Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-04Kaspersky LabsDmitry Kalinin
@online{kalinin:20230504:not:44e1fd7, author = {Dmitry Kalinin}, title = {{Not quite an Easter egg: a new family of Trojan subscribers on Google Play}}, date = {2023-05-04}, organization = {Kaspersky Labs}, url = {https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/}, language = {English}, urldate = {2023-05-08} } Not quite an Easter egg: a new family of Trojan subscribers on Google Play
2023-04-26United States District Court (Southern District of New York)Google
@techreport{google:20230426:cryptbot:ea44d7c, author = {Google}, title = {{CryptBot complaint against Zubair Saeed, Raheel Arshad and Mohammad Rasheed Siddiqui}}, date = {2023-04-26}, institution = {United States District Court (Southern District of New York)}, url = {https://regmedia.co.uk/2023/04/28/handout_google_cryptbot_complaint.pdf}, language = {English}, urldate = {2023-05-02} } CryptBot complaint against Zubair Saeed, Raheel Arshad and Mohammad Rasheed Siddiqui
CryptBot
2023-04-19GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20230419:ukraine:6c3440b, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Ukraine remains Russia’s biggest cyber focus in 2023}}, date = {2023-04-19}, organization = {Google}, url = {https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023}, language = {English}, urldate = {2023-04-22} } Ukraine remains Russia’s biggest cyber focus in 2023
Rhadamanthys
2023-04-13GoogleMike Trinh, Pierre-Marc Bureau, Google Threat Analysis Group
@online{trinh:20230413:continuing:c9d837c, author = {Mike Trinh and Pierre-Marc Bureau and Google Threat Analysis Group}, title = {{Continuing our work to hold cybercriminal ecosystems accountable}}, date = {2023-04-13}, organization = {Google}, url = {https://blog.google/technology/safety-security/continuing-our-work-to-hold-cybercriminal-ecosystems-accountable/}, language = {English}, urldate = {2023-05-02} } Continuing our work to hold cybercriminal ecosystems accountable
CryptBot
2023-04-05GoogleAdam Weidemann, Google Threat Analysis Group
@online{weidemann:20230405:how:c5ac947, author = {Adam Weidemann and Google Threat Analysis Group}, title = {{How we’re protecting users from government-backed attacks from North Korea}}, date = {2023-04-05}, organization = {Google}, url = {https://blog.google/threat-analysis-group/how-were-protecting-users-from-government-backed-attacks-from-north-korea/}, language = {English}, urldate = {2023-04-22} } How we’re protecting users from government-backed attacks from North Korea
BabyShark
2023-03-30GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20230330:tag:d29d831, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q1 2023}}, date = {2023-03-30}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q1-2023/}, language = {English}, urldate = {2023-04-22} } TAG Bulletin: Q1 2023
2023-03-29GoogleClement Lecigne, Google Threat Analysis Group
@online{lecigne:20230329:spyware:908f754, author = {Clement Lecigne and Google Threat Analysis Group}, title = {{Spyware vendors use 0-days and n-days against popular platforms}}, date = {2023-03-29}, organization = {Google}, url = {https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/}, language = {English}, urldate = {2023-04-22} } Spyware vendors use 0-days and n-days against popular platforms
2023-03-27GoogleGoogle Cybersecurity Action Team
@techreport{team:20230327:threat:4aae33b, author = {Google Cybersecurity Action Team}, title = {{Threat Horizons: April 2023 Threat Horizons Report}}, date = {2023-03-27}, institution = {Google}, url = {https://services.google.com/fh/files/blogs/gcat_threathorizons_full_apr2023.pdf}, language = {English}, urldate = {2023-04-22} } Threat Horizons: April 2023 Threat Horizons Report
Gdrive APT41
2023-03-14GoogleBenoit Sevens
@online{sevens:20230314:magniber:5f03fd7, author = {Benoit Sevens}, title = {{Magniber ransomware actors used a variant of Microsoft SmartScreen bypass}}, date = {2023-03-14}, organization = {Google}, url = {https://blog.google/threat-analysis-group/magniber-ransomware-actors-used-a-variant-of-microsoft-smartscreen-bypass/}, language = {English}, urldate = {2023-03-20} } Magniber ransomware actors used a variant of Microsoft SmartScreen bypass
Magniber
2023-03-09eSentireeSentire Threat Response Unit (TRU)
@online{tru:20230309:batloader:db50046, author = {eSentire Threat Response Unit (TRU)}, title = {{BatLoader Continues to Abuse Google Search Ads to Deliver Vidar Stealer and Ursnif}}, date = {2023-03-09}, organization = {eSentire}, url = {https://www.esentire.com/blog/batloader-continues-to-abuse-google-search-ads-to-deliver-vidar-stealer-and-ursnif}, language = {English}, urldate = {2023-04-25} } BatLoader Continues to Abuse Google Search Ads to Deliver Vidar Stealer and Ursnif
BATLOADER ISFB Vidar
2023-02-16GoogleShane Huntley
@online{huntley:20230216:fog:de676ba, author = {Shane Huntley}, title = {{Fog of war: how the Ukraine conflict transformed the cyber threat landscape}}, date = {2023-02-16}, organization = {Google}, url = {https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/}, language = {English}, urldate = {2023-02-16} } Fog of war: how the Ukraine conflict transformed the cyber threat landscape
APT28 Ghostwriter SaintBear Sandworm Turla
2023-02-15GoogleGoogle Threat Analysis Group, Mandiant
@techreport{group:20230215:fog:0d99aaa, author = {Google Threat Analysis Group and Mandiant}, title = {{Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape}}, date = {2023-02-15}, institution = {Google}, url = {https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf}, language = {English}, urldate = {2023-03-13} } Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape
CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate Callisto Curious Gorge MUSTANG PANDA Turla
2023-02-08NTT SecurityRyu Hiyoshi
@online{hiyoshi:20230208:steelclover:0f3b85a, author = {Ryu Hiyoshi}, title = {{SteelClover Attacks Distributing Malware Via Google Ads Increased}}, date = {2023-02-08}, organization = {NTT Security}, url = {https://insight-jp.nttsecurity.com/post/102i7af/steelclovergoogle}, language = {English}, urldate = {2023-02-13} } SteelClover Attacks Distributing Malware Via Google Ads Increased
BATLOADER ISFB RedLine Stealer
2023-01-31DarktraceRoberto Martinez
@online{martinez:20230131:vidar:32a27bd, author = {Roberto Martinez}, title = {{Vidar Info-Stealer Malware Distributed via Malvertising on Google}}, date = {2023-01-31}, organization = {Darktrace}, url = {https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google}, language = {English}, urldate = {2023-02-01} } Vidar Info-Stealer Malware Distributed via Malvertising on Google
Vidar
2023-01-26GoogleZak Butler, Jonas Taege, Google Threat Analysis Group
@online{butler:20230126:over:b62647c, author = {Zak Butler and Jonas Taege and Google Threat Analysis Group}, title = {{Over 50,000 instances of DRAGONBRIDGE activity disrupted in 2022}}, date = {2023-01-26}, organization = {Google}, url = {https://blog.google/threat-analysis-group/over-50000-instances-of-dragonbridge-activity-disrupted-in-2022/}, language = {English}, urldate = {2023-04-22} } Over 50,000 instances of DRAGONBRIDGE activity disrupted in 2022
2023-01-18SANS ISCBrad Duncan
@online{duncan:20230118:malicious:df039e8, author = {Brad Duncan}, title = {{Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware}}, date = {2023-01-18}, organization = {SANS ISC}, url = {https://isc.sans.edu/diary/rss/29448}, language = {English}, urldate = {2023-01-19} } Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware
Aurora Stealer
2023-01-12CybleincCyble
@online{cyble:20230112:rhadamanthys:c1e900e, author = {Cyble}, title = {{Rhadamanthys: New Stealer Spreading Through Google Ads}}, date = {2023-01-12}, organization = {Cybleinc}, url = {https://blog.cyble.com/2023/01/12/rhadamanthys-new-stealer-spreading-through-google-ads/}, language = {English}, urldate = {2023-01-16} } Rhadamanthys: New Stealer Spreading Through Google Ads
Rhadamanthys
2023-01-03Malware Traffic AnalysisBrad Duncan
@online{duncan:20230103:20230103:d0e003c, author = {Brad Duncan}, title = {{2023-01-03 (TUESDAY) - GOOGLE AD --> FAKE NOTPAD++ PAGE --> RHADAMANTHYS STEALER}}, date = {2023-01-03}, organization = {Malware Traffic Analysis}, url = {https://www.malware-traffic-analysis.net/2023/01/03/index.html}, language = {English}, urldate = {2023-02-06} } 2023-01-03 (TUESDAY) - GOOGLE AD --> FAKE NOTPAD++ PAGE --> RHADAMANTHYS STEALER
Rhadamanthys
2022-12-23TrendmicroIan Kenefick
@online{kenefick:20221223:icedid:df95b05, author = {Ian Kenefick}, title = {{IcedID Botnet Distributors Abuse Google PPC to Distribute Malware}}, date = {2022-12-23}, organization = {Trendmicro}, url = {https://www.trendmicro.com/en_ie/research/22/l/icedid-botnet-distributors-abuse-google-ppc-to-distribute-malware.html}, language = {English}, urldate = {2022-12-24} } IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
IcedID
2022-12-15ISCBrad Duncan
@online{duncan:20221215:google:179f840, author = {Brad Duncan}, title = {{Google ads lead to fake software pages pushing IcedID (Bokbot)}}, date = {2022-12-15}, organization = {ISC}, url = {https://isc.sans.edu/diary/Google+ads+lead+to+fake+software+pages+pushing+IcedID+Bokbot/29344}, language = {English}, urldate = {2022-12-19} } Google ads lead to fake software pages pushing IcedID (Bokbot)
IcedID