Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-08IntezerNicole Fishbein
@online{fishbein:20200908:attackers:46e4aab, author = {Nicole Fishbein}, title = {{Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks}}, date = {2020-09-08}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-workload-protection/attackers-abusing-legitimate-cloud-monitoring-tools-to-conduct-cyber-attacks/}, language = {English}, urldate = {2020-09-15} } Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks
2020-09-03IntezerPaul Litvak
@online{litvak:20200903:turning:e83e450, author = {Paul Litvak}, title = {{Turning Open Source Against Malware}}, date = {2020-09-03}, organization = {Intezer}, url = {https://www.intezer.com/blog/threat-hunting/turning-open-source-against-malware/}, language = {English}, urldate = {2020-09-06} } Turning Open Source Against Malware
2020-08-19IntezerAvigayil Mechtinger
@online{mechtinger:20200819:elf:b19773d, author = {Avigayil Mechtinger}, title = {{ELF Malware Analysis 101 Part 2: Initial Analysis}}, date = {2020-08-19}, organization = {Intezer}, url = {https://www.intezer.com/blog/linux/elf-malware-analysis-101-initial-analysis}, language = {English}, urldate = {2020-08-24} } ELF Malware Analysis 101 Part 2: Initial Analysis
2020-08-06Twitter (@IntezerLabs)Intezer
@online{intezer:20200806:gosh:f982c3c, author = {Intezer}, title = {{Tweet on GOSH}}, date = {2020-08-06}, organization = {Twitter (@IntezerLabs)}, url = {https://twitter.com/IntezerLabs/status/1291355808811409408}, language = {English}, urldate = {2020-08-18} } Tweet on GOSH
GOSH
2020-07-28IntezerNicole Fishbein, Michael Kajiloti
@online{fishbein:20200728:watch:cf3e499, author = {Nicole Fishbein and Michael Kajiloti}, title = {{Watch Your Containers: Doki Infecting Docker Servers in the Cloud}}, date = {2020-07-28}, organization = {Intezer}, url = {https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/}, language = {English}, urldate = {2020-07-30} } Watch Your Containers: Doki Infecting Docker Servers in the Cloud
Doki
2020-06-16IntezerAviygayil Mechtinger
@online{mechtinger:20200616:elf:7057d58, author = {Aviygayil Mechtinger}, title = {{ELF Malware Analysis 101: Linux Threats No Longer an Afterthought}}, date = {2020-06-16}, organization = {Intezer}, url = {https://intezer.com/blog/linux/elf-malware-analysis-101-linux-threats-no-longer-an-afterthought}, language = {English}, urldate = {2020-06-16} } ELF Malware Analysis 101: Linux Threats No Longer an Afterthought
Cloud Snooper Dacls EvilGnome HiddenWasp MESSAGETAP NOTROBIN QNAPCrypt Winnti
2020-05-21IntezerPaul Litvak
@online{litvak:20200521:evolution:a14bf60, author = {Paul Litvak}, title = {{The Evolution of APT15’s Codebase 2020}}, date = {2020-05-21}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/the-evolution-of-apt15s-codebase-2020/}, language = {English}, urldate = {2020-05-23} } The Evolution of APT15’s Codebase 2020
Ketrican Ketrum Okrum
2020-05-11IntezerTwitter (IntezerLabs)
@online{intezerlabs:20200511:ldpreload:b3e622b, author = {Twitter (IntezerLabs)}, title = {{Tweet on LD-PRELOAD userland rootkit}}, date = {2020-05-11}, organization = {Intezer}, url = {https://twitter.com/IntezerLabs/status/1259818964848386048}, language = {English}, urldate = {2020-05-18} } Tweet on LD-PRELOAD userland rootkit
Kinsing
2020-05-04IntezerPaul Litvak
@online{litvak:20200504:kaiji:6b90937, author = {Paul Litvak}, title = {{Kaiji: New Chinese Linux malware turning to Golang}}, date = {2020-05-04}, organization = {Intezer}, url = {https://intezer.com/blog/research/kaiji-new-chinese-linux-malware-turning-to-golang/}, language = {English}, urldate = {2020-05-06} } Kaiji: New Chinese Linux malware turning to Golang
Kaiji
2020-03-30IntezerMichael Kajiloti
@online{kajiloti:20200330:fantastic:c01db60, author = {Michael Kajiloti}, title = {{Fantastic payloads and where we find them}}, date = {2020-03-30}, organization = {Intezer}, url = {https://intezer.com/blog/intezer-analyze/fantastic-payloads-and-where-we-find-them}, language = {English}, urldate = {2020-04-07} } Fantastic payloads and where we find them
Dridex Emotet ISFB TrickBot
2020-01-30IntezerPaul Litvak, Michael Kajiloti
@online{litvak:20200130:new:e013fd0, author = {Paul Litvak and Michael Kajiloti}, title = {{New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset}}, date = {2020-01-30}, organization = {Intezer}, url = {https://intezer.com/blog-new-iranian-campaign-tailored-to-us-companies-uses-updated-toolset/}, language = {English}, urldate = {2020-02-03} } New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset
TONEDEAF VALUEVAULT
2020-01-20IntezerIgnacio Sanmillan
@online{sanmillan:20200120:linux:2b0cfbb, author = {Ignacio Sanmillan}, title = {{Linux Rekoobe Operating with New, Undetected Malware Samples}}, date = {2020-01-20}, organization = {Intezer}, url = {https://intezer.com/blog-linux-rekoobe-operating-with-new-undetected-malware-samples/}, language = {English}, urldate = {2020-01-22} } Linux Rekoobe Operating with New, Undetected Malware Samples
Rekoobe
2019-11-12IntezerMichael Kajiloti
@online{kajiloti:20191112:purelocker:9d8244d, author = {Michael Kajiloti}, title = {{PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers}}, date = {2019-11-12}, organization = {Intezer}, url = {https://www.intezer.com/blog-purelocker-ransomware-being-used-in-targeted-attacks-against-servers/}, language = {English}, urldate = {2020-01-13} } PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers
PureLocker
2019-09-20IntezerIntezer
@online{intezer:20190920:russian:27d9f67, author = {Intezer}, title = {{Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns}}, date = {2019-09-20}, organization = {Intezer}, url = {https://www.intezer.com/blog-russian-cybercrime-group-fullofdeep-behind-qnapcrypt-ransomware-campaigns/}, language = {English}, urldate = {2020-01-08} } Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns
QNAPCrypt
2019-07-24IntezerPaul Litvak, Ignacio Sanmillan
@online{litvak:20190724:watching:abc3541, author = {Paul Litvak and Ignacio Sanmillan}, title = {{Watching the WatchBog: New BlueKeep Scanner and Linux Exploits}}, date = {2019-07-24}, organization = {Intezer}, url = {https://intezer.com/blog/linux/watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/}, language = {English}, urldate = {2020-05-18} } Watching the WatchBog: New BlueKeep Scanner and Linux Exploits
WatchBog
2019-07-17IntezerPaul Litvak
@online{litvak:20190717:evilgnome:0874eda, author = {Paul Litvak}, title = {{EvilGnome: Rare Malware Spying on Linux Desktop Users}}, date = {2019-07-17}, organization = {Intezer}, url = {https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/}, language = {English}, urldate = {2020-01-10} } EvilGnome: Rare Malware Spying on Linux Desktop Users
EvilGnome
2019-07-10IntezerIgnacio Sanmillan
@online{sanmillan:20190710:how:e52e04c, author = {Ignacio Sanmillan}, title = {{How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers}}, date = {2019-07-10}, organization = {Intezer}, url = {https://www.intezer.com/blog-seizing-15-active-ransomware-campaigns-targeting-linux-file-storage-servers/}, language = {English}, urldate = {2020-01-13} } How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers
QNAPCrypt
2019-05-29IntezerIgnacio Sanmillan
@online{sanmillan:20190529:hiddenwasp:6ebd455, author = {Ignacio Sanmillan}, title = {{HiddenWasp Malware Stings Targeted Linux Systems}}, date = {2019-05-29}, organization = {Intezer}, url = {https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/}, language = {English}, urldate = {2019-11-22} } HiddenWasp Malware Stings Targeted Linux Systems
HiddenWasp
2019-05-09IntezerIgnacio Sanmillan
@online{sanmillan:20190509:technical:7bdfc33, author = {Ignacio Sanmillan}, title = {{Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud}}, date = {2019-05-09}, organization = {Intezer}, url = {https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/}, language = {English}, urldate = {2020-01-13} } Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud
GreedyAntd Pacha Group Rocke
2019-02-28IntezerIgnacio Sanmillan
@online{sanmillan:20190228:technical:ebec2b6, author = {Ignacio Sanmillan}, title = {{Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers}}, date = {2019-02-28}, organization = {Intezer}, url = {https://www.intezer.com/blog-technical-analysis-pacha-group/}, language = {English}, urldate = {2019-11-28} } Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers
Pacha Group