Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-14IntezerAvigayil Mechtinger
@online{mechtinger:20210714:targeted:ca00788, author = {Avigayil Mechtinger}, title = {{Targeted Phishing Attack against Ukrainian Government Expands to Georgia}}, date = {2021-07-14}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/targeted-phishing-attack-against-ukrainian-government-expands-to-georgia/}, language = {English}, urldate = {2021-07-20} } Targeted Phishing Attack against Ukrainian Government Expands to Georgia
Unidentified 083 (AutoIT Stealer)
2021-07-07IntezerRyan Robinson, Nicole Fishbein
@online{robinson:20210707:global:ffc5f8e, author = {Ryan Robinson and Nicole Fishbein}, title = {{Global Phishing Campaign Targets Energy Sector and its Suppliers}}, date = {2021-07-07}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/global-phishing-campaign-targets-energy-sector-and-its-suppliers/}, language = {English}, urldate = {2021-07-09} } Global Phishing Campaign Targets Energy Sector and its Suppliers
2021-06-23Twitter (@IntezerLabs)Intezer
@online{intezer:20210623:linux:310f62b, author = {Intezer}, title = {{Tweet on linux version of Derusbi}}, date = {2021-06-23}, organization = {Twitter (@IntezerLabs)}, url = {https://twitter.com/IntezerLabs/status/1407676522534735873?s=20}, language = {English}, urldate = {2021-07-26} } Tweet on linux version of Derusbi
Derusbi
2021-06-17IntezerRyan Robinson
@online{robinson:20210617:klingon:ed4d44f, author = {Ryan Robinson}, title = {{Klingon RAT Holding on for Dear Life}}, date = {2021-06-17}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/klingon-rat-holding-on-for-dear-life/}, language = {English}, urldate = {2021-06-21} } Klingon RAT Holding on for Dear Life
KlingonRAT
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:0cfa312, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/}, language = {English}, urldate = {2021-04-28} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:66ff4cf, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/}, language = {English}, urldate = {2021-04-20} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-06IntezerNicole Fishbein
@online{fishbein:20210406:rocke:bf33dc9, author = {Nicole Fishbein}, title = {{Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys}}, date = {2021-04-06}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-security/rocke-group-actively-targeting-the-cloud-wants-your-ssh-keys}, language = {English}, urldate = {2021-04-06} } Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
@online{mechtinger:20210310:new:1e588f7, author = {Avigayil Mechtinger and Joakim Kennedy}, title = {{New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor}}, date = {2021-03-10}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/}, language = {English}, urldate = {2021-03-11} } New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-02IntezerJoakim Kennedy
@online{kennedy:20210302:when:b33af31, author = {Joakim Kennedy}, title = {{When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?}}, date = {2021-03-02}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/when-viruses-mutate-did-suncrypt-ransomware-evolve-from-qnapcrypt}, language = {English}, urldate = {2021-03-04} } When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?
QNAPCrypt SunCrypt
2021-02-25IntezerIntezer
@techreport{intezer:20210225:year:eb47cd1, author = {Intezer}, title = {{Year of the Gopher A 2020 Go Malware Round-Up}}, date = {2021-02-25}, institution = {Intezer}, url = {https://www.intezer.com/wp-content/uploads/2021/02/Intezer-2020-Go-Malware-Round-Up.pdf}, language = {English}, urldate = {2021-06-30} } Year of the Gopher A 2020 Go Malware Round-Up
NiuB WellMail elf.wellmess ArdaMax AsyncRAT CyberGate DarkComet Glupteba Nanocore RAT Nefilim NjRAT Quasar RAT WellMess Zebrocy
2021-02-17IntezerAvigayil Mechtinger
@online{mechtinger:20210217:elf:8a511f1, author = {Avigayil Mechtinger}, title = {{ELF Malware Analysis 101: Part 3 - Advanced Analysis}}, date = {2021-02-17}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/elf-malware-analysis-101-part-3-advanced-analysis/}, language = {English}, urldate = {2021-02-18} } ELF Malware Analysis 101: Part 3 - Advanced Analysis
Rekoobe
2021-01-27IntezerPaul Litvak
@online{litvak:20210127:how:6561882, author = {Paul Litvak}, title = {{How We Hacked Azure Functions and Escaped Docker}}, date = {2021-01-27}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/how-we-hacked-azure-functions-and-escaped-docker/}, language = {English}, urldate = {2021-01-27} } How We Hacked Azure Functions and Escaped Docker
2021-01-13IntezerNicole Fishbein
@online{fishbein:20210113:rare:b2fe9e5, author = {Nicole Fishbein}, title = {{A Rare Look Inside a Cryptojacking Campaign and its Profit}}, date = {2021-01-13}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/a-rare-look-inside-a-cryptojacking-campaign-and-its-profit/}, language = {English}, urldate = {2021-01-18} } A Rare Look Inside a Cryptojacking Campaign and its Profit
2021-01-05IntezerAvigayil Mechtinger
@online{mechtinger:20210105:operation:f1c8f31, author = {Avigayil Mechtinger}, title = {{Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets}}, date = {2021-01-05}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/operation-electrorat-attacker-creates-fake-companies-to-drain-your-crypto-wallets/}, language = {English}, urldate = {2021-01-11} } Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets
ElectroRAT
2020-12-29IntezerAvigayil Mechtinger
@online{mechtinger:20201229:early:b25a2da, author = {Avigayil Mechtinger}, title = {{Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers}}, date = {2020-12-29}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/new-golang-worm-drops-xmrig-miner-on-servers/}, language = {English}, urldate = {2021-01-05} } Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers
2020-12-21IntezerIntezer
@online{intezer:20201221:top:9529707, author = {Intezer}, title = {{Top Linux Cloud Threats of 2020}}, date = {2020-12-21}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-security/top-linux-cloud-threats-of-2020/}, language = {English}, urldate = {2020-12-26} } Top Linux Cloud Threats of 2020
AgeLocker Anchor_DNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT
2020-12-14IntezerTwitter (IntezerLabs)
@online{intezerlabs:20201214:linux:85c179b, author = {Twitter (IntezerLabs)}, title = {{Tweet on linux variant of Prometei botnet}}, date = {2020-12-14}, organization = {Intezer}, url = {https://twitter.com/IntezerLabs/status/1338480158249013250}, language = {English}, urldate = {2020-12-15} } Tweet on linux variant of Prometei botnet
Prometei
2020-12-09IntezerJoakim Kennedy
@online{kennedy:20201209:zebra:1c73168, author = {Joakim Kennedy}, title = {{A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy}}, date = {2020-12-09}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/russian-apt-uses-covid-19-lures-to-deliver-zebrocy/}, language = {English}, urldate = {2020-12-10} } A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy
Zebrocy
2020-11-24IntezerAvigayil Mechtinger
@online{mechtinger:20201124:stantinkos:0b1bea9, author = {Avigayil Mechtinger}, title = {{Stantinko’s Proxy After Your Apache Server}}, date = {2020-11-24}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/stantinkos-proxy-after-your-apache-server/}, language = {English}, urldate = {2020-11-25} } Stantinko’s Proxy After Your Apache Server
Stantinko
2020-11-12Twitter (@IntezerLabs)Intezer
@online{intezer:20201112:agelocker:d63b5bc, author = {Intezer}, title = {{Tweet on Agelocker}}, date = {2020-11-12}, organization = {Twitter (@IntezerLabs)}, url = {https://twitter.com/IntezerLabs/status/1326880812344676352}, language = {English}, urldate = {2020-11-18} } Tweet on Agelocker
AgeLocker