Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-07ESET ResearchLukáš Štefanko
@online{tefanko:20210907:bladehawk:a5ce5a7, author = {Lukáš Štefanko}, title = {{BladeHawk group: Android espionage against Kurdish ethnic group}}, date = {2021-09-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/}, language = {English}, urldate = {2021-09-14} } BladeHawk group: Android espionage against Kurdish ethnic group
888 RAT
2021-09-03Twitter (@ESETresearch)ESET Research
@online{research:20210903:twitter:1e08c95, author = {ESET Research}, title = {{Twitter thread on SPARKLOG, a launcher component for PRIVATELOG along with STASHLOG}}, date = {2021-09-03}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1433819369784610828}, language = {English}, urldate = {2021-09-14} } Twitter thread on SPARKLOG, a launcher component for PRIVATELOG along with STASHLOG
PRIVATELOG STASHLOG
2021-08-24ESET ResearchThibaut Passilly, Mathieu Tartare
@online{passilly:20210824:sidewalk:75d39db, author = {Thibaut Passilly and Mathieu Tartare}, title = {{The SideWalk may be as dangerous as the CROSSWALK}}, date = {2021-08-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/24/sidewalk-may-be-as-dangerous-as-crosswalk/}, language = {English}, urldate = {2021-08-31} } The SideWalk may be as dangerous as the CROSSWALK
Cobalt Strike CROSSWALK SideWalk
2021-08-11ESET ResearchZuzana Hromcová
@online{hromcov:20210811:iiserpent:7f68773, author = {Zuzana Hromcová}, title = {{IISerpent: Malware‑driven SEO fraud as a service}}, date = {2021-08-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/11/iiserpent-malware-driven-seo-fraud-service/}, language = {English}, urldate = {2021-08-16} } IISerpent: Malware‑driven SEO fraud as a service
2021-08-06ESET ResearchZuzana Hromcová, Anton Cherepanov
@online{hromcov:20210806:anatomy:27b293f, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{Anatomy of native IIS malware}}, date = {2021-08-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/06/anatomy-native-iis-malware/}, language = {English}, urldate = {2021-08-09} } Anatomy of native IIS malware
IISniff RGDoor
2021-08-06ESET ResearchZuzana Hromcová
@online{hromcov:20210806:iistealer:d9957ab, author = {Zuzana Hromcová}, title = {{IIStealer: A server‑side threat to e‑commerce transactions}}, date = {2021-08-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/06/iistealer-server-side-threat-ecommerce-transactions/}, language = {English}, urldate = {2021-08-09} } IIStealer: A server‑side threat to e‑commerce transactions
2021-08-04ESET ResearchZuzana Hromcová
@techreport{hromcov:20210804:anatomy:2bcd04b, author = {Zuzana Hromcová}, title = {{Anatomy of Native IIS Malware (slides)}}, date = {2021-08-04}, institution = {ESET Research}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware.pdf}, language = {English}, urldate = {2021-08-06} } Anatomy of Native IIS Malware (slides)
IISniff RGDoor
2021-08-04ESET ResearchZuzana Hromcová
@techreport{hromcov:20210804:anatomy:e1c9d94, author = {Zuzana Hromcová}, title = {{Anatomy of Native IIS Malware (white papaer)}}, date = {2021-08-04}, institution = {ESET Research}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware-wp.pdf}, language = {English}, urldate = {2021-08-06} } Anatomy of Native IIS Malware (white papaer)
IISniff RGDoor
2021-07-20ESET ResearchLukáš Štefanko
@online{tefanko:20210720:some:faa4124, author = {Lukáš Štefanko}, title = {{Some URL shortener services distribute Android malware, including banking or SMS trojans}}, date = {2021-07-20}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/07/20/url-shortener-services-android-malware-banking-sms-trojans/}, language = {English}, urldate = {2021-07-20} } Some URL shortener services distribute Android malware, including banking or SMS trojans
FakeAdBlocker
2021-07-15Twitter (@ESETresearch)ESET Research
@online{research:20210715:freebsd:eda7f95, author = {ESET Research}, title = {{Tweet on FreeBSD targeted with Golang backdoor}}, date = {2021-07-15}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1415542456360263682}, language = {English}, urldate = {2021-07-20} } Tweet on FreeBSD targeted with Golang backdoor
2021-07-07ESET ResearchFernando Tavella, Matías Porolli
@online{tavella:20210707:bandidos:f734d08, author = {Fernando Tavella and Matías Porolli}, title = {{Bandidos at large: A spying campaign in Latin America}}, date = {2021-07-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/07/07/bandidos-at-large-spying-campaign-latin-america/}, language = {English}, urldate = {2021-07-09} } Bandidos at large: A spying campaign in Latin America
Bandook
2021-06-10ESET ResearchAdam Burgher
@online{burgher:20210610:backdoordiplomacy:4ebcb1d, author = {Adam Burgher}, title = {{BackdoorDiplomacy: Upgrading from Quarian to Turian}}, date = {2021-06-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/06/10/backdoordiplomacy-upgrading-quarian-turian/}, language = {English}, urldate = {2021-06-16} } BackdoorDiplomacy: Upgrading from Quarian to Turian
CHINACHOPPER DoublePulsar EternalRocks BackdoorDiplomacy
2021-06-09ESET ResearchThomas Dupuy, Matthieu Faou
@online{dupuy:20210609:gelsemium:34ccc46, author = {Thomas Dupuy and Matthieu Faou}, title = {{Gelsemium: When threat actors go gardening}}, date = {2021-06-09}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/06/09/gelsemium-when-threat-actors-go-gardening/}, language = {English}, urldate = {2021-06-16} } Gelsemium: When threat actors go gardening
Gelsemium
2021-06-09ESET ResearchThomas Dupuy, Matthieu Faou
@techreport{dupuy:20210609:gelsemium:05483d4, author = {Thomas Dupuy and Matthieu Faou}, title = {{Gelsemium: When threat actors go gardening}}, date = {2021-06-09}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/06/eset_gelsemium.pdf}, language = {English}, urldate = {2021-06-09} } Gelsemium: When threat actors go gardening
Owlproxy
2021-06-03ESET Researchroman kovac
@techreport{kovac:20210603:eset:31e1aff, author = {roman kovac}, title = {{ESET Threat Report T 1 2021}}, date = {2021-06-03}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/05/eset_threat_report_t12021.pdf}, language = {English}, urldate = {2021-06-16} } ESET Threat Report T 1 2021
Kobalos Janeleiro Vadokrist
2021-05-17ESET ResearchDenise Giusto, Cecilia Pastorino
@techreport{giusto:20210517:sex:a7a21b4, author = {Denise Giusto and Cecilia Pastorino}, title = {{Sex in the Digital Era: How Secure are Smart Sex Toys?}}, date = {2021-05-17}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/05/eset_android_stalkerware_vulnerabilities.pdf}, language = {English}, urldate = {2021-05-19} } Sex in the Digital Era: How Secure are Smart Sex Toys?
2021-05-05ESET ResearchESET Research
@online{research:20210505:ousaban:655e747, author = {ESET Research}, title = {{Ousaban: Private photo collection hidden in a CABinet}}, date = {2021-05-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/05/05/ousaban-private-photo-collection-hidden-cabinet/}, language = {English}, urldate = {2021-05-08} } Ousaban: Private photo collection hidden in a CABinet
Ousaban
2021-04-29ESET ResearchRobert Lipovsky, Matthieu Faou, Tony Anscombe, Andy Garth, Daniel Chromek
@techreport{lipovsky:20210429:eset:ff67b6c, author = {Robert Lipovsky and Matthieu Faou and Tony Anscombe and Andy Garth and Daniel Chromek}, title = {{ESET Industry Report on Government: Targeted but not alone}}, date = {2021-04-29}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/04/ESET_Industry_Report_Government.pdf}, language = {English}, urldate = {2021-05-03} } ESET Industry Report on Government: Targeted but not alone
Exaramel Crutch Exaramel HyperBro HyperSSL InvisiMole XDSpy
2021-04-13Twitter (@ESETresearch)ESET Research
@online{research:20210413:tscookie:affc5a0, author = {ESET Research}, title = {{Tweet on TSCookie for FreeBSD platform}}, date = {2021-04-13}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1382054011264700416}, language = {English}, urldate = {2021-04-14} } Tweet on TSCookie for FreeBSD platform
TSCookie
2021-04-06ESET ResearchFacundo Muñoz, Matías Porolli
@online{muoz:20210406:janeleiro:b85a738, author = {Facundo Muñoz and Matías Porolli}, title = {{Janeleiro, the time traveler: A new old banking trojan in Brazil}}, date = {2021-04-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/04/06/janeleiro-time-traveler-new-old-banking-trojan-brazil/}, language = {English}, urldate = {2021-04-06} } Janeleiro, the time traveler: A new old banking trojan in Brazil
Janeleiro