Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-27NetskopeGustavo Palazolo
@online{palazolo:20220627:emotet:e01f0fb, author = {Gustavo Palazolo}, title = {{Emotet: Still Abusing Microsoft Office Macros}}, date = {2022-06-27}, organization = {Netskope}, url = {https://www.netskope.com/blog/emotet-still-abusing-microsoft-office-macros}, language = {English}, urldate = {2022-06-30} } Emotet: Still Abusing Microsoft Office Macros
Emotet
2022-05-12NetskopeGustavo Palazolo
@online{palazolo:20220512:redline:2a91da2, author = {Gustavo Palazolo}, title = {{RedLine Stealer Campaign Using Binance Mystery Box Videos to Spread GitHub-Hosted Payload}}, date = {2022-05-12}, organization = {Netskope}, url = {https://www.netskope.com/blog/redline-stealer-campaign-using-binance-mystery-box-videos-to-spread-github-hosted-payload}, language = {English}, urldate = {2022-05-17} } RedLine Stealer Campaign Using Binance Mystery Box Videos to Spread GitHub-Hosted Payload
RedLine Stealer
2022-05-06NetskopeGustavo Palazolo
@online{palazolo:20220506:emotet:44a2595, author = {Gustavo Palazolo}, title = {{Emotet: New Delivery Mechanism to Bypass VBA Protection}}, date = {2022-05-06}, organization = {Netskope}, url = {https://www.netskope.com/blog/emotet-new-delivery-mechanism-to-bypass-vba-protection}, language = {English}, urldate = {2022-05-09} } Emotet: New Delivery Mechanism to Bypass VBA Protection
Emotet
2022-03-11NetskopeGustavo Palazolo
@online{palazolo:20220311:new:68467fb, author = {Gustavo Palazolo}, title = {{New Formbook Campaign Delivered Through Phishing Emails}}, date = {2022-03-11}, organization = {Netskope}, url = {https://www.netskope.com/blog/new-formbook-campaign-delivered-through-phishing-emails}, language = {English}, urldate = {2022-03-14} } New Formbook Campaign Delivered Through Phishing Emails
Formbook
2022-01-26NetskopeGustavo Palazolo
@online{palazolo:20220126:netskope:8a29793, author = {Gustavo Palazolo}, title = {{Netskope Threat Coverage: WhisperGate}}, date = {2022-01-26}, organization = {Netskope}, url = {https://www.netskope.com/blog/netskope-threat-coverage-whispergate}, language = {English}, urldate = {2022-01-31} } Netskope Threat Coverage: WhisperGate
WhisperGate
2022-01-24NetskopeGustavo Palazolo, Ghanashyam Satpathy
@online{palazolo:20220124:infected:65db665, author = {Gustavo Palazolo and Ghanashyam Satpathy}, title = {{Infected PowerPoint Files Using Cloud Services to Deliver Multiple Malware}}, date = {2022-01-24}, organization = {Netskope}, url = {https://www.netskope.com/blog/infected-powerpoint-files-using-cloud-services-to-deliver-multiple-malware}, language = {English}, urldate = {2022-01-28} } Infected PowerPoint Files Using Cloud Services to Deliver Multiple Malware
Agent Tesla
2022-01-12NetskopeGustavo Palazolo
@online{palazolo:20220112:abusing:47afdc2, author = {Gustavo Palazolo}, title = {{Abusing Microsoft Office Using Malicious Web Archive Files}}, date = {2022-01-12}, organization = {Netskope}, url = {https://www.netskope.com/blog/abusing-microsoft-office-using-malicious-web-archive-files}, language = {English}, urldate = {2022-01-18} } Abusing Microsoft Office Using Malicious Web Archive Files
2021-11-18NetskopeGustavo Palazolo, Ghanashyam Satpathy
@online{palazolo:20211118:netskope:39d2098, author = {Gustavo Palazolo and Ghanashyam Satpathy}, title = {{Netskope Threat Coverage: The Return of Emotet}}, date = {2021-11-18}, organization = {Netskope}, url = {https://www.netskope.com/blog/netskope-threat-coverage-the-return-of-emotet}, language = {English}, urldate = {2021-11-25} } Netskope Threat Coverage: The Return of Emotet
Emotet
2021-10-21NetskopeGustavo Palazolo
@online{palazolo:20211021:dbatloader:7074875, author = {Gustavo Palazolo}, title = {{DBatLoader: Abusing Discord to Deliver Warzone RAT}}, date = {2021-10-21}, organization = {Netskope}, url = {https://www.netskope.com/blog/dbatloader-abusing-discord-to-deliver-warzone-rat}, language = {English}, urldate = {2021-10-26} } DBatLoader: Abusing Discord to Deliver Warzone RAT
Ave Maria DBatLoader
2021-10-07NetskopeGustavo Palazolo, Ghanashyam Satpathy
@online{palazolo:20211007:squirrelwaffle:3506816, author = {Gustavo Palazolo and Ghanashyam Satpathy}, title = {{SquirrelWaffle: New Malware Loader Delivering Cobalt Strike and QakBot}}, date = {2021-10-07}, organization = {Netskope}, url = {https://www.netskope.com/blog/squirrelwaffle-new-malware-loader-delivering-cobalt-strike-and-qakbot}, language = {English}, urldate = {2021-10-11} } SquirrelWaffle: New Malware Loader Delivering Cobalt Strike and QakBot
Cobalt Strike QakBot Squirrelwaffle
2021-09-10NetskopeGustavo Palazolo
@online{palazolo:20210910:hive:e875859, author = {Gustavo Palazolo}, title = {{Hive Ransomware: Actively Targeting Hospitals}}, date = {2021-09-10}, organization = {Netskope}, url = {https://www.netskope.com/blog/hive-ransomware-actively-targeting-hospitals}, language = {English}, urldate = {2021-09-14} } Hive Ransomware: Actively Targeting Hospitals
Hive
2021-08-23NetskopeGustavo Palazolo
@online{palazolo:20210823:netskope:356b783, author = {Gustavo Palazolo}, title = {{Netskope Threat Coverage: BlackMatter}}, date = {2021-08-23}, organization = {Netskope}, url = {https://www.netskope.com/blog/netskope-threat-coverage-blackmatter}, language = {English}, urldate = {2021-08-25} } Netskope Threat Coverage: BlackMatter
BlackMatter
2021-08-12NetskopeGustavo Palazolo
@online{palazolo:20210812:netskope:b320543, author = {Gustavo Palazolo}, title = {{Netskope Threat Coverage: LockBit}}, date = {2021-08-12}, organization = {Netskope}, url = {https://www.netskope.com/blog/netskope-threat-coverage-lockbit}, language = {English}, urldate = {2021-09-02} } Netskope Threat Coverage: LockBit
LockBit
2021-07-07NetskopeGustavo Palazolo
@online{palazolo:20210707:netskope:5b5bd6c, author = {Gustavo Palazolo}, title = {{Netskope Threat Coverage: REvil}}, date = {2021-07-07}, organization = {Netskope}, url = {https://www.netskope.com/blog/netskope-threat-coverage-revil}, language = {English}, urldate = {2021-07-19} } Netskope Threat Coverage: REvil
REvil
2021-06-03YouTube (FIRST)Felipe Domingues, Gustavo Palazolo
@online{domingues:20210603:breaking:69967e5, author = {Felipe Domingues and Gustavo Palazolo}, title = {{Breaking Dridex Malware}}, date = {2021-06-03}, organization = {YouTube (FIRST)}, url = {https://www.youtube.com/watch?v=1VB15_HgUkg}, language = {English}, urldate = {2021-06-16} } Breaking Dridex Malware
Dridex
2020-11-15Medium GustavoPalazoloGustavo Palazolo
@online{palazolo:20201115:ransomexx:86689d1, author = {Gustavo Palazolo}, title = {{RansomEXX — Análise do Ransomware Utilizado no Ataque ao STJ}}, date = {2020-11-15}, organization = {Medium GustavoPalazolo}, url = {https://gustavopalazolo.medium.com/ransomexx-an%C3%A1lise-do-ransomware-utilizado-no-ataque-ao-stj-918001ec8195}, language = {Portuguese}, urldate = {2020-12-10} } RansomEXX — Análise do Ransomware Utilizado no Ataque ao STJ
RansomEXX
2020-09-18AppGateGustavo Palazolo, Felipe Duarte
@online{palazolo:20200918:reverse:689e4cb, author = {Gustavo Palazolo and Felipe Duarte}, title = {{Reverse Engineering Dridex and Automating IOC Extraction}}, date = {2020-09-18}, organization = {AppGate}, url = {https://www.appgate.com/blog/reverse-engineering-dridex-and-automating-ioc-extraction}, language = {English}, urldate = {2020-09-25} } Reverse Engineering Dridex and Automating IOC Extraction
Dridex