Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-28JPCERT/CCYuma Masubuchi, Kota Kino
@online{masubuchi:20230828:maldoc:6a38ecd, author = {Yuma Masubuchi and Kota Kino}, title = {{MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file –}}, date = {2023-08-28}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html}, language = {English}, urldate = {2023-08-28} } MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file –
2023-07-12JPCERT/CCYuma Masubuchi
@online{masubuchi:20230712:dangerouspassword:76fadc7, author = {Yuma Masubuchi}, title = {{DangerousPassword attacks targeting developers' Windows, macOS, and Linux environments}}, date = {2023-07-12}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2023/07/dangerouspassword_dev.html}, language = {Japanese}, urldate = {2023-07-16} } DangerousPassword attacks targeting developers' Windows, macOS, and Linux environments
2023-05-29JPCERT/CCYuma Masabuchi
@online{masabuchi:20230529:gobrat:551d8d2, author = {Yuma Masabuchi}, title = {{GobRAT malware written in Go language targeting Linux routers}}, date = {2023-05-29}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2023/05/gobrat.html}, language = {English}, urldate = {2023-05-30} } GobRAT malware written in Go language targeting Linux routers
GobRAT
2023-05-01JPCERT/CCShusei Tomonaga
@online{tomonaga:20230501:attack:5c3693e, author = {Shusei Tomonaga}, title = {{Attack trends related to the attack campaign DangerousPassword}}, date = {2023-05-01}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2023/05/dangerouspassword.html}, language = {English}, urldate = {2023-07-11} } Attack trends related to the attack campaign DangerousPassword
RustBucket CageyChameleon Cur1Downloader SnatchCrypto
2022-09-15JPCERT/CCShusei Tomonaga
@online{tomonaga:20220915:f5:717ee99, author = {Shusei Tomonaga}, title = {{F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech}}, date = {2022-09-15}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2022/09/bigip-exploit.html}, language = {English}, urldate = {2022-09-19} } F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech
Hipid
2022-07-07JPCERT/CCShusei Tomonaga
@online{tomonaga:20220707:yamabot:bed4014, author = {Shusei Tomonaga}, title = {{YamaBot Malware Used by Lazarus}}, date = {2022-07-07}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2022/07/yamabot.html}, language = {English}, urldate = {2022-09-12} } YamaBot Malware Used by Lazarus
YamaBot
2022-07-05JPCERT/CCShusei Tomonaga
@online{tomonaga:20220705:vsingle:85138e2, author = {Shusei Tomonaga}, title = {{VSingle malware that obtains C2 server information from GitHub}}, date = {2022-07-05}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2022/07/vsingle.html}, language = {English}, urldate = {2022-07-05} } VSingle malware that obtains C2 server information from GitHub
VSingle
2022-05-16JPCERT/CCShusei Tomonaga
@online{tomonaga:20220516:analysis:b1c8089, author = {Shusei Tomonaga}, title = {{Analysis of HUI Loader}}, date = {2022-05-16}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2022/05/HUILoader.html}, language = {English}, urldate = {2022-05-17} } Analysis of HUI Loader
HUI Loader PlugX Poison Ivy Quasar RAT
2022-03-15JPCERT/CCShusei Tomonaga
@online{tomonaga:20220315:antiupx:f8c6f2f, author = {Shusei Tomonaga}, title = {{Anti-UPX Unpacking Technique}}, date = {2022-03-15}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2022/03/anti_upx_unpack.html}, language = {English}, urldate = {2022-03-28} } Anti-UPX Unpacking Technique
Mirai
2021-10-26JPCERT/CCYuma Masubuchi
@online{masubuchi:20211026:malware:44bce23, author = {Yuma Masubuchi}, title = {{Malware WinDealer used by LuoYu Attack Group}}, date = {2021-10-26}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/10/windealer.html}, language = {English}, urldate = {2021-11-03} } Malware WinDealer used by LuoYu Attack Group
WinDealer Red Nue
2021-10-04JPCERT/CCShusei Tomonaga
@online{tomonaga:20211004:malware:5ba808a, author = {Shusei Tomonaga}, title = {{Malware Gh0stTimes Used by BlackTech}}, date = {2021-10-04}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/10/gh0sttimes.html}, language = {English}, urldate = {2021-10-11} } Malware Gh0stTimes Used by BlackTech
Gh0stTimes Ghost RAT
2021-07-12JPCERT/CCYuma Masubuchi, Shusei Tomonaga
@online{masubuchi:20210712:attack:a8f8d3b, author = {Yuma Masubuchi and Shusei Tomonaga}, title = {{Attack Exploiting XSS Vulnerability in E-commerce Websites}}, date = {2021-07-12}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/07/water_pamola.html}, language = {English}, urldate = {2021-07-20} } Attack Exploiting XSS Vulnerability in E-commerce Websites
Unidentified JS 005 (Stealer)
2021-06-04JPCERT/CCKota Kino
@online{kino:20210604:php:9178d39, author = {Kota Kino}, title = {{PHP Malware Used in Lucky Visitor Scam}}, date = {2021-06-04}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/06/php_malware.html}, language = {English}, urldate = {2021-06-16} } PHP Malware Used in Lucky Visitor Scam
2021-05-27JPCERT/CCYuma Masubuchi
@online{masubuchi:20210527:attacks:4327680, author = {Yuma Masubuchi}, title = {{Attacks Embedding XMRig on Compromised Servers}}, date = {2021-05-27}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/05/xmrig.html}, language = {English}, urldate = {2021-06-16} } Attacks Embedding XMRig on Compromised Servers
2021-03-22JPCERT/CCShusei Tomonaga
@online{tomonaga:20210322:lazarus:0adc271, author = {Shusei Tomonaga}, title = {{Lazarus Attack Activities Targeting Japan (VSingle/ValeforBeta)}}, date = {2021-03-22}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/03/Lazarus_malware3.html}, language = {English}, urldate = {2021-03-25} } Lazarus Attack Activities Targeting Japan (VSingle/ValeforBeta)
VSingle
2021-02-25JPCERT/CCKen Sajo
@online{sajo:20210225:emotet:f78fb4e, author = {Ken Sajo}, title = {{Emotet Disruption and Outreach to Affected Users}}, date = {2021-02-25}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/02/emotet-notice.html}, language = {English}, urldate = {2021-02-25} } Emotet Disruption and Outreach to Affected Users
Emotet
2021-02-18JPCERT/CCKota Kino
@online{kino:20210218:further:c4352ca, author = {Kota Kino}, title = {{Further Updates in LODEINFO Malware}}, date = {2021-02-18}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/02/LODEINFO-3.html}, language = {English}, urldate = {2021-02-18} } Further Updates in LODEINFO Malware
LODEINFO
2021-01-26JPCERT/CCShusei Tomonaga
@online{tomonaga:20210126:operation:bc16746, author = {Shusei Tomonaga}, title = {{Operation Dream Job by Lazarus}}, date = {2021-01-26}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/01/Lazarus_malware2.html}, language = {English}, urldate = {2021-01-27} } Operation Dream Job by Lazarus
LCPDot Torisma Lazarus Group
2021-01-20JPCERT/CCShusei Tomonaga
@online{tomonaga:20210120:commonly:e5a0269, author = {Shusei Tomonaga}, title = {{Commonly Known Tools Used by Lazarus}}, date = {2021-01-20}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2021/01/Lazarus_tools.html}, language = {English}, urldate = {2021-01-21} } Commonly Known Tools Used by Lazarus
Lazarus Group
2021-01-19Twitter (@jpcert_ac)JPCERT/CC
@online{jpcertcc:20210119:lodeinfo:3f1354c, author = {JPCERT/CC}, title = {{Tweet on LODEINFO ver 0.47 spotted ITW targeting Japan}}, date = {2021-01-19}, organization = {Twitter (@jpcert_ac)}, url = {https://twitter.com/jpcert_ac/status/1351355443730255872}, language = {Japanese}, urldate = {2021-01-21} } Tweet on LODEINFO ver 0.47 spotted ITW targeting Japan
LODEINFO