Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-28Lab52Jagaimo Kawaii
@online{kawaii:20220228:looking:9f8bf67, author = {Jagaimo Kawaii}, title = {{Looking for Penquins in the Wild}}, date = {2022-02-28}, organization = {Lab52}, url = {https://lab52.io/blog/looking-for-penquins-in-the-wild/}, language = {English}, urldate = {2022-03-02} } Looking for Penquins in the Wild
Penquin Turla
2022-01-12Lab52Jagaimo Kawaii
@online{kawaii:20220112:tokyox:809eda0, author = {Jagaimo Kawaii}, title = {{TokyoX: DLL side-loading an unknown artifact (Part 2)}}, date = {2022-01-12}, organization = {Lab52}, url = {https://lab52.io/blog/tokyox-dll-side-loading-an-unknown-artifact-part-2/}, language = {English}, urldate = {2022-01-18} } TokyoX: DLL side-loading an unknown artifact (Part 2)
TokyoX
2020-08-26Lab52Jagaimo Kawaii
@online{kawaii:20200826:twisted:b91cfb5, author = {Jagaimo Kawaii}, title = {{A twisted malware infection chain}}, date = {2020-08-26}, organization = {Lab52}, url = {https://lab52.io/blog/a-twisted-malware-infection-chain/}, language = {English}, urldate = {2020-08-31} } A twisted malware infection chain
Agent Tesla Loki Password Stealer (PWS)
2020-06-02Lab52Jagaimo Kawaii
@online{kawaii:20200602:mustang:2cf125a, author = {Jagaimo Kawaii}, title = {{Mustang Panda Recent Activity: Dll-Sideloading trojans with temporal C2 servers}}, date = {2020-06-02}, organization = {Lab52}, url = {https://lab52.io/blog/mustang-panda-recent-activity-dll-sideloading-trojans-with-temporal-c2-servers/}, language = {English}, urldate = {2020-06-03} } Mustang Panda Recent Activity: Dll-Sideloading trojans with temporal C2 servers
PlugX
2020-01-13Lab52Jagaimo Kawaii
@online{kawaii:20200113:apt27:4c2f818, author = {Jagaimo Kawaii}, title = {{APT27 ZxShell RootKit module updates}}, date = {2020-01-13}, organization = {Lab52}, url = {https://lab52.io/blog/apt27-rootkit-updates/}, language = {English}, urldate = {2020-01-13} } APT27 ZxShell RootKit module updates
ZXShell
2020-01-09Lab52Jagaimo Kawaii
@online{kawaii:20200109:ta428:2230af2, author = {Jagaimo Kawaii}, title = {{TA428 Group abusing recent conflict between Iran and USA}}, date = {2020-01-09}, organization = {Lab52}, url = {https://lab52.io/blog/icefog-apt-group-abusing-recent-conflict-between-iran-and-eeuu/}, language = {English}, urldate = {2021-02-06} } TA428 Group abusing recent conflict between Iran and USA
Poison Ivy
2019-10-22Lab52Jagaimo Kawaii
@online{kawaii:20191022:new:0d66066, author = {Jagaimo Kawaii}, title = {{New PatchWork Spearphishing Attack}}, date = {2019-10-22}, organization = {Lab52}, url = {https://lab52.io/blog/new-patchwork-campaign-against-pakistan/}, language = {English}, urldate = {2020-01-13} } New PatchWork Spearphishing Attack
BadNews