Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-19ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20220719:i:d9dc1d5, author = {Marc-Etienne M.Léveillé}, title = {{I see what you did there: A look at the CloudMensis macOS spyware}}, date = {2022-07-19}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/07/19/i-see-what-you-did-there-look-cloudmensis-macos-spyware/}, language = {English}, urldate = {2022-07-20} } I see what you did there: A look at the CloudMensis macOS spyware
CloudMensis
2022-06-16ESET ResearchRene Holt
@online{holt:20220616:how:d3225fc, author = {Rene Holt}, title = {{How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security}}, date = {2022-06-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/06/16/how-emotet-is-changing-tactics-microsoft-tightening-office-macro-security/}, language = {English}, urldate = {2022-06-17} } How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security
Emotet
2022-05-04Twitter (@ESETresearch)Twitter (@ESETresearch)
@online{esetresearch:20220504:twitter:48f1a89, author = {Twitter (@ESETresearch)}, title = {{Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication}}, date = {2022-05-04}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1521910890072842240}, language = {English}, urldate = {2022-05-05} } Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper
2022-04-27ESET ResearchMatthieu Faou, Alexandre Côté Cyr
@online{faou:20220427:lookback:112a66b, author = {Matthieu Faou and Alexandre Côté Cyr}, title = {{A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity}}, date = {2022-04-27}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/27/lookback-ta410-umbrella-cyberespionage-ttps-activity/}, language = {English}, urldate = {2022-04-29} } A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity
FlowCloud Lookback
2022-04-13ESET ResearchJean-Ian Boutin, Tomáš Procházka
@online{boutin:20220413:eset:7463437, author = {Jean-Ian Boutin and Tomáš Procházka}, title = {{ESET takes part in global operation to disrupt Zloader botnets}}, date = {2022-04-13}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/13/eset-takes-part-global-operation-disrupt-zloader-botnets/}, language = {English}, urldate = {2022-04-14} } ESET takes part in global operation to disrupt Zloader botnets
Cobalt Strike Zloader
2022-04-12ESET ResearchESET Research
@online{research:20220412:industroyer2:4d6c5f8, author = {ESET Research}, title = {{Industroyer2: Industroyer reloaded}}, date = {2022-04-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/}, language = {English}, urldate = {2022-04-13} } Industroyer2: Industroyer reloaded
ArguePatch CaddyWiper Industroyer INDUSTROYER2
2022-04-12ESET ResearchESET Ireland
@online{ireland:20220412:industroyer2:aa61be3, author = {ESET Ireland}, title = {{Industroyer2: Industroyer reloaded}}, date = {2022-04-12}, organization = {ESET Research}, url = {https://blog.eset.ie/2022/04/12/industroyer2-industroyer-reloaded/}, language = {English}, urldate = {2022-05-04} } Industroyer2: Industroyer reloaded
CaddyWiper INDUSTROYER2
2022-04-06ESET ResearchLukáš Štefanko
@online{tefanko:20220406:fake:47db49c, author = {Lukáš Štefanko}, title = {{Fake e‑shops on the prowl for banking credentials using Android malware}}, date = {2022-04-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/}, language = {English}, urldate = {2022-04-08} } Fake e‑shops on the prowl for banking credentials using Android malware
Unidentified APK 008
2022-03-25ESET ResearchAlexandre Côté Cyr
@online{cyr:20220325:mustang:4052776, author = {Alexandre Côté Cyr}, title = {{Mustang Panda's Hodur: Old stuff, new variant of Korplug}}, date = {2022-03-25}, organization = {ESET Research}, url = {https://www.welivesecurity.com/fr/2022/03/25/mustang-pandas-hodur-nouveau-korplug/}, language = {French}, urldate = {2022-03-30} } Mustang Panda's Hodur: Old stuff, new variant of Korplug
PlugX
2022-03-24Twitter (@ESETresearch)ESET Research
@online{research:20220324:pipemon:351014e, author = {ESET Research}, title = {{Tweet on PipeMon variants by Winnti Group}}, date = {2022-03-24}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1506904404225630210}, language = {English}, urldate = {2022-03-30} } Tweet on PipeMon variants by Winnti Group
PipeMon
2022-03-24ESET ResearchLukáš Štefanko
@online{tefanko:20220324:crypto:ff8a482, author = {Lukáš Štefanko}, title = {{Crypto malware in patched wallets targeting Android and iOS devices}}, date = {2022-03-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/}, language = {English}, urldate = {2022-03-25} } Crypto malware in patched wallets targeting Android and iOS devices
2022-03-23ESET ResearchAlexandre Côté Cyr
@online{cyr:20220323:mustang:3e97382, author = {Alexandre Côté Cyr}, title = {{Mustang Panda’s Hodur: Old tricks, new Korplug variant}}, date = {2022-03-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/23/mustang-panda-hodur-old-tricks-new-korplug-variant/}, language = {English}, urldate = {2022-03-24} } Mustang Panda’s Hodur: Old tricks, new Korplug variant
PlugX
2022-03-21ESET ResearchRene Holt
@online{holt:20220321:sandworm:0e54095, author = {Rene Holt}, title = {{Sandworm: A tale of disruption told anew}}, date = {2022-03-21}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/21/sandworm-tale-disruption-told-anew/}, language = {English}, urldate = {2022-03-25} } Sandworm: A tale of disruption told anew
2022-03-15ESET ResearchESET Research
@online{research:20220315:caddywiper:0edb827, author = {ESET Research}, title = {{CaddyWiper: New wiper malware discovered in Ukraine}}, date = {2022-03-15}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/15/caddywiper-new-wiper-malware-discovered-ukraine/}, language = {English}, urldate = {2022-03-15} } CaddyWiper: New wiper malware discovered in Ukraine
CaddyWiper
2022-03-14Twitter (@ESETresearch)ESET Research
@online{research:20220314:caddywiper:ac25105, author = {ESET Research}, title = {{Tweet on CaddyWiper as 3rd destructive wiper found deployed against Ukraine}}, date = {2022-03-14}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1503436420886712321}, language = {English}, urldate = {2022-03-14} } Tweet on CaddyWiper as 3rd destructive wiper found deployed against Ukraine
CaddyWiper
2022-03-01ESET ResearchESET Research
@online{research:20220301:isaacwiper:a2ff019, author = {ESET Research}, title = {{IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine}}, date = {2022-03-01}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/01/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine/}, language = {English}, urldate = {2022-03-02} } IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine
HermeticWiper IsaacWiper PartyTicket
2022-03ESET ResearchVladislav Hrčka
@techreport{hrka:202203:under:04f52d9, author = {Vladislav Hrčka}, title = {{Under the hood of Wslink’s multilayered virtual machine}}, date = {2022-03}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2022/03/eset_wsliknkvm.pdf}, language = {English}, urldate = {2022-03-30} } Under the hood of Wslink’s multilayered virtual machine
Wslink
2022-02-24ESET Researchwelivesecurity
@online{welivesecurity:20220224:hermeticwiper:33daddb, author = {welivesecurity}, title = {{HermeticWiper: New data‑wiping malware hits Ukraine}}, date = {2022-02-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/}, language = {English}, urldate = {2022-03-02} } HermeticWiper: New data‑wiping malware hits Ukraine
HermeticWiper
2022-02-09ESET ResearchESET Research
@techreport{research:20220209:threat:507947f, author = {ESET Research}, title = {{THREAT REPORT T3 2021}}, date = {2022-02-09}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2022/02/eset_threat_report_t32021.pdf}, language = {English}, urldate = {2022-02-10} } THREAT REPORT T3 2021
2022-01-25ESET ResearchMarc-Etienne M.Léveillé, Anton Cherepanov
@online{mlveill:20220125:watering:e1afb71, author = {Marc-Etienne M.Léveillé and Anton Cherepanov}, title = {{Watering hole deploys new macOS malware, DazzleSpy, in Asia}}, date = {2022-01-25}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/}, language = {English}, urldate = {2022-01-25} } Watering hole deploys new macOS malware, DazzleSpy, in Asia