Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-23ESET ResearchLukáš Štefanko
@online{tefanko:20221123:bahamut:7e7453f, author = {Lukáš Štefanko}, title = {{Bahamut cybermercenary group targets Android users with fake VPN apps}}, date = {2022-11-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/}, language = {English}, urldate = {2022-11-25} } Bahamut cybermercenary group targets Android users with fake VPN apps
Bahamut
2022-11-22Twitter (@ESETresearch)ESET Research
@online{research:20221122:tweets:518c665, author = {ESET Research}, title = {{Tweets on SysUpdate / Soldier / HyperSSL}}, date = {2022-11-22}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1594937054303236096}, language = {English}, urldate = {2022-11-25} } Tweets on SysUpdate / Soldier / HyperSSL
HyperSSL
2022-10-11ESET ResearchMatías Porolli
@online{porolli:20221011:polonium:1dbdd2d, author = {Matías Porolli}, title = {{POLONIUM targets Israel with Creepy malware}}, date = {2022-10-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/10/11/polonium-targets-israel-creepy-malware/}, language = {English}, urldate = {2022-10-12} } POLONIUM targets Israel with Creepy malware
DeepCreep MegaCreep Unidentified 097 (Polonium Keylogger)
2022-10-06Twitter (@ESETresearch)ESET Research
@online{research:20221006:bumblebee:bd949dd, author = {ESET Research}, title = {{Tweet on Bumblebee being modularized like trickbot}}, date = {2022-10-06}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1577963080096555008}, language = {English}, urldate = {2022-10-10} } Tweet on Bumblebee being modularized like trickbot
BumbleBee
2022-09-30ESET ResearchPeter Kálnai
@online{klnai:20220930:amazonthemed:bf959b5, author = {Peter Kálnai}, title = {{Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium}}, date = {2022-09-30}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/09/30/amazon-themed-campaigns-lazarus-netherlands-belgium/}, language = {English}, urldate = {2022-10-12} } Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium
BLINDINGCAN
2022-09-14ESET ResearchVladislav Hrčka, Mathieu Tartare, Thibaut Passilly
@online{hrka:20220914:you:3850b85, author = {Vladislav Hrčka and Mathieu Tartare and Thibaut Passilly}, title = {{You never walk alone: The SideWalk backdoor gets a Linux variant}}, date = {2022-09-14}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/09/14/you-never-walk-alone-sidewalk-backdoor-linux-variant/}, language = {English}, urldate = {2022-09-19} } You never walk alone: The SideWalk backdoor gets a Linux variant
SideWalk
2022-09-06ESET ResearchThibaut Passilly
@online{passilly:20220906:worok:0c106ac, author = {Thibaut Passilly}, title = {{Worok: The big picture}}, date = {2022-09-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/09/06/worok-big-picture/}, language = {English}, urldate = {2022-09-10} } Worok: The big picture
MimiKatz PNGLoad reGeorg ShadowPad
2022-07-19ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20220719:i:d9dc1d5, author = {Marc-Etienne M.Léveillé}, title = {{I see what you did there: A look at the CloudMensis macOS spyware}}, date = {2022-07-19}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/07/19/i-see-what-you-did-there-look-cloudmensis-macos-spyware/}, language = {English}, urldate = {2022-07-20} } I see what you did there: A look at the CloudMensis macOS spyware
CloudMensis
2022-06-16ESET ResearchRene Holt
@online{holt:20220616:how:d3225fc, author = {Rene Holt}, title = {{How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security}}, date = {2022-06-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/06/16/how-emotet-is-changing-tactics-microsoft-tightening-office-macro-security/}, language = {English}, urldate = {2022-06-17} } How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security
Emotet
2022-04-27ESET ResearchMatthieu Faou, Alexandre Côté Cyr
@online{faou:20220427:lookback:112a66b, author = {Matthieu Faou and Alexandre Côté Cyr}, title = {{A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity}}, date = {2022-04-27}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/27/lookback-ta410-umbrella-cyberespionage-ttps-activity/}, language = {English}, urldate = {2022-04-29} } A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity
FlowCloud Lookback
2022-04-13ESET ResearchJean-Ian Boutin, Tomáš Procházka
@online{boutin:20220413:eset:7463437, author = {Jean-Ian Boutin and Tomáš Procházka}, title = {{ESET takes part in global operation to disrupt Zloader botnets}}, date = {2022-04-13}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/13/eset-takes-part-global-operation-disrupt-zloader-botnets/}, language = {English}, urldate = {2022-04-14} } ESET takes part in global operation to disrupt Zloader botnets
Cobalt Strike Zloader
2022-04-12ESET ResearchESET Research
@online{research:20220412:industroyer2:4d6c5f8, author = {ESET Research}, title = {{Industroyer2: Industroyer reloaded}}, date = {2022-04-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/}, language = {English}, urldate = {2022-04-13} } Industroyer2: Industroyer reloaded
ArguePatch CaddyWiper Industroyer INDUSTROYER2
2022-04-12ESET ResearchESET Ireland
@online{ireland:20220412:industroyer2:aa61be3, author = {ESET Ireland}, title = {{Industroyer2: Industroyer reloaded}}, date = {2022-04-12}, organization = {ESET Research}, url = {https://blog.eset.ie/2022/04/12/industroyer2-industroyer-reloaded/}, language = {English}, urldate = {2022-05-04} } Industroyer2: Industroyer reloaded
CaddyWiper INDUSTROYER2
2022-04-06ESET ResearchLukáš Štefanko
@online{tefanko:20220406:fake:47db49c, author = {Lukáš Štefanko}, title = {{Fake e‑shops on the prowl for banking credentials using Android malware}}, date = {2022-04-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/}, language = {English}, urldate = {2022-04-08} } Fake e‑shops on the prowl for banking credentials using Android malware
Unidentified APK 008
2022-03-25ESET ResearchAlexandre Côté Cyr
@online{cyr:20220325:mustang:4052776, author = {Alexandre Côté Cyr}, title = {{Mustang Panda's Hodur: Old stuff, new variant of Korplug}}, date = {2022-03-25}, organization = {ESET Research}, url = {https://www.welivesecurity.com/fr/2022/03/25/mustang-pandas-hodur-nouveau-korplug/}, language = {French}, urldate = {2022-03-30} } Mustang Panda's Hodur: Old stuff, new variant of Korplug
PlugX
2022-03-24Twitter (@ESETresearch)ESET Research
@online{research:20220324:pipemon:351014e, author = {ESET Research}, title = {{Tweet on PipeMon variants by Winnti Group}}, date = {2022-03-24}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1506904404225630210}, language = {English}, urldate = {2022-03-30} } Tweet on PipeMon variants by Winnti Group
PipeMon
2022-03-24ESET ResearchLukáš Štefanko
@online{tefanko:20220324:crypto:ff8a482, author = {Lukáš Štefanko}, title = {{Crypto malware in patched wallets targeting Android and iOS devices}}, date = {2022-03-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/}, language = {English}, urldate = {2022-03-25} } Crypto malware in patched wallets targeting Android and iOS devices
2022-03-23ESET ResearchAlexandre Côté Cyr
@online{cyr:20220323:mustang:3e97382, author = {Alexandre Côté Cyr}, title = {{Mustang Panda’s Hodur: Old tricks, new Korplug variant}}, date = {2022-03-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/23/mustang-panda-hodur-old-tricks-new-korplug-variant/}, language = {English}, urldate = {2022-03-24} } Mustang Panda’s Hodur: Old tricks, new Korplug variant
PlugX
2022-03-21ESET ResearchRene Holt
@online{holt:20220321:sandworm:0e54095, author = {Rene Holt}, title = {{Sandworm: A tale of disruption told anew}}, date = {2022-03-21}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/21/sandworm-tale-disruption-told-anew/}, language = {English}, urldate = {2022-03-25} } Sandworm: A tale of disruption told anew
2022-03-15ESET ResearchESET Research
@online{research:20220315:caddywiper:0edb827, author = {ESET Research}, title = {{CaddyWiper: New wiper malware discovered in Ukraine}}, date = {2022-03-15}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/15/caddywiper-new-wiper-malware-discovered-ukraine/}, language = {English}, urldate = {2022-03-15} } CaddyWiper: New wiper malware discovered in Ukraine
CaddyWiper