Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-20F-Secure LabsRiccardo Ancarani
@online{ancarani:20201120:detecting:79afa40, author = {Riccardo Ancarani}, title = {{Detecting Cobalt Strike Default Modules via Named Pipe Analysis}}, date = {2020-11-20}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/detecting-cobalt-strike-default-modules-via-named-pipe-analysis}, language = {English}, urldate = {2020-11-23} } Detecting Cobalt Strike Default Modules via Named Pipe Analysis
Cobalt Strike
2020-10-23F-Secure LabsGuillaume Couchard, Qimin Wang, Thiam Loong Siew
@online{couchard:20201023:catching:5788228, author = {Guillaume Couchard and Qimin Wang and Thiam Loong Siew}, title = {{Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two}}, date = {2020-10-23}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/catching-lazarus-threat-intelligence-to-real-detection-logic-part-two}, language = {English}, urldate = {2020-10-26} } Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two
MimiKatz
2020-10-20F-SecureF-Secure Consulting
@techreport{consulting:20201020:incident:275ade2, author = {F-Secure Consulting}, title = {{Incident Readiness: Preparing a proactive response to attacks}}, date = {2020-10-20}, institution = {F-Secure}, url = {https://www.f-secure.com/content/dam/f-secure/en/consulting/our-thinking/collaterals/digital/f-secure-consulting-incident-readiness-proactive-response-guide-2020.pdf}, language = {English}, urldate = {2020-10-23} } Incident Readiness: Preparing a proactive response to attacks
MimiKatz
2020-09-25F-Secure LabsGuillaume Couchard, Qimin Wang, Thiam Loong Siew
@online{couchard:20200925:catching:f381664, author = {Guillaume Couchard and Qimin Wang and Thiam Loong Siew}, title = {{Catching Lazarus: Threat Intelligence to Real Detection Logic - Part One}}, date = {2020-09-25}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/catching-lazarus-threat-intelligence-to-real-detection-logic}, language = {English}, urldate = {2020-10-05} } Catching Lazarus: Threat Intelligence to Real Detection Logic - Part One
2020-08-18F-Secure LabsF-Secure Labs
@online{labs:20200818:lazarus:f2dadaa, author = {F-Secure Labs}, title = {{Lazarus Group: Campaign Targeting the Cryptocurrency Vertical}}, date = {2020-08-18}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/publications/ti-report-lazarus-group-cryptocurrency-vertical/}, language = {English}, urldate = {2020-08-27} } Lazarus Group: Campaign Targeting the Cryptocurrency Vertical
2020-08-18F-SecureF-Secure Threat Intelligence Team
@techreport{team:20200818:lazarus:9be8b2a, author = {F-Secure Threat Intelligence Team}, title = {{Lazarus Group Campaign Targeting the Cryptocurrency Vertical}}, date = {2020-08-18}, institution = {F-Secure}, url = {https://labs.f-secure.com/assets/BlogFiles/f-secureLABS-tlp-white-lazarus-threat-intel-report2.pdf}, language = {English}, urldate = {2020-08-31} } Lazarus Group Campaign Targeting the Cryptocurrency Vertical
2020-07-16F-SecureAdam Pilkey
@online{pilkey:20200716:us:aae453e, author = {Adam Pilkey}, title = {{US, UK, and Canada’s COVID-19 research targeted by APT29}}, date = {2020-07-16}, organization = {F-Secure}, url = {https://blog.f-secure.com/covid-19-vaccines/}, language = {English}, urldate = {2020-07-17} } US, UK, and Canada’s COVID-19 research targeted by APT29
2020-07-03F-Secure LabsAnartz Martin
@online{martin:20200703:attack:1454a0d, author = {Anartz Martin}, title = {{Attack Detection Fundamentals: Code Execution and Persistence - Lab #1}}, date = {2020-07-03}, organization = {F-Secure Labs}, url = {https://labs.f-secure.com/blog/attack-detection-fundamentals-code-execution-and-persistence-lab-1/}, language = {English}, urldate = {2020-09-21} } Attack Detection Fundamentals: Code Execution and Persistence - Lab #1
Astaroth
2020-05-06F-Secure LabsMelissa Michael, Artturi Lehtiö
@online{michael:20200506:039:49d4744, author = {Melissa Michael and Artturi Lehtiö}, title = {{039| Deconstructing the Dukes: A Researcher’s Retrospective of APT29}}, date = {2020-05-06}, organization = {F-Secure Labs}, url = {https://blog.f-secure.com/podcast-dukes-apt29/}, language = {English}, urldate = {2020-07-06} } 039| Deconstructing the Dukes: A Researcher’s Retrospective of APT29
OnionDuke
2019-03-29F-SecureBert Steppe
@online{steppe:20190329:hammer:44fb72d, author = {Bert Steppe}, title = {{A Hammer Lurking In The Shadows}}, date = {2019-03-29}, organization = {F-Secure}, url = {https://blog.f-secure.com/a-hammer-lurking-in-the-shadows/}, language = {English}, urldate = {2020-11-04} } A Hammer Lurking In The Shadows
shadowhammer
2019-03-28F-SecureF-Secure Global
@online{global:20190328:analysis:8b788ab, author = {F-Secure Global}, title = {{Analysis of ShadowHammer ASUS Attack First Stage Payload}}, date = {2019-03-28}, organization = {F-Secure}, url = {https://countercept.com/blog/analysis-shadowhammer-asus-attack-first-stage-payload/}, language = {English}, urldate = {2020-01-08} } Analysis of ShadowHammer ASUS Attack First Stage Payload
shadowhammer
2017-10-27F-SecureF-Secure Global
@online{global:20171027:big:916374a, author = {F-Secure Global}, title = {{The big difference with Bad Rabbit}}, date = {2017-10-27}, organization = {F-Secure}, url = {https://labsblog.f-secure.com/2017/10/27/the-big-difference-with-bad-rabbit/}, language = {English}, urldate = {2020-01-07} } The big difference with Bad Rabbit
EternalPetya
2017-04F-SecureF-Secure Labs
@online{labs:201704:callisto:5e97cb4, author = {F-Secure Labs}, title = {{CALLISTO GROUP}}, date = {2017-04}, organization = {F-Secure}, url = {https://www.f-secure.com/documents/996508/1030745/callisto-group}, language = {English}, urldate = {2019-12-10} } CALLISTO GROUP
RCS Callisto
2016-08-05F-SecureF-Secure Labs
@techreport{labs:20160805:nanhaishu:cee830d, author = {F-Secure Labs}, title = {{NANHAISHU: RATing the South China Sea}}, date = {2016-08-05}, institution = {F-Secure}, url = {https://www.f-secure.com/documents/996508/1030745/nanhaishu_whitepaper.pdf}, language = {English}, urldate = {2020-01-13} } NANHAISHU: RATing the South China Sea
NanHaiShu
2015-09-17F-SecureF-Secure Global
@online{global:20150917:dukes:5dc47f5, author = {F-Secure Global}, title = {{The Dukes: 7 Years Of Russian Cyber-Espionage}}, date = {2015-09-17}, organization = {F-Secure}, url = {https://www.zdnet.com/article/source-code-of-iranian-cyber-espionage-tools-leaked-on-telegram/}, language = {English}, urldate = {2020-01-09} } The Dukes: 7 Years Of Russian Cyber-Espionage
TwoFace BONDUPDATER DNSpionage
2015-09-17F-SecureF-Secure Labs
@online{labs:20150917:dukes:767fbef, author = {F-Secure Labs}, title = {{The Dukes: 7 Years Of Russian Cyber-Espionage}}, date = {2015-09-17}, organization = {F-Secure}, url = {https://labsblog.f-secure.com/2015/09/17/the-dukes-7-years-of-russian-cyber-espionage/}, language = {English}, urldate = {2020-01-13} } The Dukes: 7 Years Of Russian Cyber-Espionage
APT 29
2015-07-22F-SecureArtturi Lehtiö
@online{lehti:20150722:duke:8f54e8b, author = {Artturi Lehtiö}, title = {{Duke APT group's latest tools: cloud services and Linux support}}, date = {2015-07-22}, organization = {F-Secure}, url = {https://www.f-secure.com/weblog/archives/00002822.html}, language = {English}, urldate = {2019-10-15} } Duke APT group's latest tools: cloud services and Linux support
Cloud Duke
2014-11-14F-SecureF-Secure Labs
@online{labs:20141114:onionduke:dc56d5c, author = {F-Secure Labs}, title = {{OnionDuke: APT Attacks Via the Tor Network}}, date = {2014-11-14}, organization = {F-Secure}, url = {https://www.f-secure.com/weblog/archives/00002764.html}, language = {English}, urldate = {2020-01-09} } OnionDuke: APT Attacks Via the Tor Network
OnionDuke
2014-09-04F-SecureF-Secure Labs
@techreport{labs:20140904:pitou:211eac4, author = {F-Secure Labs}, title = {{PITOU: The "silent" resurrection of the notorious Srizbi kernel spambot}}, date = {2014-09-04}, institution = {F-Secure}, url = {https://www.f-secure.com/documents/996508/1030745/pitou_whitepaper.pdf}, language = {English}, urldate = {2020-01-13} } PITOU: The "silent" resurrection of the notorious Srizbi kernel spambot
Pitou
2014-06-23F-SecureDaavid
@online{daavid:20140623:havex:21f2ca4, author = {Daavid}, title = {{Havex Hunts For ICS/SCADA Systems}}, date = {2014-06-23}, organization = {F-Secure}, url = {https://www.f-secure.com/weblog/archives/00002718.html}, language = {English}, urldate = {2020-01-09} } Havex Hunts For ICS/SCADA Systems
Havex RAT