Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-23IBMNir Somech, Chen Nahman
@online{somech:20210923:new:7fc798f, author = {Nir Somech and Chen Nahman}, title = {{New ZE Loader Targets Online Banking Users}}, date = {2021-09-23}, organization = {IBM}, url = {https://securityintelligence.com/posts/new-ze-loader-targets-online-banking/}, language = {English}, urldate = {2021-09-28} } New ZE Loader Targets Online Banking Users
2021-09-20IBMIBM SECURITY X-FORCE
@online{xforce:20210920:2021:41cf9ce, author = {IBM SECURITY X-FORCE}, title = {{2021 IBM SecurityX-Force Cloud Threat Landscape Report}}, date = {2021-09-20}, organization = {IBM}, url = {https://www.ibm.com/downloads/cas/WMDZOWK6?social_post=5483919673&linkId=131648775}, language = {English}, urldate = {2021-09-22} } 2021 IBM SecurityX-Force Cloud Threat Landscape Report
Kaiji Kinsing Tsunami Xanthe XOR DDoS
2021-09-09IBMMegan Roddie
@online{roddie:20210909:lockbit:8b80ed5, author = {Megan Roddie}, title = {{LockBit 2.0: Ransomware Attacks Surge After Successful Affiliate Recruitment}}, date = {2021-09-09}, organization = {IBM}, url = {https://securityintelligence.com/posts/lockbit-ransomware-attacks-surge-affiliate-recruitment/}, language = {English}, urldate = {2021-09-10} } LockBit 2.0: Ransomware Attacks Surge After Successful Affiliate Recruitment
LockBit
2021-09-03IBMCamille Singleton, Andrew Gorecki, John Dwyer
@online{singleton:20210903:dissecting:4d56786, author = {Camille Singleton and Andrew Gorecki and John Dwyer}, title = {{Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight}}, date = {2021-09-03}, organization = {IBM}, url = {https://securityintelligence.com/posts/sodinokibi-ransomware-incident-response-intelligence-together/}, language = {English}, urldate = {2021-09-09} } Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight
Valak QakBot REvil
2021-08-17IBM X-Force ExchangeCharlotte Hammond, Chris Caridi
@online{hammond:20210817:analysis:03981d3, author = {Charlotte Hammond and Chris Caridi}, title = {{Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang}}, date = {2021-08-17}, organization = {IBM X-Force Exchange}, url = {https://securityintelligence.com/posts/analysis-of-diavol-ransomware-link-trickbot-gang/}, language = {English}, urldate = {2021-08-18} } Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang
Diavol
2021-07-21IBMChris Caridi, Allison Wikoff
@online{caridi:20210721:this:17b999a, author = {Chris Caridi and Allison Wikoff}, title = {{This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered}}, date = {2021-07-21}, organization = {IBM}, url = {https://securityintelligence.com/posts/egregor-ransomware-negotiations-uncovered/}, language = {English}, urldate = {2021-07-22} } This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered
Egregor
2021-07-12IBMMelissa Frydrych, Claire Zaboeva, Dan Dash
@online{frydrych:20210712:roboski:1f66418, author = {Melissa Frydrych and Claire Zaboeva and Dan Dash}, title = {{RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation}}, date = {2021-07-12}, organization = {IBM}, url = {https://securityintelligence.com/posts/roboski-global-recovery-automation/}, language = {English}, urldate = {2021-07-20} } RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation
404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos
2021-06-23IBMItzik Chimino
@online{chimino:20210623:ursnif:700b0a7, author = {Itzik Chimino}, title = {{Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy}}, date = {2021-06-23}, organization = {IBM}, url = {https://securityintelligence.com/posts/ursnif-cerberus-android-malware-bank-transfers-italy/}, language = {English}, urldate = {2021-06-24} } Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy
ISFB
2021-04-29IBMBen Wagner
@online{wagner:20210429:story:79bd16a, author = {Ben Wagner}, title = {{The Story of FakeChat}}, date = {2021-04-29}, organization = {IBM}, url = {https://securityintelligence.com/posts/story-of-fakechat-malware/}, language = {English}, urldate = {2021-05-03} } The Story of FakeChat
FluBot
2021-04-28IBMLimor Kessem
@online{kessem:20210428:sodinokibi:38fd348, author = {Limor Kessem}, title = {{The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash}}, date = {2021-04-28}, organization = {IBM}, url = {https://securityintelligence.com/posts/sodinokibi-revil-ransomware-disrupt-trade-secrets/}, language = {English}, urldate = {2021-05-03} } The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash
REvil
2021-04-28IBMDavid Bisson
@online{bisson:20210428:qbot:dcbcd50, author = {David Bisson}, title = {{QBot Malware Spotted Using Windows Defender Antivirus Lure}}, date = {2021-04-28}, organization = {IBM}, url = {https://securityintelligence.com/news/qbot-malware-using-windows-defender-antivirus-lure/}, language = {English}, urldate = {2021-05-03} } QBot Malware Spotted Using Windows Defender Antivirus Lure
QakBot
2021-04-16Associated PressFrank Bajak, Matt O'Brien
@online{bajak:20210416:sanctioned:84bffd0, author = {Frank Bajak and Matt O'Brien}, title = {{Sanctioned Russian IT firm was partner with Microsoft, IBM}}, date = {2021-04-16}, organization = {Associated Press}, url = {https://apnews.com/article/business-europe-hacking-russia-dd8c331ff30d366ea4f5d828e788c307}, language = {English}, urldate = {2021-04-19} } Sanctioned Russian IT firm was partner with Microsoft, IBM
2021-04-16IBMKoen Van Impe
@online{impe:20210416:combating:a198b55, author = {Koen Van Impe}, title = {{Combating Sleeper Threats With MTTD}}, date = {2021-04-16}, organization = {IBM}, url = {https://securityintelligence.com/articles/sleeper-threats-mean-time-to-detect/}, language = {English}, urldate = {2021-04-20} } Combating Sleeper Threats With MTTD
2021-04-14IBMMelissa Frydrych, Claire Zaboeva
@online{frydrych:20210414:update:1f0791f, author = {Melissa Frydrych and Claire Zaboeva}, title = {{An Update: The COVID-19 Vaccine’s Global Cold Chain Continues to Be a Target}}, date = {2021-04-14}, organization = {IBM}, url = {https://securityintelligence.com/posts/covid-19-vaccine-global-cold-chain-security/}, language = {English}, urldate = {2021-04-16} } An Update: The COVID-19 Vaccine’s Global Cold Chain Continues to Be a Target
2021-03-11IBMDave McMillen, Limor Kessem
@online{mcmillen:20210311:dridex:1140b01, author = {Dave McMillen and Limor Kessem}, title = {{Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts}}, date = {2021-03-11}, organization = {IBM}, url = {https://securityintelligence.com/dridex-campaign-propelled-by-cutwail-botnet-and-powershell/}, language = {English}, urldate = {2021-03-12} } Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts
Cutwail Dridex
2021-02-24IBMIBM SECURITY X-FORCE
@online{xforce:20210224:xforce:ac9a90e, author = {IBM SECURITY X-FORCE}, title = {{X-Force Threat Intelligence Index 2021}}, date = {2021-02-24}, organization = {IBM}, url = {https://ibm.ent.box.com/s/hs5pcayhbbhjvj8di5sqdpbbd88tsh89}, language = {English}, urldate = {2021-03-02} } X-Force Threat Intelligence Index 2021
Emotet QakBot Ramnit REvil TrickBot
2021-01-26IBMNir Shwarts
@online{shwarts:20210126:trickbots:a200e92, author = {Nir Shwarts}, title = {{TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?}}, date = {2021-01-26}, organization = {IBM}, url = {https://securityintelligence.com/posts/trickbot-survival-instinct-trickboot-version/}, language = {English}, urldate = {2021-01-27} } TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?
TrickBot
2020-12-18IBMGladys Koskas
@online{koskas:20201218:sunburst:c79fb22, author = {Gladys Koskas}, title = {{SUNBURST indicator detection in QRadar}}, date = {2020-12-18}, organization = {IBM}, url = {https://community.ibm.com/community/user/security/blogs/gladys-koskas1/2020/12/18/sunburst-indicator-detection-in-qradar}, language = {English}, urldate = {2021-01-10} } SUNBURST indicator detection in QRadar
SUNBURST
2020-12-16DragosSelena Larson, Camille Singleton, IBM SECURITY X-FORCE
@techreport{larson:20201216:assessing:9a5adb8, author = {Selena Larson and Camille Singleton and IBM SECURITY X-FORCE}, title = {{Assessing Ransomware and Extortion Activities Impacting Industrial Organizations: Ransomware in ICS Environments}}, date = {2020-12-16}, institution = {Dragos}, url = {https://f.hubspotusercontent10.net/hubfs/5943619/Whitepaper-Downloads/Ransomware_in_ICS_Environments_Whitepaper_10_12_20.pdf}, language = {English}, urldate = {2020-12-17} } Assessing Ransomware and Extortion Activities Impacting Industrial Organizations: Ransomware in ICS Environments
REvil
2020-12-03IBMClaire Zaboeva, Melissa Frydrych
@online{zaboeva:20201203:ibm:5c73bc2, author = {Claire Zaboeva and Melissa Frydrych}, title = {{IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain}}, date = {2020-12-03}, organization = {IBM}, url = {https://securityintelligence.com/posts/ibm-uncovers-global-phishing-covid-19-vaccine-cold-chain/}, language = {English}, urldate = {2020-12-08} } IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain