Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-13Twitter (@ESETresearch)ESET Research
@online{research:20210413:tscookie:affc5a0, author = {ESET Research}, title = {{Tweet on TSCookie for FreeBSD platform}}, date = {2021-04-13}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1382054011264700416}, language = {English}, urldate = {2021-04-14} } Tweet on TSCookie for FreeBSD platform
TSCookie
2021-04-06ESET ResearchFacundo Muñoz, Matías Porolli
@online{muoz:20210406:janeleiro:b85a738, author = {Facundo Muñoz and Matías Porolli}, title = {{Janeleiro, the time traveler: A new old banking trojan in Brazil}}, date = {2021-04-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/04/06/janeleiro-time-traveler-new-old-banking-trojan-brazil/}, language = {English}, urldate = {2021-04-06} } Janeleiro, the time traveler: A new old banking trojan in Brazil
Janeleiro
2021-03-18ESET ResearchAmer Owaida
@online{owaida:20210318:beware:2218ccd, author = {Amer Owaida}, title = {{Beware Android trojan posing as Clubhouse app}}, date = {2021-03-18}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/03/18/beware-android-trojan-posing-clubhouse-app/}, language = {English}, urldate = {2021-03-25} } Beware Android trojan posing as Clubhouse app
2021-03-10ESET ResearchThomas Dupuy, Matthieu Faou, Mathieu Tartare
@online{dupuy:20210310:exchange:8f65a1f, author = {Thomas Dupuy and Matthieu Faou and Mathieu Tartare}, title = {{Exchange servers under siege from at least 10 APT groups}}, date = {2021-03-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/}, language = {English}, urldate = {2021-03-11} } Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti
2021-03-02Twitter (@ESETresearch)ESET Research
@online{research:20210302:exchange:4473faa, author = {ESET Research}, title = {{Tweet on Exchange RCE}}, date = {2021-03-02}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1366862946488451088}, language = {English}, urldate = {2021-03-10} } Tweet on Exchange RCE
CHINACHOPPER HAFNIUM
2021-02-12Twitter (@ESETresearch)ESET Research
@online{research:20210212:twitter:8703272, author = {ESET Research}, title = {{A twitter thread on discussing updated attack chain of EVILNUM group and their use PYVIL malware}}, date = {2021-02-12}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1360178593968623617}, language = {English}, urldate = {2021-02-18} } A twitter thread on discussing updated attack chain of EVILNUM group and their use PYVIL malware
PyVil
2021-02-08ESET ResearchESET Research
@techreport{research:20210208:threat:fc2b885, author = {ESET Research}, title = {{THREAT REPORT Q4 2020}}, date = {2021-02-08}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/02/ESET_Threat_Report_Q42020.pdf}, language = {English}, urldate = {2021-02-09} } THREAT REPORT Q4 2020
TrickBot
2021-02-02ESET ResearchMarc-Etienne M.Léveillé, Ignacio Sanmillan
@online{mlveill:20210202:kobalos:5bb5548, author = {Marc-Etienne M.Léveillé and Ignacio Sanmillan}, title = {{Kobalos – A complex Linux threat to high performance computing infrastructure}}, date = {2021-02-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/02/02/kobalos-complex-linux-threat-high-performance-computing-infrastructure/}, language = {English}, urldate = {2021-02-02} } Kobalos – A complex Linux threat to high performance computing infrastructure
Kobalos
2021-02-01ESET ResearchIgnacio Sanmillan, Matthieu Faou
@online{sanmillan:20210201:operation:9e52a78, author = {Ignacio Sanmillan and Matthieu Faou}, title = {{Operation NightScout: Supply‑chain attack targets online gaming in Asia}}, date = {2021-02-01}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/02/01/operation-nightscout-supply-chain-attack-online-gaming-asia/}, language = {English}, urldate = {2021-02-17} } Operation NightScout: Supply‑chain attack targets online gaming in Asia
Ghost RAT NoxPlayer Poison Ivy
2021-01-21ESET ResearchESET Research
@online{research:20210121:vadokrist:5e5cf82, author = {ESET Research}, title = {{Vadokrist: A wolf in sheep’s clothing}}, date = {2021-01-21}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/01/21/vadokrist-wolf-sheeps-clothing/}, language = {English}, urldate = {2021-01-25} } Vadokrist: A wolf in sheep’s clothing
Vadokrist
2021-01-11ESET ResearchMatías Porolli
@online{porolli:20210111:operation:409662d, author = {Matías Porolli}, title = {{Operation Spalax: Targeted malware attacks in Colombia}}, date = {2021-01-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/01/12/operation-spalax-targeted-malware-attacks-colombia/}, language = {English}, urldate = {2021-01-18} } Operation Spalax: Targeted malware attacks in Colombia
Agent Tesla AsyncRAT NjRAT Remcos
2020-12-17ESET ResearchIgnacio Sanmillan, Matthieu Faou
@online{sanmillan:20201217:operation:6822847, author = {Ignacio Sanmillan and Matthieu Faou}, title = {{Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia}}, date = {2020-12-17}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/12/17/operation-signsight-supply-chain-attack-southeast-asia/}, language = {English}, urldate = {2020-12-18} } Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
SManager
2020-12-10ESET ResearchMathieu Tartare
@online{tartare:20201210:operation:0eecfc8, author = {Mathieu Tartare}, title = {{Operation StealthyTrident: corporate software under attack}}, date = {2020-12-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/12/10/luckymouse-ta428-compromise-able-desktop/}, language = {English}, urldate = {2020-12-10} } Operation StealthyTrident: corporate software under attack
HyperBro PlugX ShadowPad Tmanger
2020-12-02ESET ResearchMatthieu Faou
@online{faou:20201202:turla:7f8c935, author = {Matthieu Faou}, title = {{Turla Crutch: Keeping the “back door” open}}, date = {2020-12-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/12/02/turla-crutch-keeping-back-door-open/}, language = {English}, urldate = {2020-12-08} } Turla Crutch: Keeping the “back door” open
Crutch Gazer Turla Group
2020-11-16ESET ResearchAnton Cherepanov, Peter Kálnai
@online{cherepanov:20201116:lazarus:6b90a77, author = {Anton Cherepanov and Peter Kálnai}, title = {{Lazarus supply‑chain attack in South Korea}}, date = {2020-11-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/11/16/lazarus-supply-chain-attack-south-korea/}, language = {English}, urldate = {2020-11-18} } Lazarus supply‑chain attack in South Korea
Lazarus Group
2020-11-12ESET ResearchMartin Smolár
@online{smolr:20201112:hungry:f376679, author = {Martin Smolár}, title = {{Hungry for data, ModPipe backdoor hits POS software used in hospitality sector}}, date = {2020-11-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/11/12/hungry-data-modpipe-backdoor-hits-pos-software-hospitality-sector/}, language = {English}, urldate = {2020-11-18} } Hungry for data, ModPipe backdoor hits POS software used in hospitality sector
ModPipe
2020-10-28ESET ResearchESET Research
@techreport{research:20201028:threat:269f2d0, author = {ESET Research}, title = {{THREAT REPORT Q3 2020}}, date = {2020-10-28}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/10/ESET_Threat_Report_Q32020.pdf}, language = {English}, urldate = {2020-10-29} } THREAT REPORT Q3 2020
2020-10-12ESET ResearchJean-Ian Boutin
@online{boutin:20201012:eset:a7eeb51, author = {Jean-Ian Boutin}, title = {{ESET takes part in global operation to disrupt Trickbot}}, date = {2020-10-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/10/12/eset-takes-part-global-operation-disrupt-trickbot/}, language = {English}, urldate = {2020-10-12} } ESET takes part in global operation to disrupt Trickbot
TrickBot
2020-10-02ESET ResearchMatthieu Faou
@online{faou:20201002:xdspy:c3724c7, author = {Matthieu Faou}, title = {{XDSpy: Stealing government secrets since 2011}}, date = {2020-10-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/10/02/xdspy-stealing-government-secrets-since-2011/}, language = {English}, urldate = {2020-10-05} } XDSpy: Stealing government secrets since 2011
XDSpy XDSpy
2020-10-01ESET ResearchESET Research
@online{research:20201001:latam:6e349e9, author = {ESET Research}, title = {{LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs}}, date = {2020-10-01}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/10/01/latam-financial-cybercrime-competitors-crime-sharing-ttps/}, language = {English}, urldate = {2020-10-09} } LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs
Numando