Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-16ESET ResearchAnton Cherepanov, Peter Kálnai
@online{cherepanov:20201116:lazarus:6b90a77, author = {Anton Cherepanov and Peter Kálnai}, title = {{Lazarus supply‑chain attack in South Korea}}, date = {2020-11-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/11/16/lazarus-supply-chain-attack-south-korea/}, language = {English}, urldate = {2020-11-18} } Lazarus supply‑chain attack in South Korea
Lazarus Group
2020-11-12ESET ResearchMartin Smolár
@online{smolr:20201112:hungry:f376679, author = {Martin Smolár}, title = {{Hungry for data, ModPipe backdoor hits POS software used in hospitality sector}}, date = {2020-11-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/11/12/hungry-data-modpipe-backdoor-hits-pos-software-hospitality-sector/}, language = {English}, urldate = {2020-11-18} } Hungry for data, ModPipe backdoor hits POS software used in hospitality sector
ModPipe
2020-10-28ESET ResearchESET Research
@techreport{research:20201028:threat:269f2d0, author = {ESET Research}, title = {{THREAT REPORT Q3 2020}}, date = {2020-10-28}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/10/ESET_Threat_Report_Q32020.pdf}, language = {English}, urldate = {2020-10-29} } THREAT REPORT Q3 2020
2020-10-12ESET ResearchJean-Ian Boutin
@online{boutin:20201012:eset:a7eeb51, author = {Jean-Ian Boutin}, title = {{ESET takes part in global operation to disrupt Trickbot}}, date = {2020-10-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/10/12/eset-takes-part-global-operation-disrupt-trickbot/}, language = {English}, urldate = {2020-10-12} } ESET takes part in global operation to disrupt Trickbot
TrickBot
2020-10-02ESET ResearchMatthieu Faou
@online{faou:20201002:xdspy:c3724c7, author = {Matthieu Faou}, title = {{XDSpy: Stealing government secrets since 2011}}, date = {2020-10-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/10/02/xdspy-stealing-government-secrets-since-2011/}, language = {English}, urldate = {2020-10-05} } XDSpy: Stealing government secrets since 2011
XDSpy XDSpy
2020-10-01ESET ResearchESET Research
@online{research:20201001:latam:6e349e9, author = {ESET Research}, title = {{LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs}}, date = {2020-10-01}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/10/01/latam-financial-cybercrime-competitors-crime-sharing-ttps/}, language = {English}, urldate = {2020-10-09} } LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs
Numando
2020-09-30ESET ResearchLukáš Štefanko
@online{tefanko:20200930:aptc23:033fea8, author = {Lukáš Štefanko}, title = {{APT‑C‑23 group evolves its Android spyware}}, date = {2020-09-30}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/09/30/aptc23-group-evolves-its-android-spyware/}, language = {English}, urldate = {2020-10-04} } APT‑C‑23 group evolves its Android spyware
SpyC23
2020-09-10ESET ResearchAnton Cherepanov
@online{cherepanov:20200910:who:2fdc6a6, author = {Anton Cherepanov}, title = {{Who is calling? CDRThief targets Linux VoIP softswitches}}, date = {2020-09-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/09/10/who-callin-cdrthief-linux-voip-softswitches/}, language = {English}, urldate = {2020-09-15} } Who is calling? CDRThief targets Linux VoIP softswitches
CDRThief
2020-09-02ESET ResearchMatthieu Faou, Alexandre Côté Cyr
@online{faou:20200902:kryptocibule:9fb272b, author = {Matthieu Faou and Alexandre Côté Cyr}, title = {{KryptoCibule: The multitasking multicurrency cryptostealer}}, date = {2020-09-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/09/02/kryptocibule-multitasking-multicurrency-cryptostealer/}, language = {English}, urldate = {2020-09-03} } KryptoCibule: The multitasking multicurrency cryptostealer
KryptoCibule
2020-08-13ESET ResearchESET Research
@online{research:20200813:mekotio:4d7964c, author = {ESET Research}, title = {{Mekotio: These aren’t the security updates you’re looking for…}}, date = {2020-08-13}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/08/13/mekotio-these-arent-the-security-updates-youre-looking-for}, language = {English}, urldate = {2020-08-14} } Mekotio: These aren’t the security updates you’re looking for…
2020-08-13ESET Research
@online{research:20200813:mekotio:c7c68ed, author = {ESET Research}, title = {{Mekotio: These aren’t the security updates you’re looking for…}}, date = {2020-08-13}, url = {https://www.welivesecurity.com/2020/08/13/mekotio-these-arent-the-security-updates-youre-looking-for/}, language = {English}, urldate = {2020-08-24} } Mekotio: These aren’t the security updates you’re looking for…
Mekotio
2020-08-07ESET ResearchVladislav Hrčka
@online{hrka:20200807:stadeo:9fc4787, author = {Vladislav Hrčka}, title = {{Stadeo: Deobfuscating Stantinko and more}}, date = {2020-08-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/08/07/stadeo-deobfuscating-stantinko-and-more/}, language = {English}, urldate = {2020-08-14} } Stadeo: Deobfuscating Stantinko and more
Stantinko
2020-07-29ESET Researchwelivesecurity
@techreport{welivesecurity:20200729:threat:496355c, author = {welivesecurity}, title = {{THREAT REPORT Q2 2020}}, date = {2020-07-29}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf}, language = {English}, urldate = {2020-07-30} } THREAT REPORT Q2 2020
DEFENSOR ID HiddenAd Bundlore Pirrit Agent.BTZ Cerber ClipBanker CROSSWALK Cryptowall CTB Locker DanaBot Dharma Formbook Gandcrab Grandoreiro Houdini ISFB LockBit Locky Mailto Maze Microcin Nemty NjRAT Phobos Ransomware PlugX Pony REvil Socelars STOP Ransomware Tinba TrickBot WannaCryptor
2020-07-16ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20200716:mac:405cc1d, author = {Marc-Etienne M.Léveillé}, title = {{Mac cryptocurrency trading application rebranded, bundled with malware}}, date = {2020-07-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/16/mac-cryptocurrency-trading-application-rebranded-bundled-malware/}, language = {English}, urldate = {2020-07-16} } Mac cryptocurrency trading application rebranded, bundled with malware
Gmera
2020-07-16ESET ResearchAmer Owaida
@online{owaida:20200716:highprofile:9e5eb1d, author = {Amer Owaida}, title = {{High‑profile Twitter accounts hacked to promote Bitcoin scam}}, date = {2020-07-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/16/high-profile-twitter-accounts-hacked-bitcoin-scam/}, language = {English}, urldate = {2020-07-16} } High‑profile Twitter accounts hacked to promote Bitcoin scam
2020-07-14ESET ResearchLukáš Štefanko
@online{tefanko:20200714:welcome:333a076, author = {Lukáš Štefanko}, title = {{Welcome Chat as a secure messaging app? Nothing could be further from the truth}}, date = {2020-07-14}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/14/welcome-chat-secure-messaging-app-nothing-further-truth/}, language = {English}, urldate = {2020-07-15} } Welcome Chat as a secure messaging app? Nothing could be further from the truth
BadPatch
2020-07-09ESET ResearchMatías Porolli
@online{porolli:20200709:more:24d8b63, author = {Matías Porolli}, title = {{More evil: A deep look at Evilnum and its toolset}}, date = {2020-07-09}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/09/more-evil-deep-look-evilnum-toolset/}, language = {English}, urldate = {2020-07-11} } More evil: A deep look at Evilnum and its toolset
EVILNUM More_eggs EVILNUM TerraPreter TerraStealer TerraTV Evilnum
2020-06-24Twitter (@ESETresearch)ESET Research
@online{research:20200624:malicious:8ea3789, author = {ESET Research}, title = {{Tweet on malicious EFI bootloader which displays a ransom message and prevents the computer from booting}}, date = {2020-06-24}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1275770256389222400}, language = {English}, urldate = {2020-06-24} } Tweet on malicious EFI bootloader which displays a ransom message and prevents the computer from booting
2020-06-24ESET ResearchLukáš Štefanko
@online{tefanko:20200624:new:ccea4e8, author = {Lukáš Štefanko}, title = {{New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor}}, date = {2020-06-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canada-eset-decryptor/}, language = {English}, urldate = {2020-06-24} } New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor
CryCryptor
2020-06-18ESET ResearchZuzana Hromcová, Anton Cherepanov
@online{hromcov:20200618:digging:285d02f, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{Digging up InvisiMole’s hidden arsenal}}, date = {2020-06-18}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/18/digging-up-invisimole-hidden-arsenal/}, language = {English}, urldate = {2020-06-29} } Digging up InvisiMole’s hidden arsenal
InvisiMole Gamaredon Group InvisiMole