language = {English}, urldate = {2021-09-28} } Threat Analysis Report: Inside the Destructive PYSA Ransomware
Mespinoza
2021-09-22CybereasonAleksandar Milenkoski, Eli Salem
@online{milenkoski:20210922:threat:cba08ae, author = {Aleksandar Milenkoski and Eli Salem}, title = {{Threat Analysis Report: PrintNightmare and Magniber Ransomware}}, date = {2021-09-22}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/threat-analysis-report-printnightmare-and-magniber-ransomware}, language = {English}, urldate = {2021-09-28} } Threat Analysis Report: PrintNightmare and Magniber Ransomware
Magniber
2021-08-03CybereasonAssaf Dahan, Lior Rochberger, Daniel Frank, Tom Fakterman
@online{dahan:20210803:deadringer:908e8d5, author = {Assaf Dahan and Lior Rochberger and Daniel Frank and Tom Fakterman}, title = {{DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos}}, date = {2021-08-03}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/deadringer-exposing-chinese-threat-actors-targeting-major-telcos}, language = {English}, urldate = {2021-08-06} } DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
CHINACHOPPER Cobalt Strike MimiKatz Nebulae
2021-07-15CybereasonCybereason Nocturnus
@online{nocturnus:20210715:cybereason:06113e5, author = {Cybereason Nocturnus}, title = {{cybereason vs. prometheus ransomware}}, date = {2021-07-15}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs.-prometheus-ransomware}, language = {English}, urldate = {2021-08-03} } cybereason vs. prometheus ransomware
Hakbit Prometheus
2021-07-06CybereasonTom Fakterman
@online{fakterman:20210706:cybereason:1e0b80a, author = {Tom Fakterman}, title = {{Cybereason vs. REvil Ransomware: The Kaseya Chronicles}}, date = {2021-07-06}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs-revil-ransomware-the-kaseya-chronicles}, language = {English}, urldate = {2021-07-12} } Cybereason vs. REvil Ransomware: The Kaseya Chronicles
REvil
2021-04-22CybereasonLior Rochberger
@online{rochberger:20210422:prometei:c7eb590, author = {Lior Rochberger}, title = {{Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities}}, date = {2021-04-22}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/prometei-botnet-exploiting-microsoft-exchange-vulnerabilities}, language = {English}, urldate = {2021-04-28} } Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
Prometei
2021-04-01CybereasonCybereason Nocturnus
@online{nocturnus:20210401:cybereason:9e1c43e, author = {Cybereason Nocturnus}, title = {{Cybereason vs. DarkSide Ransomware}}, date = {2021-04-01}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs-darkside-ransomware}, language = {English}, urldate = {2021-05-11} } Cybereason vs. DarkSide Ransomware
DarkSide
2021-03-18CybereasonDaniel Frank
@online{frank:20210318:cybereason:22a301a, author = {Daniel Frank}, title = {{Cybereason Exposes Campaign Targeting US Taxpayers with NetWire and Remcos Malware}}, date = {2021-03-18}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-exposes-malware-targeting-us-taxpayers}, language = {English}, urldate = {2021-03-19} } Cybereason Exposes Campaign Targeting US Taxpayers with NetWire and Remcos Malware
NetWire RC Remcos
2021-02-16CybereasonTom Fakterman
@online{fakterman:20210216:cybereason:bc5074c, author = {Tom Fakterman}, title = {{Cybereason vs. NetWalker Ransomware}}, date = {2021-02-16}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs.-netwalker-ransomware}, language = {English}, urldate = {2021-02-20} } Cybereason vs. NetWalker Ransomware
Mailto
2021-01-26CybereasonDaniel Frank
@online{frank:20210126:cybereason:8b4d681, author = {Daniel Frank}, title = {{Cybereason vs. RansomEXX Ransomware}}, date = {2021-01-26}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs.-ransomexx-ransomware}, language = {English}, urldate = {2021-01-27} } Cybereason vs. RansomEXX Ransomware
RansomEXX RansomEXX
2021-01-12CybereasonLior Rochberger
@online{rochberger:20210112:cybereason:5707e14, author = {Lior Rochberger}, title = {{Cybereason vs. Conti Ransomware}}, date = {2021-01-12}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs.-conti-ransomware}, language = {English}, urldate = {2021-01-18} } Cybereason vs. Conti Ransomware
BazarBackdoor Conti
2020-12-10CybereasonJoakim Kandefelt
@online{kandefelt:20201210:cybereason:0267d5e, author = {Joakim Kandefelt}, title = {{Cybereason vs. Ryuk Ransomware}}, date = {2020-12-10}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs.-ryuk-ransomware}, language = {English}, urldate = {2020-12-14} } Cybereason vs. Ryuk Ransomware
BazarBackdoor Ryuk TrickBot
2020-12-09CybereasonCybereason Nocturnus Team
@techreport{team:20201209:molerats:a13c569, author = {Cybereason Nocturnus Team}, title = {{MOLERATS IN THE CLOUD: New Malware Arsenal Abuses Cloud Platforms in Middle East Espionage Campaign}}, date = {2020-12-09}, institution = {Cybereason}, url = {https://www.cybereason.com/hubfs/dam/collateral/reports/Molerats-in-the-Cloud-New-Malware-Arsenal-Abuses-Cloud-Platforms-in-Middle-East-Espionage-Campaign.pdf}, language = {English}, urldate = {2020-12-10} } MOLERATS IN THE CLOUD: New Malware Arsenal Abuses Cloud Platforms in Middle East Espionage Campaign
JhoneRAT Molerat Loader Pierogi Quasar RAT Spark
2020-12-09CybereasonCybereason Nocturnus
@online{nocturnus:20201209:new:ef00418, author = {Cybereason Nocturnus}, title = {{New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign}}, date = {2020-12-09}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/new-malware-arsenal-abusing-cloud-platforms-in-middle-east-espionage-campaign}, language = {English}, urldate = {2020-12-10} } New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign
DropBook MoleNet Quasar RAT SharpStage Spark