Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-16Fox-ITAntonis Terefos, Anne Postma, Tera0017
@online{terefos:20201116:ta505:8449383, author = {Antonis Terefos and Anne Postma and Tera0017}, title = {{TA505: A Brief History Of Their Time}}, date = {2020-11-16}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2020/11/16/ta505-a-brief-history-of-their-time/}, language = {English}, urldate = {2020-11-23} } TA505: A Brief History Of Their Time
Clop Get2 SDBbot TA505
2020-09-02Fox-ITJoost Jansen
@online{jansen:20200902:machine:2a2ed0a, author = {Joost Jansen}, title = {{Machine learning from idea to reality: a PowerShell case study}}, date = {2020-09-02}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2020/09/02/machine-learning-from-idea-to-reality-a-powershell-case-study/}, language = {English}, urldate = {2020-09-03} } Machine learning from idea to reality: a PowerShell case study
2020-06-02Fox-ITNikolaos Pantazopoulos, Stefano Antenucci, NCC RIFT
@online{pantazopoulos:20200602:indepth:f43e58f, author = {Nikolaos Pantazopoulos and Stefano Antenucci and NCC RIFT}, title = {{In-depth analysis of the new Team9 malware family}}, date = {2020-06-02}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2020/06/02/in-depth-analysis-of-the-new-team9-malware-family/}, language = {English}, urldate = {2020-06-03} } In-depth analysis of the new Team9 malware family
BazarBackdoor
2019-12-19Fox-ITFox IT
@online{it:20191219:operation:64c0cd9, author = {Fox IT}, title = {{Operation Wocao : Shining a light on one of China’s hidden hacking groups}}, date = {2019-12-19}, organization = {Fox-IT}, url = {https://www.fox-it.com/nl/actueel/whitepapers/operation-wocao-shining-a-light-on-one-of-chinas-hidden-hacking-groups/}, language = {English}, urldate = {2020-01-07} } Operation Wocao : Shining a light on one of China’s hidden hacking groups
Operation Wocao Violin Panda
2019-12-19Fox-ITMaarten van Dantzig, Erik Schamper
@techreport{dantzig:20191219:operation:96804be, author = {Maarten van Dantzig and Erik Schamper}, title = {{Operation Wocao: Shining a light on one of China’s hidden hacking groups}}, date = {2019-12-19}, institution = {Fox-IT}, url = {https://resources.fox-it.com/rs/170-CAK-271/images/201912_Report_Operation_Wocao.pdf}, language = {English}, urldate = {2020-01-13} } Operation Wocao: Shining a light on one of China’s hidden hacking groups
XServer
2019-03-27Fox-ITStefano Antenucci, Antonio Parata
@online{antenucci:20190327:psixbot:9e1a258, author = {Stefano Antenucci and Antonio Parata}, title = {{PsiXBot: The Evolution Of A Modular .NET Bot}}, date = {2019-03-27}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2019/03/27/psixbot-the-evolution-of-a-modular-net-bot/}, language = {English}, urldate = {2019-10-12} } PsiXBot: The Evolution Of A Modular .NET Bot
PsiX
2019-02-26Fox-ITFox IT
@online{it:20190226:identifying:689104d, author = {Fox IT}, title = {{Identifying Cobalt Strike team servers in the wild}}, date = {2019-02-26}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2019/02/26/identifying-cobalt-strike-team-servers-in-the-wild/}, language = {English}, urldate = {2020-10-25} } Identifying Cobalt Strike team servers in the wild
Cobalt Strike
2018-08-09Fox-ITAlfred Klason
@online{klason:20180809:bokbot:499f316, author = {Alfred Klason}, title = {{Bokbot: The (re)birth of a banker}}, date = {2018-08-09}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2018/08/09/bokbot-the-rebirth-of-a-banker/}, language = {English}, urldate = {2019-12-20} } Bokbot: The (re)birth of a banker
IcedID Vawtrak
2018-05-22Group-IBGroup-IB, Fox-IT
@techreport{groupib:20180522:anunak:97d0646, author = {Group-IB and Fox-IT}, title = {{Anunak: APT against financial institutions}}, date = {2018-05-22}, institution = {Group-IB}, url = {https://www.group-ib.com/resources/threat-research/Anunak_APT_against_financial_institutions.pdf}, language = {English}, urldate = {2020-01-06} } Anunak: APT against financial institutions
Anunak
2017-05-03Fox-ITJelle Vergeer, Krijn de Mik, Mitchel Sahertian, Maarten van Dantzig, Yun Zheng Hu
@online{vergeer:20170503:snake:2987af1, author = {Jelle Vergeer and Krijn de Mik and Mitchel Sahertian and Maarten van Dantzig and Yun Zheng Hu}, title = {{Snake: Coming soon in Mac OS X flavour}}, date = {2017-05-03}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2017/05/03/snake-coming-soon-in-mac-os-x-flavour/}, language = {English}, urldate = {2019-12-17} } Snake: Coming soon in Mac OS X flavour
Uroburos
2016-06-15Fox-ITFox IT
@online{it:20160615:mofang:59e7ad3, author = {Fox IT}, title = {{Mofang: A politically motivated information stealing adversary}}, date = {2016-06-15}, organization = {Fox-IT}, url = {https://blog.fox-it.com/2016/06/15/mofang-a-politically-motivated-information-stealing-adversary/}, language = {English}, urldate = {2019-11-27} } Mofang: A politically motivated information stealing adversary
Mofang
2016-05-17Fox-ITYonathan Klijnsma, Danny Heppener, Mitchel Sahertian, Krijn de Mik, Maarten van Dantzig, Yun Zheng Hu, Lennart Haagsma, Martin van Hensbergen, Erik de Jong
@techreport{klijnsma:20160517:mofang:7035a61, author = {Yonathan Klijnsma and Danny Heppener and Mitchel Sahertian and Krijn de Mik and Maarten van Dantzig and Yun Zheng Hu and Lennart Haagsma and Martin van Hensbergen and Erik de Jong}, title = {{Mofang: A politically motivated information stealing adversary}}, date = {2016-05-17}, institution = {Fox-IT}, url = {https://foxitsecurity.files.wordpress.com/2016/06/fox-it_mofang_threatreport_tlp-white.pdf}, language = {English}, urldate = {2020-01-09} } Mofang: A politically motivated information stealing adversary
Shim RAT Mofang