Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-18Cisco TalosHolger Unterbrink
@online{unterbrink:20220518:blackbyte:00c8696, author = {Holger Unterbrink}, title = {{The BlackByte ransomware group is striking users all over the globe}}, date = {2022-05-18}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/05/the-blackbyte-ransomware-group-is.html}, language = {English}, urldate = {2022-05-25} } The BlackByte ransomware group is striking users all over the globe
BlackByte
2021-01-06TalosIrshad Muhammad, Holger Unterbrink
@online{muhammad:20210106:deep:8fa3a1f, author = {Irshad Muhammad and Holger Unterbrink}, title = {{A Deep Dive into Lokibot Infection Chain}}, date = {2021-01-06}, organization = {Talos}, url = {https://blog.talosintelligence.com/2021/01/a-deep-dive-into-lokibot-infection-chain.html}, language = {English}, urldate = {2021-01-10} } A Deep Dive into Lokibot Infection Chain
Loki Password Stealer (PWS)
2020-09-02Cisco TalosHolger Unterbrink, Edmund Brumaghin
@online{unterbrink:20200902:salfram:74ae3c9, author = {Holger Unterbrink and Edmund Brumaghin}, title = {{Salfram: Robbing the place without removing your name tag}}, date = {2020-09-02}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/09/salfram-robbing-place-without-removing.html}, language = {English}, urldate = {2020-09-03} } Salfram: Robbing the place without removing your name tag
Ave Maria ISFB SmokeLoader Zloader
2019-08-28Cisco TalosEdmund Brumaghin, Holger Unterbrink
@online{brumaghin:20190828:rat:dadd9c5, author = {Edmund Brumaghin and Holger Unterbrink}, title = {{RAT Ratatouille: Backdooring PCs with leaked RATs}}, date = {2019-08-28}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/08/rat-ratatouille-revrat-orcus.html}, language = {English}, urldate = {2020-01-13} } RAT Ratatouille: Backdooring PCs with leaked RATs
Orcus RAT
2019-04-15TalosEdmund Brumaghin, Holger Unterbrink
@online{brumaghin:20190415:new:bf931b1, author = {Edmund Brumaghin and Holger Unterbrink}, title = {{New HawkEye Reborn Variant Emerges Following Ownership Change}}, date = {2019-04-15}, organization = {Talos}, url = {https://blog.talosintelligence.com/2019/04/hawkeye-reborn.html}, language = {English}, urldate = {2020-01-09} } New HawkEye Reborn Variant Emerges Following Ownership Change
HawkEye Keylogger
2018-08-22Cisco TalosEdmund Brumaghin, Holger Unterbrink, Eric Kuhla, Lilia Gonzalez Medina
@online{brumaghin:20180822:picking:925912d, author = {Edmund Brumaghin and Holger Unterbrink and Eric Kuhla and Lilia Gonzalez Medina}, title = {{Picking Apart Remcos Botnet-In-A-Box}}, date = {2018-08-22}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/08/picking-apart-remcos.html}, language = {English}, urldate = {2019-10-23} } Picking Apart Remcos Botnet-In-A-Box
Remcos
2018-07-03Talos IntelligenceBen Baker, Holger Unterbrink
@online{baker:20180703:smoking:067be1f, author = {Ben Baker and Holger Unterbrink}, title = {{Smoking Guns - Smoke Loader learned new tricks}}, date = {2018-07-03}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2018/07/smoking-guns-smoke-loader-learned-new.html}, language = {English}, urldate = {2019-10-14} } Smoking Guns - Smoke Loader learned new tricks
SmokeLoader TrickBot
2018-03-06Cisco TalosEdmund Brumaghin, Holger Unterbrink, Adam Weller
@online{brumaghin:20180306:gozi:6146f77, author = {Edmund Brumaghin and Holger Unterbrink and Adam Weller}, title = {{Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution}}, date = {2018-03-06}, organization = {Cisco Talos}, url = {http://blog.talosintelligence.com/2018/03/gozi-isfb-remains-active-in-2018.html}, language = {English}, urldate = {2019-12-17} } Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution
ISFB
2017-12-06CiscoHolger Unterbrink, Christopher Marczewski
@online{unterbrink:20171206:recam:2790363, author = {Holger Unterbrink and Christopher Marczewski}, title = {{Recam Redux - DeConfusing ConfuserEx}}, date = {2017-12-06}, organization = {Cisco}, url = {http://blog.talosintelligence.com/2017/12/recam-redux-deconfusing-confuserex.html}, language = {English}, urldate = {2019-12-06} } Recam Redux - DeConfusing ConfuserEx
NetWire RC
2017-09-05Cisco TalosHolger Unterbrink, Matthew Molyett
@online{unterbrink:20170905:graftor:ed3b2a3, author = {Holger Unterbrink and Matthew Molyett}, title = {{Graftor - But I Never Asked for This…}}, date = {2017-09-05}, organization = {Cisco Talos}, url = {http://blog.talosintelligence.com/2017/09/graftor-but-i-never-asked-for-this.html}, language = {English}, urldate = {2020-01-10} } Graftor - But I Never Asked for This…
Graftor