Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08ANALYST1Jon DiMaggio
@online{dimaggio:202308:ransomware:43d8fc7, author = {Jon DiMaggio}, title = {{Ransomware Diaries: Volume 3 – LockBit’s Secrets}}, date = {2023-08}, organization = {ANALYST1}, url = {https://analyst1.com/ransomware-diaries-volume-3-lockbits-secrets/}, language = {English}, urldate = {2023-10-30} } Ransomware Diaries: Volume 3 – LockBit’s Secrets
LockBit
2023-04-15ANALYST1Jon DiMaggio
@techreport{dimaggio:20230415:ransomware:e61a4cd, author = {Jon DiMaggio}, title = {{Ransomware Diaries: Volume 2 – A Ransomware Hacker Origin Story}}, date = {2023-04-15}, institution = {ANALYST1}, url = {https://analyst1.com/wp-content/uploads/2023/04/Ransomware-diaries-vol2-v2.pdf}, language = {English}, urldate = {2023-10-30} } Ransomware Diaries: Volume 2 – A Ransomware Hacker Origin Story
2023-01-16ANALYST1Jon DiMaggio
@online{dimaggio:20230116:unlocking:adf4dd9, author = {Jon DiMaggio}, title = {{Unlocking Lockbit: A Ransomware Story}}, date = {2023-01-16}, organization = {ANALYST1}, url = {https://analyst1.com/ransomware-diaries-volume-1/}, language = {English}, urldate = {2023-01-26} } Unlocking Lockbit: A Ransomware Story
LockBit LockBit
2022-04-07ANALYST1Jon DiMaggio
@online{dimaggio:20220407:north:ab16006, author = {Jon DiMaggio}, title = {{North Korea: Intelligence Assessment 2022}}, date = {2022-04-07}, organization = {ANALYST1}, url = {https://analyst1.com/digital-report/north-korea-2022-intelligence-assessment}, language = {English}, urldate = {2022-04-15} } North Korea: Intelligence Assessment 2022
2022-01-27ANALYST1Jon DiMaggio
@techreport{dimaggio:20220127:history:921d98f, author = {Jon DiMaggio}, title = {{A History of Revil}}, date = {2022-01-27}, institution = {ANALYST1}, url = {https://analyst1.com/file-assets/History-of-REvil.pdf}, language = {English}, urldate = {2022-02-01} } A History of Revil
REvil REvil
2021-08-11ANALYST1Jon DiMaggio
@techreport{dimaggio:20210811:nation:815fed9, author = {Jon DiMaggio}, title = {{Nation State Ransomware}}, date = {2021-08-11}, institution = {ANALYST1}, url = {https://analyst1.com/file-assets/Nationstate_ransomware_with_consecutive_endnotes.pdf}, language = {English}, urldate = {2021-08-17} } Nation State Ransomware
Ryuk Stealer
2021-04-07ANALYST1Jon DiMaggio
@online{dimaggio:20210407:ransom:a109d6f, author = {Jon DiMaggio}, title = {{Ransom Mafia - Analysis of the World's First Ransomware Cartel}}, date = {2021-04-07}, organization = {ANALYST1}, url = {https://analyst1.com/blog/ransom-mafia-analysis-of-the-worlds-first-ransomware-cartel}, language = {English}, urldate = {2021-06-01} } Ransom Mafia - Analysis of the World's First Ransomware Cartel
Conti Egregor LockBit Maze RagnarLocker SunCrypt VIKING SPIDER
2021-04-07ANALYST1Jon DiMaggio
@techreport{dimaggio:20210407:ransom:a543eac, author = {Jon DiMaggio}, title = {{Ransom Mafia Analysis of the World's First Ransomware Cartel}}, date = {2021-04-07}, institution = {ANALYST1}, url = {https://analyst1.com/file-assets/RANSOM-MAFIA-ANALYSIS-OF-THE-WORLD%E2%80%99S-FIRST-RANSOMWARE-CARTEL.pdf}, language = {English}, urldate = {2021-04-09} } Ransom Mafia Analysis of the World's First Ransomware Cartel
Conti Egregor LockBit Maze RagnarLocker Ryuk SunCrypt TA2101 VIKING SPIDER
2017-05-31SymantecJon DiMaggio
@online{dimaggio:20170531:operation:1d2f585, author = {Jon DiMaggio}, title = {{Operation Bachosens: A detailed look into a long-running cyber crime campaign}}, date = {2017-05-31}, organization = {Symantec}, url = {https://medium.com/threat-intel/cybercrime-investigation-insights-bachosens-e1d6312f6b3a}, language = {English}, urldate = {2023-03-16} } Operation Bachosens: A detailed look into a long-running cyber crime campaign
Bachosens
2016-05-17SymantecJon DiMaggio
@online{dimaggio:20160517:indian:baa172f, author = {Jon DiMaggio}, title = {{Indian organizations targeted in Suckfly attacks}}, date = {2016-05-17}, organization = {Symantec}, url = {http://www.symantec.com/connect/blogs/indian-organizations-targeted-suckfly-attacks}, language = {English}, urldate = {2019-10-23} } Indian organizations targeted in Suckfly attacks
2016-05-17SymantecJon DiMaggio
@online{dimaggio:20160517:indian:98dff05, author = {Jon DiMaggio}, title = {{Indian organizations targeted in Suckfly attacks}}, date = {2016-05-17}, organization = {Symantec}, url = {https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7a60af1f-7786-446c-976b-7c71a16e9d3b&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments}, language = {English}, urldate = {2020-04-21} } Indian organizations targeted in Suckfly attacks
APT22
2016-04-28SymantecJon DiMaggio
@online{dimaggio:20160428:tick:9fec91a, author = {Jon DiMaggio}, title = {{Tick cyberespionage group zeros in on Japan}}, date = {2016-04-28}, organization = {Symantec}, url = {https://www.symantec.com/connect/blogs/tick-cyberespionage-group-zeros-japan}, language = {English}, urldate = {2020-01-10} } Tick cyberespionage group zeros in on Japan
Tick
2016-03-29SymantecJon DiMaggio
@online{dimaggio:20160329:taiwan:4b83179, author = {Jon DiMaggio}, title = {{Taiwan targeted with new cyberespionage back door Trojan}}, date = {2016-03-29}, organization = {Symantec}, url = {https://www.symantec.com/connect/blogs/taiwan-targeted-new-cyberespionage-back-door-trojan}, language = {English}, urldate = {2019-12-18} } Taiwan targeted with new cyberespionage back door Trojan
Dripion Budminer
2016-03-29SymantecJon DiMaggio
@online{dimaggio:20160329:taiwan:de4b254, author = {Jon DiMaggio}, title = {{Taiwan targeted with new cyberespionage back doorTrojan}}, date = {2016-03-29}, organization = {Symantec}, url = {https://app.box.com/s/xqh458fe1url7mgl072hhd0yxqw3x0jm}, language = {English}, urldate = {2020-01-20} } Taiwan targeted with new cyberespionage back doorTrojan
Budminer
2016-03-15SymantecJon DiMaggio
@online{dimaggio:20160315:suckfly:a1c8359, author = {Jon DiMaggio}, title = {{Suckfly: Revealing the secret life of your code signing certificates}}, date = {2016-03-15}, organization = {Symantec}, url = {https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=62e325ae-f551-4855-b9cf-28a7d52d1534&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments}, language = {English}, urldate = {2020-04-21} } Suckfly: Revealing the secret life of your code signing certificates
APT22
2016-03-15SymantecJon DiMaggio
@online{dimaggio:20160315:suckfly:0b3835e, author = {Jon DiMaggio}, title = {{Suckfly: Revealing the secret life of your code signing certificates}}, date = {2016-03-15}, organization = {Symantec}, url = {http://www.symantec.com/connect/blogs/suckfly-revealing-secret-life-your-code-signing-certificates}, language = {English}, urldate = {2020-01-05} } Suckfly: Revealing the secret life of your code signing certificates
2015-08-06SymantecJon DiMaggio
@online{dimaggio:20150806:black:b0fbb35, author = {Jon DiMaggio}, title = {{The Black Vine cyberespionage group}}, date = {2015-08-06}, organization = {Symantec}, url = {https://docs.broadcom.com/doc/the-black-vine-cyberespionage-group}, language = {English}, urldate = {2022-04-25} } The Black Vine cyberespionage group
Sakula RAT APT19
2015-08-06SymantecJon DiMaggio
@techreport{dimaggio:20150806:black:af5cf27, author = {Jon DiMaggio}, title = {{The Black Vine cyberespionage group}}, date = {2015-08-06}, institution = {Symantec}, url = {https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-black-vine-cyberespionage-group.pdf}, language = {English}, urldate = {2020-01-10} } The Black Vine cyberespionage group