Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-14FortinetJohn Simmons
@online{simmons:20210914:more:f8ade2c, author = {John Simmons}, title = {{More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks}}, date = {2021-09-14}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/more-proxyshell-web-shells-lead-to-zerologon-and-application-impersonation-attacks}, language = {English}, urldate = {2021-09-19} } More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks
2021-09-10FortinetXiaopeng Zhang
@online{zhang:20210910:new:25d8475, author = {Xiaopeng Zhang}, title = {{New Dridex Variant Being Spread By Crafted Excel Document}}, date = {2021-09-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-dridex-variant-being-spread-by-crafted-excel-document?&web_view=true}, language = {English}, urldate = {2021-09-12} } New Dridex Variant Being Spread By Crafted Excel Document
DoppelDridex
2021-07-19FortinetXiaopeng Zhang
@online{zhang:20210719:fresh:13c1c56, author = {Xiaopeng Zhang}, title = {{Fresh Malware Hunts for Crypto Wallet and Credentials}}, date = {2021-07-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/fresh-malware-hunts-for-crypto-wallet-and-credentials}, language = {English}, urldate = {2021-07-26} } Fresh Malware Hunts for Crypto Wallet and Credentials
2021-07-19FortinetVal Saengphaibul, Fred Gutierrez
@online{saengphaibul:20210719:signed:d9f809c, author = {Val Saengphaibul and Fred Gutierrez}, title = {{Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader}}, date = {2021-07-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/signed-sealed-and-delivered-signed-xll-file-delivers-buer-loader}, language = {English}, urldate = {2021-07-26} } Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader
Buer
2021-07-01FortinetDor Neeamni, Asaf Rubinfeld
@online{neeamni:20210701:diavol:d1ed746, author = {Dor Neeamni and Asaf Rubinfeld}, title = {{Diavol - A New Ransomware Used By Wizard Spider?}}, date = {2021-07-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/diavol-new-ransomware-used-by-wizard-spider}, language = {English}, urldate = {2021-07-02} } Diavol - A New Ransomware Used By Wizard Spider?
Conti Diavol
2021-06-27FortinetGayathri Thirugnanasambandam
@online{thirugnanasambandam:20210627:spear:86cdf6a, author = {Gayathri Thirugnanasambandam}, title = {{Spear Phishing Campaign with New Techniques Aimed at Aviation Companies}}, date = {2021-06-27}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spear-phishing-campaign-with-new-techniques-aimed-at-aviation-companies}, language = {English}, urldate = {2021-06-29} } Spear Phishing Campaign with New Techniques Aimed at Aviation Companies
AsyncRAT
2021-06-24FortinetDavid Maciejak, Joie Salvio
@online{maciejak:20210624:ghosts:75b5f92, author = {David Maciejak and Joie Salvio}, title = {{The Ghosts of Mirai}}, date = {2021-06-24}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/the-ghosts-of-mirai}, language = {English}, urldate = {2021-06-29} } The Ghosts of Mirai
Mirai
2021-06-04FortinetXiaopeng Zhang
@online{zhang:20210604:phishing:20bdfa5, author = {Xiaopeng Zhang}, title = {{Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant}}, date = {2021-06-04}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/phishing-malware-hijacks-bitcoin-addresses-delivers-new-agent-tesla-variant}, language = {English}, urldate = {2021-06-16} } Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant
Agent Tesla
2021-05-17FortinetFred Gutierrez, Gayathri Thirugnanasambandam, Val Saengphaibul
@online{gutierrez:20210517:newly:65d872f, author = {Fred Gutierrez and Gayathri Thirugnanasambandam and Val Saengphaibul}, title = {{Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions}}, date = {2021-05-17}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/newly-discovered-function-in-darkside-ransomware-variant-targets-disk-partitions}, language = {English}, urldate = {2021-05-19} } Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions
DarkSide
2021-05-03FortinetFred Gutierrez, Val Saengphaibul
@online{gutierrez:20210503:spearphishing:4dced65, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government}}, date = {2021-05-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spearphishing-attack-uses-covid-21-lure-to-target-ukrainian-government}, language = {English}, urldate = {2021-05-04} } Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government
2021-04-22FortinetXiaopeng Zhang
@online{zhang:20210422:deep:44cd560, author = {Xiaopeng Zhang}, title = {{Deep Analysis: FormBook New Variant Delivered in Phishing Campaign – Part II}}, date = {2021-04-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-analysis-formbook-new-variant-delivered-phishing-campaign-part-ii}, language = {English}, urldate = {2021-04-28} } Deep Analysis: FormBook New Variant Delivered in Phishing Campaign – Part II
Formbook
2021-04-12FortinetXiaopeng Zhang
@online{zhang:20210412:deep:dc35f85, author = {Xiaopeng Zhang}, title = {{Deep Analysis: New FormBook Variant Delivered in Phishing Campaign – Part I}}, date = {2021-04-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-analysis-new-formbook-variant-delivered-phishing-campaign-part-I}, language = {English}, urldate = {2021-04-14} } Deep Analysis: New FormBook Variant Delivered in Phishing Campaign – Part I
Formbook
2021-03-11FortinetRotem Kerner
@online{kerner:20210311:whitelist:840f503, author = {Rotem Kerner}, title = {{Whitelist Me, Maybe? “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection}}, date = {2021-03-11}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/netbounce-threat-actor-tries-bold-approach-to-evade-detection}, language = {English}, urldate = {2021-03-16} } Whitelist Me, Maybe? “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection
2021-02-12FortinetXiaopeng Zhang
@online{zhang:20210212:new:4e0dab7, author = {Xiaopeng Zhang}, title = {{New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part I}}, date = {2021-02-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-bazar-trojan-variant-is-being-spread-in-recent-phishing-campaign-part-I}, language = {English}, urldate = {2021-02-20} } New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part I
BazarBackdoor
2021-02-12FortinetXiaopeng Zhang
@online{zhang:20210212:new:0be729d, author = {Xiaopeng Zhang}, title = {{New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part II}}, date = {2021-02-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-bazar-trojan-variant-is-being-spread-in-recent-phishing-campaign-part-II}, language = {English}, urldate = {2021-02-20} } New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part II
BazarBackdoor
2021-01-12FortinetXiaopeng Zhang
@online{zhang:20210112:new:bdf3ebb, author = {Xiaopeng Zhang}, title = {{New Variant of Ursnif Continuously Targeting Italy}}, date = {2021-01-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-variant-of-ursnif-continuously-targeting-italy}, language = {English}, urldate = {2021-01-18} } New Variant of Ursnif Continuously Targeting Italy
ISFB
2020-12-21FortinetUdi Yavo
@online{yavo:20201221:what:716b31d, author = {Udi Yavo}, title = {{What We Have Learned So Far about the “Sunburst”/SolarWinds Hack}}, date = {2020-12-21}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/what-we-have-learned-so-far-about-the-sunburst-solarwinds-hack}, language = {English}, urldate = {2021-01-18} } What We Have Learned So Far about the “Sunburst”/SolarWinds Hack
Cobalt Strike SUNBURST TEARDROP
2020-12-16FortinetFred Gutierrez, Val Saengphaibul
@online{gutierrez:20201216:adversary:3b3781a, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Adversary Playbook: JavaScript RAT Looking for that Government Cheese}}, date = {2020-12-16}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/adversary-playbook-javascript-rat-looking-for-that-government-cheese}, language = {English}, urldate = {2021-01-18} } Adversary Playbook: JavaScript RAT Looking for that Government Cheese
JSOutProx
2020-10-13FortinetXiaopeng Zhang
@online{zhang:20201013:deep:e95d109, author = {Xiaopeng Zhang}, title = {{Deep Analysis – The EKING Variant of Phobos Ransomware}}, date = {2020-10-13}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-analysis-the-eking-variant-of-phobos-ransomware}, language = {English}, urldate = {2020-10-20} } Deep Analysis – The EKING Variant of Phobos Ransomware
Phobos
2020-07-01FortinetBen Hunter, Fred Gutierrez
@online{hunter:20200701:ekans:46605bc, author = {Ben Hunter and Fred Gutierrez}, title = {{EKANS Ransomware Targeting OT ICS Systems}}, date = {2020-07-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ekans-ransomware-targeting-ot-ics-systems}, language = {English}, urldate = {2020-07-06} } EKANS Ransomware Targeting OT ICS Systems
Snake