Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-19GoogleClement Lecigne, Christian Resell, Google Threat Analysis Group
@online{lecigne:20220519:protecting:847f98a, author = {Clement Lecigne and Christian Resell and Google Threat Analysis Group}, title = {{Protecting Android users from 0-Day attacks}}, date = {2022-05-19}, organization = {Google}, url = {https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/}, language = {English}, urldate = {2022-05-25} } Protecting Android users from 0-Day attacks
2022-05-03GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20220503:update:cee4563, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Update on cyber activity in Eastern Europe}}, date = {2022-05-03}, organization = {Google}, url = {https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/}, language = {English}, urldate = {2022-05-04} } Update on cyber activity in Eastern Europe
Curious Gorge
2022-03-30GoogleBilly Leonard, Google Threat Analysis Group
@online{leonard:20220330:tracking:faab472, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tracking cyber activity in Eastern Europe}}, date = {2022-03-30}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe/}, language = {English}, urldate = {2022-03-31} } Tracking cyber activity in Eastern Europe
2022-03-24GoogleAdam Weidemann, Google Threat Analysis Group
@online{weidemann:20220324:countering:9a9dcd2, author = {Adam Weidemann and Google Threat Analysis Group}, title = {{Countering threats from North Korea}}, date = {2022-03-24}, organization = {Google}, url = {https://blog.google/threat-analysis-group/countering-threats-north-korea/}, language = {English}, urldate = {2022-03-25} } Countering threats from North Korea
2022-03-17GoogleVladislav Stolyarov, Benoit Sevens, Google Threat Analysis Group
@online{stolyarov:20220317:exposing:f818c6d, author = {Vladislav Stolyarov and Benoit Sevens and Google Threat Analysis Group}, title = {{Exposing initial access broker with ties to Conti}}, date = {2022-03-17}, organization = {Google}, url = {https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/}, language = {English}, urldate = {2022-03-18} } Exposing initial access broker with ties to Conti
BazarBackdoor BumbleBee Cobalt Strike Conti
2022-03-08Twitter (@ShaneHuntley)Shane Huntley, Google Threat Analysis Group
@online{huntley:20220308:apt31:9193a1d, author = {Shane Huntley and Google Threat Analysis Group}, title = {{Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February}}, date = {2022-03-08}, organization = {Twitter (@ShaneHuntley)}, url = {https://twitter.com/ShaneHuntley/status/1501224764530069504}, language = {English}, urldate = {2022-03-10} } Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February
2022-03-07GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220307:update:0381e70, author = {Shane Huntley and Google Threat Analysis Group}, title = {{An update on the threat landscape (APT28, UNC1151, MUSTANG PANDA)}}, date = {2022-03-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/update-threat-landscape-ukraine/}, language = {English}, urldate = {2022-03-08} } An update on the threat landscape (APT28, UNC1151, MUSTANG PANDA)
2022-03-01GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20220301:tag:7979933, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q1 2022}}, date = {2022-03-01}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q1-2022/}, language = {English}, urldate = {2022-03-02} } TAG Bulletin: Q1 2022
2022-01-14Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20220114:apt28:6c659cc, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on APT28 credential phishing campaigns targeting Ukraine}}, date = {2022-01-14}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1482034733072752640}, language = {English}, urldate = {2022-01-18} } Tweet on APT28 credential phishing campaigns targeting Ukraine
2021-12-07GoogleShane Huntley, Luca Nagy, Google Threat Analysis Group
@online{huntley:20211207:disrupting:9fd4ab7, author = {Shane Huntley and Luca Nagy and Google Threat Analysis Group}, title = {{Disrupting the Glupteba operation}}, date = {2021-12-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/disrupting-glupteba-operation/}, language = {English}, urldate = {2021-12-08} } Disrupting the Glupteba operation
Glupteba
2021-12-02GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20211202:tag:0e0e268, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q4 2021}}, date = {2021-12-02}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q4-2021/}, language = {English}, urldate = {2021-12-08} } TAG Bulletin: Q4 2021
2021-11-24GoogleGoogle Cybersecurity Action Team, Google Threat Analysis Group
@techreport{team:20211124:threat:a837017, author = {Google Cybersecurity Action Team and Google Threat Analysis Group}, title = {{Threat Horizons Cloud Threat Intelligence November 2021. Issue 1}}, date = {2021-11-24}, institution = {Google}, url = {https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf}, language = {English}, urldate = {2021-11-29} } Threat Horizons Cloud Threat Intelligence November 2021. Issue 1
BlackMatter
2021-11-11GoogleErye Hernandez, Google Threat Analysis Group
@online{hernandez:20211111:analyzing:8107f2e, author = {Erye Hernandez and Google Threat Analysis Group}, title = {{Analyzing a watering hole campaign using macOS exploits}}, date = {2021-11-11}, organization = {Google}, url = {https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/}, language = {English}, urldate = {2021-11-17} } Analyzing a watering hole campaign using macOS exploits
CDDS
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211110:rekoobe:2f64840, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012}}, date = {2021-11-10}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1458531997576572929}, language = {English}, urldate = {2021-11-17} } Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-10-29GoogleShane Huntley, Google Threat Analysis Group
@online{huntley:20211029:tag:49e2993, author = {Shane Huntley and Google Threat Analysis Group}, title = {{TAG Bulletin: Q3 2021}}, date = {2021-10-29}, organization = {Google}, url = {https://blog.google/threat-analysis-group/tag-bulletin-q3-2021/}, language = {English}, urldate = {2021-11-17} } TAG Bulletin: Q3 2021
2021-10-20GoogleAshley Shen, Google Threat Analysis Group
@online{shen:20211020:phishing:b0fa074, author = {Ashley Shen and Google Threat Analysis Group}, title = {{Phishing campaign targets YouTube creators with cookie theft malware}}, date = {2021-10-20}, organization = {Google}, url = {https://blog.google/threat-analysis-group/phishing-campaign-targets-youtube-creators-cookie-theft-malware/}, language = {English}, urldate = {2021-10-26} } Phishing campaign targets YouTube creators with cookie theft malware
2021-10-14GoogleAjax Bash, Google Threat Analysis Group
@online{bash:20211014:countering:eef058c, author = {Ajax Bash and Google Threat Analysis Group}, title = {{Countering threats from Iran (APT35)}}, date = {2021-10-14}, organization = {Google}, url = {https://blog.google/threat-analysis-group/countering-threats-iran/}, language = {English}, urldate = {2021-10-25} } Countering threats from Iran (APT35)
2021-10-07Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
@online{leonard:20211007:iocs:db42716, author = {Billy Leonard and Google Threat Analysis Group}, title = {{Tweet on IOCs related to APT28}}, date = {2021-10-07}, organization = {Twitter (@billyleonard)}, url = {https://twitter.com/billyleonard/status/1446226367008313344}, language = {English}, urldate = {2021-11-17} } Tweet on IOCs related to APT28
2021-09-23GoogleNeel Mehta, Google Threat Analysis Group
@online{mehta:20210923:financially:8f507b2, author = {Neel Mehta and Google Threat Analysis Group}, title = {{Financially motivated actor breaks certificate parsing to avoid detection}}, date = {2021-09-23}, organization = {Google}, url = {https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/}, language = {English}, urldate = {2021-09-29} } Financially motivated actor breaks certificate parsing to avoid detection
OpenSUpdater
2021-07-14GoogleMaddie Stone, Clement Lecigne, Google Threat Analysis Group
@online{stone:20210714:how:38dfdc6, author = {Maddie Stone and Clement Lecigne and Google Threat Analysis Group}, title = {{How We Protect Users From 0-Day Attacks (CVE-2021-21166, CVE-2021-30551, CVE-2021-33742, CVE-2021-1879)}}, date = {2021-07-14}, organization = {Google}, url = {https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/}, language = {English}, urldate = {2021-07-26} } How We Protect Users From 0-Day Attacks (CVE-2021-21166, CVE-2021-30551, CVE-2021-33742, CVE-2021-1879)
Cobalt Strike