Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-18SecurityScorecardVlad Pasca
@online{pasca:20220718:deep:86577a8, author = {Vlad Pasca}, title = {{A Deep Dive Into ALPHV/BlackCat Ransomware}}, date = {2022-07-18}, organization = {SecurityScorecard}, url = {https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware}, language = {English}, urldate = {2022-07-19} } A Deep Dive Into ALPHV/BlackCat Ransomware
BlackCat
2022-06-27ZscalerSudeep Singh, Sahil Antil
@online{singh:20220627:return:a09268a, author = {Sudeep Singh and Sahil Antil}, title = {{Return of the Evilnum APT with updated TTPs and new targets}}, date = {2022-06-27}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-evilnum-apt-updated-ttps-and-new-targets}, language = {English}, urldate = {2022-06-29} } Return of the Evilnum APT with updated TTPs and new targets
EVILNUM EVILNUM
2022-06-24Github (x-junior)Mohamed Ashraf
@online{ashraf:20220624:deep:5c1c1cf, author = {Mohamed Ashraf}, title = {{Deep Analysis of Snake Keylogger}}, date = {2022-06-24}, organization = {Github (x-junior)}, url = {https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html}, language = {English}, urldate = {2022-07-05} } Deep Analysis of Snake Keylogger
404 Keylogger
2022-06-24Palo Alto Networks Unit 42Mark Lim, Riley Porter
@online{lim:20220624:there:7a3b762, author = {Mark Lim and Riley Porter}, title = {{There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families}}, date = {2022-06-24}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/api-hammering-malware-families/}, language = {English}, urldate = {2022-06-27} } There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families
BazarBackdoor Zloader
2022-06-17ZscalerSudeep Singh, Kaivalya Khursale
@online{singh:20220617:resurgence:736636f, author = {Sudeep Singh and Kaivalya Khursale}, title = {{Resurgence of Voicemail-themed phishing attacks targeting key industry verticals in the US}}, date = {2022-06-17}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/resurgence-voicemail-themed-phishing-attacks-targeting-key-industry}, language = {English}, urldate = {2022-07-01} } Resurgence of Voicemail-themed phishing attacks targeting key industry verticals in the US
2022-06-01Deep instinctSimon Kenin
@online{kenin:20220601:iranian:c17b320, author = {Simon Kenin}, title = {{Iranian Threat Actor Continues to Develop Mass Exploitation Tools}}, date = {2022-06-01}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/iranian-threat-actor-continues-to-develop-mass-exploitation-tools}, language = {English}, urldate = {2022-07-13} } Iranian Threat Actor Continues to Develop Mass Exploitation Tools
CobaltMirage FRP
2022-05-24Deep instinctBar Block
@online{block:20220524:blame:9f45829, author = {Bar Block}, title = {{Blame the Messenger: 4 Types of Dropper Malware in Microsoft Office & How to Detect Them}}, date = {2022-05-24}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/types-of-dropper-malware-in-microsoft-office}, language = {English}, urldate = {2022-05-29} } Blame the Messenger: 4 Types of Dropper Malware in Microsoft Office & How to Detect Them
Dridex Emotet
2022-05-21Github (x-junior)Mohamed Ashraf
@online{ashraf:20220521:deep:0e3523b, author = {Mohamed Ashraf}, title = {{Deep Analysis of Mars Stealer}}, date = {2022-05-21}, organization = {Github (x-junior)}, url = {https://x-junior.github.io/malware%20analysis/MarsStealer/}, language = {English}, urldate = {2022-05-23} } Deep Analysis of Mars Stealer
Mars Stealer
2022-05-19MicrosoftMicrosoft 365 Defender Research Team
@online{team:20220519:rise:2087702, author = {Microsoft 365 Defender Research Team}, title = {{Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices}}, date = {2022-05-19}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/}, language = {English}, urldate = {2022-05-20} } Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
XOR DDoS
2022-05-19ZscalerSudeep Singh, Santiago Vicente, Brett Stone-Gross
@online{singh:20220519:vidar:1c68f0e, author = {Sudeep Singh and Santiago Vicente and Brett Stone-Gross}, title = {{Vidar distributed through backdoored Windows 11 downloads and abusing Telegram}}, date = {2022-05-19}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/vidar-distributed-through-backdoored-windows-11-downloads-and-abusing}, language = {English}, urldate = {2022-05-25} } Vidar distributed through backdoored Windows 11 downloads and abusing Telegram
Vidar
2022-05-18YoroiYoroi Malware ZLab, Luigi Martire, Carmelo Ragusa
@online{zlab:20220518:deep:86d9bee, author = {Yoroi Malware ZLab and Luigi Martire and Carmelo Ragusa}, title = {{A deep dive into Eternity Group: A new emerging Cyber Threat}}, date = {2022-05-18}, organization = {Yoroi}, url = {https://yoroi.company/research/a-deep-dive-into-eternity-group-a-new-emerging-cyber-threat/}, language = {English}, urldate = {2022-07-28} } A deep dive into Eternity Group: A new emerging Cyber Threat
Eternity Ransomware Eternity Stealer Eternity Worm Lilith
2022-05-09BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220509:dirty:76f87f1, author = {The BlackBerry Research & Intelligence Team}, title = {{Dirty Deeds Done Dirt Cheap: Russian RAT Offers Backdoor Bargains}}, date = {2022-05-09}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/05/dirty-deeds-done-dirt-cheap-russian-rat-offers-backdoor-bargains}, language = {English}, urldate = {2022-05-17} } Dirty Deeds Done Dirt Cheap: Russian RAT Offers Backdoor Bargains
DCRat NjRAT
2022-05-04CybereasonChen Erlich, Fusao Tanida, Ofir Ozer, Akihiro Tomita, Niv Yona, Daniel Frank, Assaf Dahan
@online{erlich:20220504:operation:0d23595, author = {Chen Erlich and Fusao Tanida and Ofir Ozer and Akihiro Tomita and Niv Yona and Daniel Frank and Assaf Dahan}, title = {{Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques}}, date = {2022-05-04}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/operation-cuckoobees-deep-dive-into-stealthy-winnti-techniques}, language = {English}, urldate = {2022-05-09} } Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques
PRIVATELOG Spyder STASHLOG Winnti
2022-05-04CybereasonChen Erlich, Fusao Tanida, Ofir Ozer, Akihiro Tomita, Niv Yona, Daniel Frank, Assaf Dahan
@online{erlich:20220504:operation:e40ec58, author = {Chen Erlich and Fusao Tanida and Ofir Ozer and Akihiro Tomita and Niv Yona and Daniel Frank and Assaf Dahan}, title = {{Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive}}, date = {2022-05-04}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/operation-cuckoobees-a-winnti-malware-arsenal-deep-dive}, language = {English}, urldate = {2022-05-05} } Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive
PRIVATELOG Spyder STASHLOG Winnti
2022-05-02LIFARSVlad Pasca
@techreport{pasca:20220502:deep:e3a4dd8, author = {Vlad Pasca}, title = {{A Deep Dive into AvosLocker Ransomware}}, date = {2022-05-02}, institution = {LIFARS}, url = {https://cdn.pathfactory.com/assets/10555/contents/400686/13f4424c-05b4-46db-bb9c-6bf9b5436ec4.pdf}, language = {English}, urldate = {2022-05-08} } A Deep Dive into AvosLocker Ransomware
AvosLocker
2022-04-26ZscalerSudeep Singh, Sahil Antil
@online{singh:20220426:naverending:3f4449c, author = {Sudeep Singh and Sahil Antil}, title = {{A "Naver"-ending game of Lazarus APT}}, date = {2022-04-26}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/naver-ending-game-lazarus-apt}, language = {English}, urldate = {2022-07-01} } A "Naver"-ending game of Lazarus APT
2022-04-25VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220425:re026:6e05ed2, author = {m4n0w4r and Tran Trung Kien}, title = {{[RE026] A Deep Dive into Zloader - the Silent Night}}, date = {2022-04-25}, organization = {VinCSS}, url = {https://blog.vincss.net/2022/04/re026-a-deep-dive-into-zloader-the-silent-night.html}, language = {English}, urldate = {2022-04-25} } [RE026] A Deep Dive into Zloader - the Silent Night
Zloader
2022-04-08Trend MicroDeep Patel, Nitesh Surana, Ashish Verma
@online{patel:20220408:cve202222965:53968ea, author = {Deep Patel and Nitesh Surana and Ashish Verma}, title = {{CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware}}, date = {2022-04-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html}, language = {English}, urldate = {2022-04-13} } CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
Mirai
2022-03-31Cyble
@online{cyble:20220331:deep:88a14dc, author = {Cyble}, title = {{Deep Dive Analysis - Borat RAT}}, date = {2022-03-31}, url = {https://blog.cyble.com/2022/03/31/deep-dive-analysis-borat-rat/}, language = {English}, urldate = {2022-04-04} } Deep Dive Analysis - Borat RAT
Borat RAT
2022-03-30FortinetRotem Sde-Or, Eliran Voronovitch
@online{sdeor:20220330:new:8eeff0d, author = {Rotem Sde-Or and Eliran Voronovitch}, title = {{New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits}}, date = {2022-03-30}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-panda-log4shell-fire-chili-rootkits}, language = {English}, urldate = {2022-03-31} } New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits
Fire Chili Ghost RAT