Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-25nccgroupYun Zheng Hu
@online{hu:20220325:mining:287a2e7, author = {Yun Zheng Hu}, title = {{Mining data from Cobalt Strike beacons}}, date = {2022-03-25}, organization = {nccgroup}, url = {https://research.nccgroup.com/2022/03/25/mining-data-from-cobalt-strike-beacons/}, language = {English}, urldate = {2022-03-28} } Mining data from Cobalt Strike beacons
Cobalt Strike
2022-03-17Bleeping ComputerBill Toulas
@online{toulas:20220317:new:5371769, author = {Bill Toulas}, title = {{New Unix rootkit used to steal ATM banking data}}, date = {2022-03-17}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-unix-rootkit-used-to-steal-atm-banking-data/}, language = {English}, urldate = {2022-03-22} } New Unix rootkit used to steal ATM banking data
2022-02-18The RecordCatalin Cimpanu
@online{cimpanu:20220218:academics:d2f3045, author = {Catalin Cimpanu}, title = {{Academics publish method for recovering data encrypted by the Hive ransomware}}, date = {2022-02-18}, organization = {The Record}, url = {https://therecord.media/academics-publish-method-for-recovering-data-encrypted-by-the-hive-ransomware/}, language = {English}, urldate = {2022-02-19} } Academics publish method for recovering data encrypted by the Hive ransomware
Hive Hive
2022-02-18Kookmin UniversityGiyoon Kim, Soram Kim, Soojin Kang, Jongsung Kim
@techreport{kim:20220218:method:4b41876, author = {Giyoon Kim and Soram Kim and Soojin Kang and Jongsung Kim}, title = {{A Method for Decrypting Data Infected with Hive Ransomware}}, date = {2022-02-18}, institution = {Kookmin University}, url = {https://arxiv.org/pdf/2202.08477.pdf}, language = {English}, urldate = {2022-02-19} } A Method for Decrypting Data Infected with Hive Ransomware
Hive Hive
2021-09-30G DataKarsten Hahn
@online{hahn:20210930:all:8e82a0c, author = {Karsten Hahn}, title = {{All your hashes are belong to us: An overview of malware hashing algorithms}}, date = {2021-09-30}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2021/09/an-overview-of-malware-hashing-algorithms}, language = {English}, urldate = {2021-10-20} } All your hashes are belong to us: An overview of malware hashing algorithms
2021-08-06Sophos Naked SecurityPaul Ducklin
@online{ducklin:20210806:conti:9bcfb85, author = {Paul Ducklin}, title = {{Conti ransomware affiliate goes rogue, leaks “gang data”}}, date = {2021-08-06}, organization = {Sophos Naked Security}, url = {https://nakedsecurity.sophos.com/2021/08/06/conti-ransomware-affiliate-goes-rogue-leaks-company-data/}, language = {English}, urldate = {2022-03-18} } Conti ransomware affiliate goes rogue, leaks “gang data”
Conti
2021-07-01Quick HealAyush Puri
@online{puri:20210701:warzone:becd74e, author = {Ayush Puri}, title = {{WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents}}, date = {2021-07-01}, organization = {Quick Heal}, url = {https://blogs.quickheal.com/warzone-rat-beware-of-the-trojan-malware-stealing-data-triggering-from-various-office-documents/}, language = {English}, urldate = {2021-07-11} } WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents
Ave Maria
2021-04-22Twitter (@ET_Labs)ET Labs
@online{labs:20210422:lunar:b350736, author = {ET Labs}, title = {{Tweet on Lunar Builder exfiltrating data via Discord webhook}}, date = {2021-04-22}, organization = {Twitter (@ET_Labs)}, url = {https://twitter.com/ET_Labs/status/1385351516664389633}, language = {English}, urldate = {2021-05-25} } Tweet on Lunar Builder exfiltrating data via Discord webhook
2021-04-19Intel 471Intel 471
@online{471:20210419:how:2cba4f2, author = {Intel 471}, title = {{How China’s cybercrime underground is making money off big data}}, date = {2021-04-19}, organization = {Intel 471}, url = {https://intel471.com/blog/china-cybercrime-big-data-privacy-laws/}, language = {English}, urldate = {2021-04-20} } How China’s cybercrime underground is making money off big data
2021-04-13CAPCOMCAPCOM
@techreport{capcom:20210413:4th:7ce2091, author = {CAPCOM}, title = {{4th Update Regarding Data Security Incident Due to Unauthorized Access:Investigation Results}}, date = {2021-04-13}, institution = {CAPCOM}, url = {https://www.capcom.co.jp/ir/english/news/pdf/e210413.pdf}, language = {English}, urldate = {2021-04-14} } 4th Update Regarding Data Security Incident Due to Unauthorized Access:Investigation Results
RagnarLocker
2021-02-17G DataKarsten Hahn
@online{hahn:20210217:sectoprat:f578681, author = {Karsten Hahn}, title = {{SectopRAT: New version adds encrypted communication}}, date = {2021-02-17}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2021/02/36633-new-version-adds-encrypted-communication}, language = {English}, urldate = {2023-02-06} } SectopRAT: New version adds encrypted communication
SectopRAT
2020-11-18G DataG-Data
@online{gdata:20201118:business:f4eda3a, author = {G-Data}, title = {{Business as usual: Criminal Activities in Times of a Global Pandemic}}, date = {2020-11-18}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/global-pandemic-remcos-tesla-netwire}, language = {English}, urldate = {2020-11-23} } Business as usual: Criminal Activities in Times of a Global Pandemic
Agent Tesla Nanocore RAT NetWire RC Remcos
2020-10-21G DataKarsten Hahn
@online{hahn:20201021:trat:389d7f3, author = {Karsten Hahn}, title = {{T-RAT 2.0: Malware control via smartphone}}, date = {2020-10-21}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/trat-control-via-smartphone}, language = {English}, urldate = {2020-10-23} } T-RAT 2.0: Malware control via smartphone
tRat T-RAT 2.0
2020-09-02sonatypeAkshay 'Ax' Sharma
@online{sharma:20200902:inside:68cc1bd, author = {Akshay 'Ax' Sharma}, title = {{Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software}}, date = {2020-09-02}, organization = {sonatype}, url = {https://blog.sonatype.com/inside-the-fallguys-malware}, language = {English}, urldate = {2020-09-03} } Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software
2020-07-09GdataG DATA Security Lab
@online{lab:20200709:servhelper:13899fd, author = {G DATA Security Lab}, title = {{ServHelper: Hidden Miners}}, date = {2020-07-09}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2020/07/36122-hidden-miners}, language = {English}, urldate = {2020-07-16} } ServHelper: Hidden Miners
ServHelper
2020-06-30G DataG Data
@online{data:20200630:ransomware:3f071e1, author = {G Data}, title = {{Ransomware on the Rise: Buran’s transformation into Zeppelin}}, date = {2020-06-30}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2020/06/35946-burans-transformation-into-zeppelin}, language = {English}, urldate = {2020-07-02} } Ransomware on the Rise: Buran’s transformation into Zeppelin
2020-06-16G DataKarsten Hahn
@online{hahn:20200616:new:124c3d1, author = {Karsten Hahn}, title = {{New Java STRRAT ships with .crimson ransomware module}}, date = {2020-06-16}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/strrat-crimson}, language = {English}, urldate = {2020-06-16} } New Java STRRAT ships with .crimson ransomware module
STRRAT
2019-11-21G DataKarsten Hahn, Stefan Karpenstein
@online{hahn:20191121:stop:a5c8118, author = {Karsten Hahn and Stefan Karpenstein}, title = {{STOP Ransomware: Finger weg von illegalen Software-Downloads}}, date = {2019-11-21}, organization = {G Data}, url = {https://www.gdata.de/blog/1970/01/-35391-finger-weg-von-illegalen-software-downloads}, language = {English}, urldate = {2020-01-10} } STOP Ransomware: Finger weg von illegalen Software-Downloads
STOP
2019-11-21G DataG Data
@online{data:20191121:new:cbeb2e4, author = {G Data}, title = {{New SectopRAT: Remote access malware utilizes second desktop to control browsers}}, date = {2019-11-21}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2019/11/35548-new-sectoprat-remote-access-malware-utilizes-second-desktop-to-control-browsers}, language = {English}, urldate = {2020-01-10} } New SectopRAT: Remote access malware utilizes second desktop to control browsers
SectopRAT
2019-07-16G DataG DATA Security Lab
@online{lab:20190716:analysis:26c4f96, author = {G DATA Security Lab}, title = {{Analysis: Server-side polymorphism & PowerShell backdoors}}, date = {2019-07-16}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2019/07/35061-server-side-polymorphism-powershell-backdoors}, language = {English}, urldate = {2022-03-31} } Analysis: Server-side polymorphism & PowerShell backdoors
Rozena