Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-27KasperskyIvan Kwiatkowski
@online{kwiatkowski:20211027:extracting:14de2bc, author = {Ivan Kwiatkowski}, title = {{Extracting type information from Go binaries}}, date = {2021-10-27}, organization = {Kaspersky}, url = {https://securelist.com/extracting-type-information-from-go-binaries/104715/}, language = {English}, urldate = {2021-11-03} } Extracting type information from Go binaries
GoldMax
2021-10-26KasperskyGReAT
@online{great:20211026:trends:d8feedd, author = {GReAT}, title = {{APT trends report Q3 2021}}, date = {2021-10-26}, organization = {Kaspersky}, url = {https://securelist.com/apt-trends-report-q3-2021/104708/}, language = {English}, urldate = {2021-11-03} } APT trends report Q3 2021
2021-10-26KasperskyKaspersky Lab ICS CERT
@techreport{cert:20211026:attacks:6f30d0f, author = {Kaspersky Lab ICS CERT}, title = {{APT attacks on industrial organizations in H1 2021}}, date = {2021-10-26}, institution = {Kaspersky}, url = {https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-APT-attacks-on-industrial-organizations-in-H1-2021-En.pdf}, language = {English}, urldate = {2021-11-08} } APT attacks on industrial organizations in H1 2021
8.t Dropper AllaKore AsyncRAT GoldMax LimeRAT NjRAT NoxPlayer Raindrop ReverseRAT ShadowPad Zebrocy
2021-10-20KasperskyRuslan Sabitov
@online{sabitov:20211020:russianspeaking:8847092, author = {Ruslan Sabitov}, title = {{Russian-speaking cybercrime evolution: What changed from 2016 to 2021}}, date = {2021-10-20}, organization = {Kaspersky}, url = {https://securelist.com/russian-speaking-cybercrime-evolution-2016-2021/104656/}, language = {English}, urldate = {2021-10-26} } Russian-speaking cybercrime evolution: What changed from 2016 to 2021
2021-10-19KasperskyOleg Kupreev
@online{kupreev:20211019:trickbot:f7cfc04, author = {Oleg Kupreev}, title = {{Trickbot module descriptions}}, date = {2021-10-19}, organization = {Kaspersky}, url = {https://securelist.com/trickbot-module-descriptions/104603/}, language = {English}, urldate = {2021-10-24} } Trickbot module descriptions
TrickBot
2021-10-07KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères
@techreport{kayal:20211007:lyceum:395a41f, author = {Aseel Kayal and Mark Lechtik and Paul Rascagnères}, title = {{LYCEUM Reborn: Counterintelligence in the Middle East}}, date = {2021-10-07}, institution = {Kaspersky}, url = {https://vblocalhost.com/uploads/VB2021-Kayal-etal.pdf}, language = {English}, urldate = {2021-10-25} } LYCEUM Reborn: Counterintelligence in the Middle East
danbot
2021-10-07KasperskyFedor Sinitsyn, Yanis Zinchenko
@online{sinitsyn:20211007:ransomware:b5e74a3, author = {Fedor Sinitsyn and Yanis Zinchenko}, title = {{Ransomware in the CIS}}, date = {2021-10-07}, organization = {Kaspersky}, url = {https://securelist.com/cis-ransomware/104452/}, language = {English}, urldate = {2021-10-11} } Ransomware in the CIS
Cryakl Dharma Hakbit Phobos Void
2021-09-30KasperskyMark Lechtik, Aseel Kayal, Paul Rascagnères, Vasily Berdnikov
@online{lechtik:20210930:ghostemperor:f7bdb63, author = {Mark Lechtik and Aseel Kayal and Paul Rascagnères and Vasily Berdnikov}, title = {{GhostEmperor: From ProxyLogon to kernel mode}}, date = {2021-09-30}, organization = {Kaspersky}, url = {https://securelist.com/ghostemperor-from-proxylogon-to-kernel-mode/104407/}, language = {English}, urldate = {2021-10-05} } GhostEmperor: From ProxyLogon to kernel mode
GhostEmperor
2021-09-30KasperskyMark Lechtik, Aseel Kayal, Paul Rascagnères, Vasily Berdnikov
@techreport{lechtik:20210930:ghostemperors:5422c32, author = {Mark Lechtik and Aseel Kayal and Paul Rascagnères and Vasily Berdnikov}, title = {{GhostEmperor’s infection chain and post-exploitation toolset: technical details}}, date = {2021-09-30}, institution = {Kaspersky}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/09/30094337/GhostEmperor_technical-details_PDF_eng.pdf}, language = {English}, urldate = {2021-10-24} } GhostEmperor’s infection chain and post-exploitation toolset: technical details
GhostEmperor
2021-09-28Kaspersky LabsGReAT
@online{great:20210928:finspy:52097c8, author = {GReAT}, title = {{FinSpy: unseen findings}}, date = {2021-09-28}, organization = {Kaspersky Labs}, url = {https://securelist.com/finspy-unseen-findings/104322/}, language = {English}, urldate = {2021-10-08} } FinSpy: unseen findings
FinFisher FinFisher FinFisher FinFisher RAT
2021-09-27KasperskyLeonid Bezvershenko, Marc Rivero López, Dmitry Galov
@online{bezvershenko:20210927:bloodystealer:5944099, author = {Leonid Bezvershenko and Marc Rivero López and Dmitry Galov}, title = {{BloodyStealer and gaming assets for sale}}, date = {2021-09-27}, organization = {Kaspersky}, url = {https://securelist.com/bloodystealer-and-gaming-assets-for-sale/104319/}, language = {English}, urldate = {2021-10-05} } BloodyStealer and gaming assets for sale
BloodyStealer
2021-09-16KasperskyAMR
@online{amr:20210916:exploitation:f015aee, author = {AMR}, title = {{Exploitation of the CVE-2021-40444 vulnerability in MSHTML}}, date = {2021-09-16}, organization = {Kaspersky}, url = {https://securelist.com/exploitation-of-the-cve-2021-40444-vulnerability-in-mshtml/104218/}, language = {English}, urldate = {2021-09-19} } Exploitation of the CVE-2021-40444 vulnerability in MSHTML
2021-09-02KasperskyAnton Kuzmenko, Oleg Kupreev, Haim Zigel
@online{kuzmenko:20210902:qakbot:219d23c, author = {Anton Kuzmenko and Oleg Kupreev and Haim Zigel}, title = {{QakBot Technical Analysis}}, date = {2021-09-02}, organization = {Kaspersky}, url = {https://securelist.com/qakbot-technical-analysis/103931/}, language = {English}, urldate = {2021-09-06} } QakBot Technical Analysis
QakBot
2021-08-24KasperskyIgor Golovin
@online{golovin:20210824:triada:9c97294, author = {Igor Golovin}, title = {{Triada Trojan in WhatsApp MOD}}, date = {2021-08-24}, organization = {Kaspersky}, url = {https://securelist.com/triada-trojan-in-whatsapp-mod/103679/}, language = {English}, urldate = {2021-08-25} } Triada Trojan in WhatsApp MOD
Triada
2021-07-29KasperskyKaspersky
@online{kaspersky:20210729:ghostemperor:c9ddfe4, author = {Kaspersky}, title = {{GhostEmperor: Chinese-speaking APT targets high-profile victims using unknown rootkit}}, date = {2021-07-29}, organization = {Kaspersky}, url = {https://www.kaspersky.com/about/press-releases/2021_ghostemperor-chinese-speaking-apt-targets-high-profile-victims-using-unknown-rootkit}, language = {English}, urldate = {2021-10-07} } GhostEmperor: Chinese-speaking APT targets high-profile victims using unknown rootkit
GhostEmperor
2021-07-15BrightTALKMathieu Gaucheler, Ariel Jungheit, Kaspersky, Vicente Diaz
@online{gaucheler:20210715:visual:79b00a1, author = {Mathieu Gaucheler and Ariel Jungheit and Kaspersky and Vicente Diaz}, title = {{Visual investigations - Speed up your IR, Forensic Analysis and Hunting}}, date = {2021-07-15}, organization = {BrightTALK}, url = {https://www.brighttalk.com/webcast/18282/493986}, language = {English}, urldate = {2021-11-03} } Visual investigations - Speed up your IR, Forensic Analysis and Hunting
Tiger RAT
2021-07-14KasperskyMark Lechtik, Paul Rascagnères, Aseel Kayal
@online{lechtik:20210714:luminousmoth:a5cf19d, author = {Mark Lechtik and Paul Rascagnères and Aseel Kayal}, title = {{LuminousMoth APT: Sweeping attacks for the chosen few}}, date = {2021-07-14}, organization = {Kaspersky}, url = {https://securelist.com/apt-luminousmoth/103332/}, language = {English}, urldate = {2021-07-20} } LuminousMoth APT: Sweeping attacks for the chosen few
Cobalt Strike
2021-07-07KasperskyDenis Legezo
@online{legezo:20210707:wildpressure:0bdf5ef, author = {Denis Legezo}, title = {{WildPressure targets the macOS platform}}, date = {2021-07-07}, organization = {Kaspersky}, url = {https://securelist.com/wildpressure-targets-macos/103072/}, language = {English}, urldate = {2021-07-09} } WildPressure targets the macOS platform
Milum
2021-07-05KasperskyKaspersky
@online{kaspersky:20210705:revil:a8a2af3, author = {Kaspersky}, title = {{REvil ransomware attack against MSPs and its clients around the world}}, date = {2021-07-05}, organization = {Kaspersky}, url = {https://securelist.com/revil-ransomware-attack-on-msp-companies/103075/}, language = {English}, urldate = {2021-07-09} } REvil ransomware attack against MSPs and its clients around the world
REvil
2021-06-24KasperskyAnton Kuzmenko
@online{kuzmenko:20210624:malicious:83a5c83, author = {Anton Kuzmenko}, title = {{Malicious spam campaigns delivering banking Trojans}}, date = {2021-06-24}, organization = {Kaspersky}, url = {https://securelist.com/malicious-spam-campaigns-delivering-banking-trojans/102917}, language = {English}, urldate = {2021-06-25} } Malicious spam campaigns delivering banking Trojans
IcedID QakBot