Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-01-19CiscoGuilherme Venere
@online{venere:20230119:following:c60f349, author = {Guilherme Venere}, title = {{Following the LNK metadata trail}}, date = {2023-01-19}, organization = {Cisco}, url = {https://blog.talosintelligence.com/following-the-lnk-metadata-trail}, language = {English}, urldate = {2023-04-06} } Following the LNK metadata trail
BumbleBee PhotoLoader QakBot
2022-09-15TalosAsheer Malhotra, Guilherme Venere
@online{malhotra:20220915:gamaredon:e8a0cbc, author = {Asheer Malhotra and Guilherme Venere}, title = {{Gamaredon APT targets Ukrainian government agencies in new campaign}}, date = {2022-09-15}, organization = {Talos}, url = {https://blog.talosintelligence.com/2022/09/gamaredon-apt-targets-ukrainian-agencies.html}, language = {English}, urldate = {2022-09-19} } Gamaredon APT targets Ukrainian government agencies in new campaign
2022-06-21Cisco TalosFlavio Costa, Chris Neal, Guilherme Venere
@online{costa:20220621:avos:b60a2ad, author = {Flavio Costa and Chris Neal and Guilherme Venere}, title = {{Avos ransomware group expands with new attack arsenal}}, date = {2022-06-21}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/06/avoslocker-new-arsenal.html}, language = {English}, urldate = {2022-06-22} } Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz
2016-08Intel SecuritySanchit Karve, Guilherme Venere, Mark Olea
@techreport{karve:201608:diving:6f604b3, author = {Sanchit Karve and Guilherme Venere and Mark Olea}, title = {{DIVING INTO PINKSLIPBOT’S LATEST CAMPAIGN}}, date = {2016-08}, institution = {Intel Security}, url = {https://www.virusbulletin.com/uploads/pdf/magazine/2016/VB2016-Karve-etal.pdf}, language = {English}, urldate = {2019-11-27} } DIVING INTO PINKSLIPBOT’S LATEST CAMPAIGN
QakBot