Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-07GooglePierre-Marc Bureau, Google Threat Analysis Group
@online{bureau:20220907:initial:d1975b3, author = {Pierre-Marc Bureau and Google Threat Analysis Group}, title = {{Initial access broker repurposing techniques in targeted attacks against Ukraine}}, date = {2022-09-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/initial-access-broker-repurposing-techniques-in-targeted-attacks-against-ukraine/}, language = {English}, urldate = {2022-09-13} } Initial access broker repurposing techniques in targeted attacks against Ukraine
AnchorMail Cobalt Strike IcedID
2022-07-12GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220712:tag:75b230d, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q2 2022}}, date = {2022-07-12}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q2-2022/}, language = {English}, urldate = {2022-07-15} } TAG Bulletin: Q2 2022
2022-06-30GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220630:countering:ce81f7e, author = {Shane Huntley and Google Threat Analysis Group}, title = {{Countering hack-for-hire groups}}, date = {2022-06-30}, organization = {Google}, url = {https://blog.google/threat-analysis-group/countering-hack-for-hire-groups/}, language = {English}, urldate = {2022-07-15} } Countering hack-for-hire groups
Void Balaur
2022-06-23GoogleBenoit Sevens, Clement Lecigne, Google Threat Analysis Group
@online{sevens:20220623:spyware:e4fb7dd, author = {Benoit Sevens and Clement Lecigne and Google Threat Analysis Group}, title = {{Spyware vendor targets users in Italy and Kazakhstan}}, date = {2022-06-23}, organization = {Google}, url = {https://blog.google/threat-analysis-group/italian-spyware-vendor-targets-users-in-italy-and-kazakhstan/}, language = {English}, urldate = {2022-07-01} } Spyware vendor targets users in Italy and Kazakhstan
Hermit
2022-05-19GoogleClement Lecigne, Christian Resell, Google Threat Analysis Group
@online{lecigne:20220519:protecting:847f98a, author = {Clement Lecigne and Christian Resell and Google Threat Analysis Group}, title = {{Protecting Android users from 0-Day attacks}}, date = {2022-05-19}, organization = {Google}, url = {https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/}, language = {English}, urldate = {2022-05-25} } Protecting Android users from 0-Day attacks
2022-05-03GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20220503:update:cee4563, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Update on cyber activity in Eastern Europe}}, date = {2022-05-03}, organization = {Google}, url = {https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/}, language = {English}, urldate = {2022-05-04} } Update on cyber activity in Eastern Europe
Curious Gorge
2022-03-30GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20220330:tracking:faab472, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tracking cyber activity in Eastern Europe}}, date = {2022-03-30}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe/}, language = {English}, urldate = {2022-03-31} } Tracking cyber activity in Eastern Europe
2022-03-24GoogleAdam Weidemann, Google Threat Analysis Group
@online{weidemann:20220324:countering:9a9dcd2, author = {Adam Weidemann and Google Threat Analysis Group}, title = {{Countering threats from North Korea}}, date = {2022-03-24}, organization = {Google}, url = {https://blog.google/threat-analysis-group/countering-threats-north-korea/}, language = {English}, urldate = {2022-03-25} } Countering threats from North Korea
2022-03-17GoogleVladislav Stolyarov, Benoit Sevens, Google Threat Analysis Group
@online{stolyarov:20220317:exposing:f818c6d, author = {Vladislav Stolyarov and Benoit Sevens and Google Threat Analysis Group}, title = {{Exposing initial access broker with ties to Conti}}, date = {2022-03-17}, organization = {Google}, url = {https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/}, language = {English}, urldate = {2022-03-18} } Exposing initial access broker with ties to Conti
BazarBackdoor BumbleBee Cobalt Strike Conti
2022-03-08Twitter (@ShaneHuntley)Shane Huntley, Google Threat Analysis Group
@online{huntley:20220308:apt31:9193a1d, author = {Shane Huntley and Google Threat Analysis Group}, title = {{Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February}}, date = {2022-03-08}, organization = {Twitter (@ShaneHuntley)}, url = {https://twitter.com/ShaneHuntley/status/1501224764530069504}, language = {English}, urldate = {2022-03-10} } Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February
2022-03-07GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220307:update:0381e70, author = {Shane Huntley and Google Threat Analysis Group}, title = {{An update on the threat landscape (APT28, UNC1151, MUSTANG PANDA)}}, date = {2022-03-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/update-threat-landscape-ukraine/}, language = {English}, urldate = {2022-03-08} } An update on the threat landscape (APT28, UNC1151, MUSTANG PANDA)
2022-03-01GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220301:tag:7979933, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q1 2022}}, date = {2022-03-01}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q1-2022/}, language = {English}, urldate = {2022-03-02} } TAG Bulletin: Q1 2022
2022-01-14Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20220114:apt28:6c659cc, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on APT28 credential phishing campaigns targeting Ukraine}}, date = {2022-01-14}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1482034733072752640}, language = {English}, urldate = {2022-01-18} } Tweet on APT28 credential phishing campaigns targeting Ukraine
2021-12-07GoogleShane Huntley, Luca Nagy, Google Threat Analysis Group
@online{huntley:20211207:disrupting:9fd4ab7, author = {Shane Huntley and Luca Nagy and Google Threat Analysis Group}, title = {{Disrupting the Glupteba operation}}, date = {2021-12-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/disrupting-glupteba-operation/}, language = {English}, urldate = {2021-12-08} } Disrupting the Glupteba operation
Glupteba
2021-12-02GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20211202:tag:0e0e268, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q4 2021}}, date = {2021-12-02}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q4-2021/}, language = {English}, urldate = {2021-12-08} } TAG Bulletin: Q4 2021
2021-11-24GoogleGoogle Cybersecurity Action Team, Google Threat Analysis Group
@techreport{team:20211124:threat:a837017, author = {Google Cybersecurity Action Team and Google Threat Analysis Group}, title = {{Threat Horizons Cloud Threat Intelligence November 2021. Issue 1}}, date = {2021-11-24}, institution = {Google}, url = {https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf}, language = {English}, urldate = {2021-11-29} } Threat Horizons Cloud Threat Intelligence November 2021. Issue 1
BlackMatter
2021-11-11GoogleErye Hernandez, Google Threat Analysis Group
@online{hernandez:20211111:analyzing:8107f2e, author = {Erye Hernandez and Google Threat Analysis Group}, title = {{Analyzing a watering hole campaign using macOS exploits}}, date = {2021-11-11}, organization = {Google}, url = {https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/}, language = {English}, urldate = {2021-11-17} } Analyzing a watering hole campaign using macOS exploits
CDDS
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211110:rekoobe:2f64840, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012}}, date = {2021-11-10}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1458531997576572929}, language = {English}, urldate = {2021-11-17} } Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-10-29GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20211029:tag:49e2993, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q3 2021}}, date = {2021-10-29}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q3-2021/}, language = {English}, urldate = {2021-11-17} } TAG Bulletin: Q3 2021
2021-10-20GoogleAshley Shen, Google Threat Analysis Group
@online{shen:20211020:phishing:b0fa074, author = {Ashley Shen and Google Threat Analysis Group}, title = {{Phishing campaign targets YouTube creators with cookie theft malware}}, date = {2021-10-20}, organization = {Google}, url = {https://blog.google/threat-analysis-group/phishing-campaign-targets-youtube-creators-cookie-theft-malware/}, language = {English}, urldate = {2021-10-26} } Phishing campaign targets YouTube creators with cookie theft malware