Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-15JPCERT/CCShusei Tomonaga
@online{tomonaga:20220915:f5:717ee99, author = {Shusei Tomonaga}, title = {{F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech}}, date = {2022-09-15}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2022/09/bigip-exploit.html}, language = {English}, urldate = {2022-09-19} } F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech
Hipid
2022-08-15F5 LabsAditya K. Sood, David Warburton, Sander Vinberg, Malcolm Heath
@online{sood:20220815:blackguard:edcf0e4, author = {Aditya K. Sood and David Warburton and Sander Vinberg and Malcolm Heath}, title = {{BlackGuard Infostealer Malware: Dissecting the State of Exfiltrated Data}}, date = {2022-08-15}, organization = {F5 Labs}, url = {https://www.f5.com/labs/articles/threat-intelligence/blackguard-infostealer-malware-dissecting-the-state-of-exfiltrated-data}, language = {English}, urldate = {2022-08-17} } BlackGuard Infostealer Malware: Dissecting the State of Exfiltrated Data
BlackGuard
2022-06-15F5 LabsDor Nizar, Malcolm Heath, Sander Vinberg, David Warburton
@online{nizar:20220615:f5:6dbb3f2, author = {Dor Nizar and Malcolm Heath and Sander Vinberg and David Warburton}, title = {{F5 Labs Investigates MaliBot}}, date = {2022-06-15}, organization = {F5 Labs}, url = {https://www.f5.com/labs/articles/threat-intelligence/f5-labs-investigates-malibot}, language = {English}, urldate = {2022-07-01} } F5 Labs Investigates MaliBot
2022-05-12Lacework LabsChris Hall, Jared Stroud
@online{hall:20220512:malware:ff2f6a5, author = {Chris Hall and Jared Stroud}, title = {{Malware targeting latest F5 vulnerability}}, date = {2022-05-12}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/malware-targeting-latest-f5-vulnerability/}, language = {English}, urldate = {2022-05-17} } Malware targeting latest F5 vulnerability
Mirai
2022-04-23F5Aditya K. Sood
@online{sood:20220423:cryptojacking:d0b51e7, author = {Aditya K. Sood}, title = {{Cryptojacking on the Fly: TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency}}, date = {2022-04-23}, organization = {F5}, url = {https://www.virusbulletin.com/virusbulletin/2022/04/cryptojacking-fly-teamtnt-using-nvidia-drivers-mine-cryptocurrency/}, language = {English}, urldate = {2022-05-03} } Cryptojacking on the Fly: TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency
2022-02-02lodestoneJason Daza, Manoj Khatiwada, Paul Brunney, Michael Wirtz, Group-IB
@online{daza:20220202:white:5b71f59, author = {Jason Daza and Manoj Khatiwada and Paul Brunney and Michael Wirtz and Group-IB}, title = {{White Rabbit Continued: Sardonic and F5}}, date = {2022-02-02}, organization = {lodestone}, url = {https://lodestone.com/insight/white-rabbit-continued-sardonic-and-f5/}, language = {English}, urldate = {2022-02-04} } White Rabbit Continued: Sardonic and F5
2022-01-13F5Dor Nizar, Roy Moshailov
@online{nizar:20220113:flubots:3141376, author = {Dor Nizar and Roy Moshailov}, title = {{FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond}}, date = {2022-01-13}, organization = {F5}, url = {https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond}, language = {English}, urldate = {2022-01-25} } FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond
FluBot
2021-12-08F5Aditya K. Sood, Rohit Chaturvedi
@online{sood:20211208:collectorstealer:bd79b3e, author = {Aditya K. Sood and Rohit Chaturvedi}, title = {{Collector-stealer: a Russian origin credential and information extractor}}, date = {2021-12-08}, organization = {F5}, url = {https://www.virusbulletin.com/virusbulletin/2021/12/collector-stealer-russian-origin-credential-and-information-extractor/}, language = {English}, urldate = {2022-04-24} } Collector-stealer: a Russian origin credential and information extractor
2021-04-07F5Aditya K. Sood
@techreport{sood:20210407:dissecting:43afa3d, author = {Aditya K. Sood}, title = {{Dissecting the Design and Vulnerabilities in Azorult C&C Panels}}, date = {2021-04-07}, institution = {F5}, url = {https://www.virusbulletin.com/uploads/pdf/magazine/2021/202104-design-vulnerabilities-azorult-cc-panels.pdf}, language = {English}, urldate = {2021-04-19} } Dissecting the Design and Vulnerabilities in Azorult C&C Panels
Azorult
2021-03-04F5Dor Nizar, Roy Moshailov
@online{nizar:20210304:icedid:bfcc689, author = {Dor Nizar and Roy Moshailov}, title = {{IcedID Banking Trojan Uses COVID-19 Pandemic to Lure New Victims}}, date = {2021-03-04}, organization = {F5}, url = {https://www.f5.com/labs/articles/threat-intelligence/icedid-banking-trojan-uses-covid-19-pandemic-to-lure-new-victims}, language = {English}, urldate = {2021-03-06} } IcedID Banking Trojan Uses COVID-19 Pandemic to Lure New Victims
IcedID
2021lodestoneLodestone
@online{lodestone:2021:white:63afb19, author = {Lodestone}, title = {{White Rabbit Ransomware and the F5 Backdoor}}, date = {2021}, organization = {lodestone}, url = {https://lodestone.com/insight/white-rabbit-ransomware-and-the-f5-backdoor/}, language = {English}, urldate = {2022-02-04} } White Rabbit Ransomware and the F5 Backdoor
2020-08-10ZDNetCatalin Cimpanu
@online{cimpanu:20200810:fbi:704abe2, author = {Catalin Cimpanu}, title = {{FBI says an Iranian hacking group is attacking F5 networking devices}}, date = {2020-08-10}, organization = {ZDNet}, url = {https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/}, language = {English}, urldate = {2020-08-12} } FBI says an Iranian hacking group is attacking F5 networking devices
MimiKatz
2020-08-10ZDNetCatalin Cimpanu
@online{cimpanu:20200810:fbi:10c4512, author = {Catalin Cimpanu}, title = {{FBI says an Iranian hacking group is attacking F5 networking devices}}, date = {2020-08-10}, organization = {ZDNet}, url = {https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices}, language = {English}, urldate = {2020-09-18} } FBI says an Iranian hacking group is attacking F5 networking devices
SSHNET Fox Kitten
2020-08-09F5 LabsRemi Cohen, Debbie Walkowski
@online{cohen:20200809:banking:8718999, author = {Remi Cohen and Debbie Walkowski}, title = {{Banking Trojans: A Reference Guide to the Malware Family Tree}}, date = {2020-08-09}, organization = {F5 Labs}, url = {https://www.f5.com/labs/articles/education/banking-trojans-a-reference-guide-to-the-malware-family-tree}, language = {English}, urldate = {2021-06-29} } Banking Trojans: A Reference Guide to the Malware Family Tree
BackSwap Carberp Citadel DanaBot Dridex Dyre Emotet Gozi Kronos PandaBanker Ramnit Shylock SpyEye Tinba TrickBot Vawtrak Zeus
2020-07-05NCC GroupNCC RIFT
@online{rift:20200705:rift:8b05486, author = {NCC RIFT}, title = {{RIFT: F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 Intelligence}}, date = {2020-07-05}, organization = {NCC Group}, url = {https://research.nccgroup.com/2020/07/05/rift-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902-intelligence/}, language = {English}, urldate = {2020-07-08} } RIFT: F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 Intelligence
2020-06-11F5 LabsDoron Voolf
@online{voolf:20200611:qbot:1bd9fe7, author = {Doron Voolf}, title = {{Qbot Banking Trojan Still Up to Its Old Tricks}}, date = {2020-06-11}, organization = {F5 Labs}, url = {https://www.f5.com/labs/articles/threat-intelligence/qbot-banking-trojan-still-up-to-its-old-tricks}, language = {English}, urldate = {2020-06-16} } Qbot Banking Trojan Still Up to Its Old Tricks
QakBot
2019-12-18F5 LabsEli Kreminchuker, Maxim Zavodchik, Raymond Pompon
@online{kreminchuker:20191218:echobot:2fe9511, author = {Eli Kreminchuker and Maxim Zavodchik and Raymond Pompon}, title = {{Echobot Malware Now up to 71 Exploits, Targeting SCADA}}, date = {2019-12-18}, organization = {F5 Labs}, url = {https://www.f5.com/labs/articles/threat-intelligence/echobot-malware-now-up-to-71-exploits--targeting-scada}, language = {English}, urldate = {2020-01-10} } Echobot Malware Now up to 71 Exploits, Targeting SCADA
Echobot
2018-07-11F5Julia Karpin
@online{karpin:20180711:tackling:b80ad4a, author = {Julia Karpin}, title = {{Tackling Gootkit's Traps}}, date = {2018-07-11}, organization = {F5}, url = {https://www.f5.com/labs/articles/threat-intelligence/tackling-gootkit-s-traps}, language = {English}, urldate = {2019-12-17} } Tackling Gootkit's Traps
2018-06-29F5Ruby Cohen, Doron Voolf
@online{cohen:20180629:backswap:1605a3d, author = {Ruby Cohen and Doron Voolf}, title = {{BackSwap Defrauds Online Banking Customers Using Hidden Input Fields}}, date = {2018-06-29}, organization = {F5}, url = {https://www.f5.com/labs/articles/threat-intelligence/backswap-defrauds-online-banking-customers-using-hidden-input-fi}, language = {English}, urldate = {2020-01-10} } BackSwap Defrauds Online Banking Customers Using Hidden Input Fields
BackSwap
2018-05-09F5Doron Voolf
@online{voolf:20180509:panda:7d0288e, author = {Doron Voolf}, title = {{Panda Malware Broadens Targets to Cryptocurrency Exchanges and Social Media}}, date = {2018-05-09}, organization = {F5}, url = {https://f5.com/labs/articles/threat-intelligence/malware/panda-malware-broadens-targets-to-cryptocurrency-exchanges-and-social-media}, language = {English}, urldate = {2019-12-24} } Panda Malware Broadens Targets to Cryptocurrency Exchanges and Social Media