Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-28JuniperPaul Kimayong
@online{kimayong:20230828:dreambus:8065a04, author = {Paul Kimayong}, title = {{DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability}}, date = {2023-08-28}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/dreambus-botnet-resurfaces-targets-rocketmq-vulnerability}, language = {English}, urldate = {2023-08-31} } DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability
DreamBus
2022-08-31JuniperPaul Kimayong
@online{kimayong:20220831:asbit:611ae9b, author = {Paul Kimayong}, title = {{Asbit: An Emerging Remote Desktop Trojan}}, date = {2022-08-31}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/asbit-an-emerging-remote-desktop-trojan}, language = {English}, urldate = {2022-09-01} } Asbit: An Emerging Remote Desktop Trojan
Asbit
2022-03-24JuniperPaul Kimayong
@online{kimayong:20220324:muhstik:b70f2b9, author = {Paul Kimayong}, title = {{Muhstik Gang targets Redis Servers}}, date = {2022-03-24}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/security/muhstik-gang-targets-redis-servers}, language = {English}, urldate = {2022-03-28} } Muhstik Gang targets Redis Servers
Tsunami
2021-10-21JuniperNataraja G
@online{g:20211021:apache:1785882, author = {Nataraja G}, title = {{Apache HTTP Server CVE-2021-42013 and CVE-2021-41773 Exploited in the Wild}}, date = {2021-10-21}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/enterprise-cloud-and-transformation/apache-http-server-cve-2021-42013-and-cve-2021-41773-exploited}, language = {English}, urldate = {2021-11-02} } Apache HTTP Server CVE-2021-42013 and CVE-2021-41773 Exploited in the Wild
2021-10-11JuniperPaul Kimayong
@online{kimayong:20211011:necro:9b112bd, author = {Paul Kimayong}, title = {{Necro Python Botnet Goes After Vulnerable VisualTools DVR}}, date = {2021-10-11}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr}, language = {English}, urldate = {2021-10-25} } Necro Python Botnet Goes After Vulnerable VisualTools DVR
N3Cr0m0rPh
2021-09-08JuniperPaul Kimayong
@online{kimayong:20210908:aggah:8508369, author = {Paul Kimayong}, title = {{Aggah Malware Campaign Expands to Zendesk and GitHub to Host Its Malware}}, date = {2021-09-08}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/security/aggah-malware-campaign-expands-to-zendesk-and-github-to-host-its-malware}, language = {English}, urldate = {2021-09-10} } Aggah Malware Campaign Expands to Zendesk and GitHub to Host Its Malware
Agent Tesla
2021-09-02BloombergJordan Robertson
@online{robertson:20210902:juniper:59e4e5f, author = {Jordan Robertson}, title = {{Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role (APT5)}}, date = {2021-09-02}, organization = {Bloomberg}, url = {https://www.bloomberg.com/news/features/2021-09-02/juniper-mystery-attacks-traced-to-pentagon-role-and-chinese-hackers}, language = {English}, urldate = {2021-09-14} } Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role (APT5)
2021-09-02JuniperAsher Langton, Alex Burt
@online{langton:20210902:attacks:f9b9494, author = {Asher Langton and Alex Burt}, title = {{Attacks Continue Against Realtek Vulnerabilities}}, date = {2021-09-02}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/attacks-continue-against-realtek-vulnerabilities}, language = {English}, urldate = {2021-09-06} } Attacks Continue Against Realtek Vulnerabilities
Dark
2021-08-27JuniperAsher Langton
@online{langton:20210827:realtek:71aea1b, author = {Asher Langton}, title = {{RealTek CVE-2021-35394 Exploited in the Wild}}, date = {2021-08-27}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/realtek-cve-2021-35394-exploited-in-the-wild}, language = {English}, urldate = {2021-08-31} } RealTek CVE-2021-35394 Exploited in the Wild
2021-04-26JuniperAsher Langton
@online{langton:20210426:linux:4c4d942, author = {Asher Langton}, title = {{Linux Servers Hijacked to Implant SSH Backdoor}}, date = {2021-04-26}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/linux-servers-hijacked-to-implant-ssh-backdoor}, language = {English}, urldate = {2021-05-04} } Linux Servers Hijacked to Implant SSH Backdoor
2021-04-08JuniperPaul Kimayong
@online{kimayong:20210408:sysrv:c1cbc71, author = {Paul Kimayong}, title = {{Sysrv Botnet Expands and Gains Persistence}}, date = {2021-04-08}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/sysrv-botnet-expands-and-gains-persistence}, language = {English}, urldate = {2021-04-12} } Sysrv Botnet Expands and Gains Persistence
2020-12-14JuniperAsher Langton
@online{langton:20201214:everything:6b8dda8, author = {Asher Langton}, title = {{Everything but the kitchen sink: more attacks from the Gitpaste-12 worm}}, date = {2020-12-14}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/everything-but-the-kitchen-sink-more-attacks-from-the-gitpaste-12-worm}, language = {English}, urldate = {2020-12-17} } Everything but the kitchen sink: more attacks from the Gitpaste-12 worm
2020-12-01JuniperPaul Kimayong
@online{kimayong:20201201:darkirc:f22ae7d, author = {Paul Kimayong}, title = {{DarkIRC bot exploits recent Oracle WebLogic vulnerability}}, date = {2020-12-01}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/darkirc-bot-exploits-oracle-weblogic-vulnerability}, language = {English}, urldate = {2021-03-30} } DarkIRC bot exploits recent Oracle WebLogic vulnerability
DarkIRC
2020-11-05JuniperAlex Burt, Trevor Pott
@online{burt:20201105:gitpaste12:a3f5e87, author = {Alex Burt and Trevor Pott}, title = {{Gitpaste-12: a new worming botnet with reverse shell capability spreading via GitHub and Pastebin}}, date = {2020-11-05}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/gitpaste-12}, language = {English}, urldate = {2020-11-09} } Gitpaste-12: a new worming botnet with reverse shell capability spreading via GitHub and Pastebin
Gitpaste-12
2020-10-05JuniperPaul Kimayong
@online{kimayong:20201005:new:739309f, author = {Paul Kimayong}, title = {{New pastebin-like service used in multiple malware campaigns}}, date = {2020-10-05}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/new-pastebin-like-service-used-in-multiple-malware-campaigns}, language = {English}, urldate = {2020-10-07} } New pastebin-like service used in multiple malware campaigns
Agent Tesla LimeRAT RedLine Stealer
2020-08-12JuniperPaul Kimayong
@online{kimayong:20200812:icedid:b40f8b4, author = {Paul Kimayong}, title = {{IcedID Campaign Strikes Back}}, date = {2020-08-12}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/iceid-campaign-strikes-back}, language = {English}, urldate = {2020-08-27} } IcedID Campaign Strikes Back
IcedID
2020-06-18JuniperPaul Kimayong
@online{kimayong:20200618:covid19:4bb5511, author = {Paul Kimayong}, title = {{COVID-19 and FMLA Campaigns used to install new IcedID banking malware}}, date = {2020-06-18}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/covid-19-and-fmla-campaigns-used-to-install-new-icedid-banking-malware}, language = {English}, urldate = {2020-06-23} } COVID-19 and FMLA Campaigns used to install new IcedID banking malware
IcedID
2019-09-26JuniperPaul Kimayong
@online{kimayong:20190926:masad:0f8ea5a, author = {Paul Kimayong}, title = {{Masad Stealer: Exfiltrating using Telegram}}, date = {2019-09-26}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/masad-stealer-exfiltrating-using-telegram}, language = {English}, urldate = {2020-09-03} } Masad Stealer: Exfiltrating using Telegram
Masad Stealer
2018-05-21JuniperPaul Kimayong
@online{kimayong:20180521:nukebot:dcd8985, author = {Paul Kimayong}, title = {{Nukebot Banking Trojan targeting people in France}}, date = {2018-05-21}, organization = {Juniper}, url = {https://forums.juniper.net/t5/Threat-Research/Nukebot-Banking-Trojan-targeting-people-in-France/ba-p/326702}, language = {English}, urldate = {2019-11-22} } Nukebot Banking Trojan targeting people in France
TinyNuke
2018-02-13JuniperPaul Kimayong
@online{kimayong:20180213:new:b8d70e2, author = {Paul Kimayong}, title = {{New Gootkit Banking Trojan variant pushes the limits on evasive behavior}}, date = {2018-02-13}, organization = {Juniper}, url = {https://forums.juniper.net/t5/Security-Now/New-Gootkit-Banking-Trojan-variant-pushes-the-limits-on-evasive/ba-p/319055}, language = {English}, urldate = {2019-12-10} } New Gootkit Banking Trojan variant pushes the limits on evasive behavior
GootKit