Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-01FireEyeJames T. Bennett
@online{bennett:20201201:using:d19f4ce, author = {James T. Bennett}, title = {{Using Speakeasy Emulation Framework Programmatically to Unpack Malware}}, date = {2020-12-01}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/12/using-speakeasy-emulation-framework-programmatically-to-unpack-malware.html}, language = {English}, urldate = {2020-12-15} } Using Speakeasy Emulation Framework Programmatically to Unpack Malware
2019-04-25FireEyeJames T. Bennett, Michael Bailey
@online{bennett:20190425:carbanak:be237af, author = {James T. Bennett and Michael Bailey}, title = {{CARBANAK Week Part Four: The CARBANAK Desktop Video Player}}, date = {2019-04-25}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-four-desktop-video-player.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part Four: The CARBANAK Desktop Video Player
2019-04-24FireEyeJames T. Bennett, Michael Bailey
@online{bennett:20190424:carbanak:2376f75, author = {James T. Bennett and Michael Bailey}, title = {{CARBANAK Week Part Three: Behind the CARBANAK Backdoor}}, date = {2019-04-24}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-three-behind-the-backdoor.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part Three: Behind the CARBANAK Backdoor
Carbanak
2019-04-23FireEyeMichael Bailey, James T. Bennett
@online{bailey:20190423:carbanak:cbe986c, author = {Michael Bailey and James T. Bennett}, title = {{CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis}}, date = {2019-04-23}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-two-continuing-source-code-analysis.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
2019-04-22FireEyeMichael Bailey, James T. Bennett
@online{bailey:20190422:carbanak:c94c9f1, author = {Michael Bailey and James T. Bennett}, title = {{CARBANAK Week Part One: A Rare Occurrence}}, date = {2019-04-22}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-one-a-rare-occurrence.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part One: A Rare Occurrence
Carbanak
2017-09-12FireEyeBen Read, Genwei Jiang, James T. Bennett
@online{read:20170912:fireeye:60e2846, author = {Ben Read and Genwei Jiang and James T. Bennett}, title = {{FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY,FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY}}, date = {2017-09-12}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/09/zero-day-used-to-distribute-finspy.html}, language = {English}, urldate = {2019-12-20} } FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY,FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
FinFisher RAT BlackOasis
2017-06-12FireEyeBarry Vengerik, James T. Bennett
@online{vengerik:20170612:behind:14b4edc, author = {Barry Vengerik and James T. Bennett}, title = {{Behind the CARBANAK Backdoor}}, date = {2017-06-12}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/06/behind-the-carbanak-backdoor.html}, language = {English}, urldate = {2019-12-20} } Behind the CARBANAK Backdoor
Carbanak DRIFTPIN
2014-09-04FireEyeMike Scott, James T. Bennett
@online{scott:20140904:forced:c6ce09b, author = {Mike Scott and James T. Bennett}, title = {{Forced to Adapt: XSLCmd Backdoor Now on OS X}}, date = {2014-09-04}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html}, language = {English}, urldate = {2019-12-20} } Forced to Adapt: XSLCmd Backdoor Now on OS X
XSLCmd APT15
2014-02-19FireEyeNart Villeneuve, James T. Bennett
@online{villeneuve:20140219:xtremerat:53e1a83, author = {Nart Villeneuve and James T. Bennett}, title = {{XtremeRAT: Nuisance or Threat?}}, date = {2014-02-19}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/02/xtremerat-nuisance-or-threat.html}, language = {English}, urldate = {2019-12-20} } XtremeRAT: Nuisance or Threat?
Xtreme RAT
2013-12-12FireEye IncNart Villeneuve, James T. Bennett, Ned Moran, Thoufique Haq, Mike Scott, Kenneth Geers
@online{villeneuve:20131212:operation:70b2323, author = {Nart Villeneuve and James T. Bennett and Ned Moran and Thoufique Haq and Mike Scott and Kenneth Geers}, title = {{OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs}}, date = {2013-12-12}, organization = {FireEye Inc}, url = {https://www.mandiant.com/resources/operation-ke3chang-targeted-attacks-against-ministries-of-foreign-affairs}, language = {English}, urldate = {2023-01-25} } OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs
Tidepool APT15
2013-02-28FireEyeJames T. Bennett
@online{bennett:20130228:its:1534b7e, author = {James T. Bennett}, title = {{It's a Kind of Magic}}, date = {2013-02-28}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/02/its-a-kind-of-magic-1.html}, language = {English}, urldate = {2020-04-24} } It's a Kind of Magic
MiniDuke
2013-02-13FireEyeJames T. Bennett
@online{bennett:20130213:number:c947ab9, author = {James T. Bennett}, title = {{The Number of the Beast}}, date = {2013-02-13}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/02/the-number-of-the-beast.html}, language = {English}, urldate = {2020-04-24} } The Number of the Beast
ItaDuke
2012-10-23Trend MicroNart Villeneuve, James T. Bennett
@techreport{villeneuve:20121023:detecting:6358dd0, author = {Nart Villeneuve and James T. Bennett}, title = {{Detecting APT Activity with Network Traffic Analysis}}, date = {2012-10-23}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/wp/wp-detecting-apt-activity-with-network-traffic-analysis.pdf}, language = {English}, urldate = {2022-03-07} } Detecting APT Activity with Network Traffic Analysis
Enfal Gh0stnet Nitro sykipot taidoor