Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:0cfa312, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers}, language = {English}, urldate = {2021-04-21} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:66ff4cf, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/}, language = {English}, urldate = {2021-04-20} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-06IntezerNicole Fishbein
@online{fishbein:20210406:rocke:bf33dc9, author = {Nicole Fishbein}, title = {{Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys}}, date = {2021-04-06}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-security/rocke-group-actively-targeting-the-cloud-wants-your-ssh-keys}, language = {English}, urldate = {2021-04-06} } Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
@online{mechtinger:20210310:new:1e588f7, author = {Avigayil Mechtinger and Joakim Kennedy}, title = {{New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor}}, date = {2021-03-10}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/}, language = {English}, urldate = {2021-03-11} } New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-02IntezerJoakim Kennedy
@online{kennedy:20210302:when:b33af31, author = {Joakim Kennedy}, title = {{When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?}}, date = {2021-03-02}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/when-viruses-mutate-did-suncrypt-ransomware-evolve-from-qnapcrypt}, language = {English}, urldate = {2021-03-04} } When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?
QNAPCrypt SunCrypt
2021-02-25IntezerIntezer
@techreport{intezer:20210225:year:eb47cd1, author = {Intezer}, title = {{Year of the Gopher A 2020 Go Malware Round-Up}}, date = {2021-02-25}, institution = {Intezer}, url = {https://www.intezer.com/wp-content/uploads/2021/02/Intezer-2020-Go-Malware-Round-Up.pdf}, language = {English}, urldate = {2021-02-25} } Year of the Gopher A 2020 Go Malware Round-Up
WellMail elf.wellmess ArdaMax AsyncRAT CyberGate DarkComet Glupteba Nanocore RAT Nefilim Ransomware NjRAT Quasar RAT WellMess Zebrocy
2021-02-17IntezerAvigayil Mechtinger
@online{mechtinger:20210217:elf:8a511f1, author = {Avigayil Mechtinger}, title = {{ELF Malware Analysis 101: Part 3 - Advanced Analysis}}, date = {2021-02-17}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/elf-malware-analysis-101-part-3-advanced-analysis/}, language = {English}, urldate = {2021-02-18} } ELF Malware Analysis 101: Part 3 - Advanced Analysis
Rekoobe
2021-01-27IntezerPaul Litvak
@online{litvak:20210127:how:6561882, author = {Paul Litvak}, title = {{How We Hacked Azure Functions and Escaped Docker}}, date = {2021-01-27}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/how-we-hacked-azure-functions-and-escaped-docker/}, language = {English}, urldate = {2021-01-27} } How We Hacked Azure Functions and Escaped Docker
2021-01-13IntezerNicole Fishbein
@online{fishbein:20210113:rare:b2fe9e5, author = {Nicole Fishbein}, title = {{A Rare Look Inside a Cryptojacking Campaign and its Profit}}, date = {2021-01-13}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/a-rare-look-inside-a-cryptojacking-campaign-and-its-profit/}, language = {English}, urldate = {2021-01-18} } A Rare Look Inside a Cryptojacking Campaign and its Profit
2021-01-05IntezerAvigayil Mechtinger
@online{mechtinger:20210105:operation:f1c8f31, author = {Avigayil Mechtinger}, title = {{Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets}}, date = {2021-01-05}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/operation-electrorat-attacker-creates-fake-companies-to-drain-your-crypto-wallets/}, language = {English}, urldate = {2021-01-11} } Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets
ElectroRAT
2020-12-29IntezerAvigayil Mechtinger
@online{mechtinger:20201229:early:b25a2da, author = {Avigayil Mechtinger}, title = {{Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers}}, date = {2020-12-29}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/new-golang-worm-drops-xmrig-miner-on-servers/}, language = {English}, urldate = {2021-01-05} } Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers
2020-12-21IntezerIntezer
@online{intezer:20201221:top:9529707, author = {Intezer}, title = {{Top Linux Cloud Threats of 2020}}, date = {2020-12-21}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-security/top-linux-cloud-threats-of-2020/}, language = {English}, urldate = {2020-12-26} } Top Linux Cloud Threats of 2020
AgeLocker Anchor_DNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT
2020-12-14IntezerTwitter (IntezerLabs)
@online{intezerlabs:20201214:linux:85c179b, author = {Twitter (IntezerLabs)}, title = {{Tweet on linux variant of Prometei botnet}}, date = {2020-12-14}, organization = {Intezer}, url = {https://twitter.com/IntezerLabs/status/1338480158249013250}, language = {English}, urldate = {2020-12-15} } Tweet on linux variant of Prometei botnet
Prometei
2020-12-09IntezerJoakim Kennedy
@online{kennedy:20201209:zebra:1c73168, author = {Joakim Kennedy}, title = {{A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy}}, date = {2020-12-09}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/russian-apt-uses-covid-19-lures-to-deliver-zebrocy/}, language = {English}, urldate = {2020-12-10} } A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy
Zebrocy
2020-11-24IntezerAvigayil Mechtinger
@online{mechtinger:20201124:stantinkos:0b1bea9, author = {Avigayil Mechtinger}, title = {{Stantinko’s Proxy After Your Apache Server}}, date = {2020-11-24}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/stantinkos-proxy-after-your-apache-server/}, language = {English}, urldate = {2020-11-25} } Stantinko’s Proxy After Your Apache Server
Stantinko
2020-11-12Twitter (@IntezerLabs)Intezer
@online{intezer:20201112:agelocker:d63b5bc, author = {Intezer}, title = {{Tweet on Agelocker}}, date = {2020-11-12}, organization = {Twitter (@IntezerLabs)}, url = {https://twitter.com/IntezerLabs/status/1326880812344676352}, language = {English}, urldate = {2020-11-18} } Tweet on Agelocker
AgeLocker
2020-11-05IntezerTwitter (IntezerLabs)
@online{intezerlabs:20201105:ngioweb:e145908, author = {Twitter (IntezerLabs)}, title = {{Tweet on Ngioweb botnet}}, date = {2020-11-05}, organization = {Intezer}, url = {https://twitter.com/IntezerLabs/status/1324346324683206657}, language = {English}, urldate = {2020-11-06} } Tweet on Ngioweb botnet
Ngioweb
2020-10-01IntezerNicole Fishbein, Avigayil Mechtinger
@online{fishbein:20201001:storm:5dbbfae, author = {Nicole Fishbein and Avigayil Mechtinger}, title = {{A Storm is Brewing: IPStorm Now Has Linux Malware}}, date = {2020-10-01}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/a-storm-is-brewing-ipstorm-now-has-linux-malware/}, language = {English}, urldate = {2020-10-05} } A Storm is Brewing: IPStorm Now Has Linux Malware
IPStorm
2020-09-08IntezerNicole Fishbein
@online{fishbein:20200908:attackers:46e4aab, author = {Nicole Fishbein}, title = {{Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks}}, date = {2020-09-08}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-workload-protection/attackers-abusing-legitimate-cloud-monitoring-tools-to-conduct-cyber-attacks/}, language = {English}, urldate = {2020-09-15} } Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks
2020-09-03IntezerPaul Litvak
@online{litvak:20200903:turning:e83e450, author = {Paul Litvak}, title = {{Turning Open Source Against Malware}}, date = {2020-09-03}, organization = {Intezer}, url = {https://www.intezer.com/blog/threat-hunting/turning-open-source-against-malware/}, language = {English}, urldate = {2020-09-06} } Turning Open Source Against Malware