Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-07Team CymruJosh Hopkins
@online{hopkins:20220407:moqhao:459286e, author = {Josh Hopkins}, title = {{MoqHao Part 2: Continued European Expansion}}, date = {2022-04-07}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2022/04/07/moqhao-part-2-continued-european-expansion/}, language = {English}, urldate = {2022-04-12} } MoqHao Part 2: Continued European Expansion
MoqHao
2022-03-23Team CymruJosh Hopkins, Brian Eckman, Andy Kraus, Paul Welte
@online{hopkins:20220323:raccoon:8af8713, author = {Josh Hopkins and Brian Eckman and Andy Kraus and Paul Welte}, title = {{Raccoon Stealer – An Insight into Victim “Gates”}}, date = {2022-03-23}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2022/03/23/raccoon-stealer-an-insight-into-victim-gates/}, language = {English}, urldate = {2022-03-25} } Raccoon Stealer – An Insight into Victim “Gates”
Raccoon
2022-01-26Team CymruJosh Hopkins
@online{hopkins:20220126:analysis:4513e29, author = {Josh Hopkins}, title = {{Analysis of a Management IP Address linked to Molerats APT}}, date = {2022-01-26}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2022/01/26/analysis-of-a-management-ip-address-linked-to-molerats-apt/}, language = {English}, urldate = {2022-02-02} } Analysis of a Management IP Address linked to Molerats APT
2021-08-11Team CymruJosh Hopkins
@online{hopkins:20210811:moqhao:91b7e4c, author = {Josh Hopkins}, title = {{MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan}}, date = {2021-08-11}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/08/11/moqhao-part-1-5-high-level-trends-of-recent-campaigns-targeting-japan/}, language = {English}, urldate = {2022-03-28} } MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan
MoqHao
2021-05-19Team CymruJosh Hopkins, Andy Kraus, Nick Byers
@online{hopkins:20210519:tracking:45749be, author = {Josh Hopkins and Andy Kraus and Nick Byers}, title = {{Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network}}, date = {2021-05-19}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/05/19/tracking-bokbot-infrastructure/}, language = {English}, urldate = {2021-05-26} } Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID
2021-03-15Team CymruJosh Hopkins
@online{hopkins:20210315:fin8:838cdc2, author = {Josh Hopkins}, title = {{FIN8: BADHATCH Threat Indicator Enrichmen}}, date = {2021-03-15}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/03/15/fin8-badhatch-threat-indicator-enrichment/}, language = {English}, urldate = {2021-03-18} } FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-01-26Team CymruJosh Hopkins, Manabu Niseki, CERT-BR
@online{hopkins:20210126:ghostdnsbusters:d295f93, author = {Josh Hopkins and Manabu Niseki and CERT-BR}, title = {{GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure}}, date = {2021-01-26}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/01/26/illuminating-ghostdns-infrastructure-part-3/}, language = {English}, urldate = {2021-01-29} } GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure