Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-23Kaspersky LabsGiampaolo Dedola
@online{dedola:20230523:meet:aa244e9, author = {Giampaolo Dedola}, title = {{Meet the GoldenJackal APT group. Don’t expect any howls}}, date = {2023-05-23}, organization = {Kaspersky Labs}, url = {https://securelist.com/goldenjackal-apt-group/109677/}, language = {English}, urldate = {2023-05-23} } Meet the GoldenJackal APT group. Don’t expect any howls
Jackal
2023-05-04Kaspersky LabsDmitry Kalinin
@online{kalinin:20230504:not:44e1fd7, author = {Dmitry Kalinin}, title = {{Not quite an Easter egg: a new family of Trojan subscribers on Google Play}}, date = {2023-05-04}, organization = {Kaspersky Labs}, url = {https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/}, language = {English}, urldate = {2023-05-08} } Not quite an Easter egg: a new family of Trojan subscribers on Google Play
2023-04-24Kaspersky LabsPierre Delcher, Ivan Kwiatkowski
@online{delcher:20230424:tomiris:2d65352, author = {Pierre Delcher and Ivan Kwiatkowski}, title = {{Tomiris called, they want their Turla malware back}}, date = {2023-04-24}, organization = {Kaspersky Labs}, url = {https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/}, language = {English}, urldate = {2023-04-26} } Tomiris called, they want their Turla malware back
KopiLuwak Andromeda Ave Maria GoldMax JLORAT Kazuar Meterpreter QUIETCANARY RATel Roopy Telemiris tomiris Topinambour
2023-04-12Kaspersky LabsSeongsu Park
@online{park:20230412:lazarus:851b624, author = {Seongsu Park}, title = {{Lazarus DeathNote campaign}}, date = {2023-04-12}, organization = {Kaspersky Labs}, url = {https://securelist.com/the-lazarus-group-deathnote-campaign/109490/}, language = {English}, urldate = {2023-04-14} } Lazarus DeathNote campaign
Bankshot BLINDINGCAN MimiKatz Racket Downloader Volgmer
2023-04-03Kaspersky LabsGeorgy Kucherin
@online{kucherin:20230403:not:ddfeb19, author = {Georgy Kucherin}, title = {{Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack}}, date = {2023-04-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344}, language = {English}, urldate = {2023-04-08} } Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
Gopuram
2023-03-24cocomelonccocomelonc
@online{cocomelonc:20230324:malware:972beff, author = {cocomelonc}, title = {{Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.}}, date = {2023-03-24}, organization = {cocomelonc}, url = {https://cocomelonc.github.io/malware/2023/03/24/malware-av-evasion-14.html}, language = {English}, urldate = {2023-03-30} } Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.
2023-03-21Kaspersky LabsLeonid Bezvershenko, Georgy Kucherin, Igor Kuznetsov
@online{bezvershenko:20230321:bad:054dcba, author = {Leonid Bezvershenko and Georgy Kucherin and Igor Kuznetsov}, title = {{Bad magic: new APT found in the area of Russo-Ukrainian conflict}}, date = {2023-03-21}, organization = {Kaspersky Labs}, url = {https://securelist.com/bad-magic-apt/109087/?s=31}, language = {English}, urldate = {2023-03-21} } Bad magic: new APT found in the area of Russo-Ukrainian conflict
PowerMagic CommonMagic
2023-03-09KasperskyHaim Zigel, Victoria Vlasova, Ilya Tyunkin
@online{zigel:20230309:malvertising:869d894, author = {Haim Zigel and Victoria Vlasova and Ilya Tyunkin}, title = {{Malvertising through search engines}}, date = {2023-03-09}, organization = {Kaspersky}, url = {https://securelist.com/malvertising-through-search-engines/108996/}, language = {English}, urldate = {2023-04-06} } Malvertising through search engines
RedLine Stealer
2023-01-19Kaspersky LabsGReAT
@online{great:20230119:roaming:46b7adb, author = {GReAT}, title = {{Roaming Mantis implements new DNS changer in its malicious mobile app in 2022}}, date = {2023-01-19}, organization = {Kaspersky Labs}, url = {https://securelist.com/roaming-mantis-dns-changer-in-malicious-mobile-app/108464/}, language = {English}, urldate = {2023-01-19} } Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
MoqHao
2022-12-27KasperskySeongsu Park
@online{park:20221227:bluenoroff:383c86f, author = {Seongsu Park}, title = {{BlueNoroff introduces new methods bypassing MoTW}}, date = {2022-12-27}, organization = {Kaspersky}, url = {https://securelist.com/bluenoroff-methods-bypass-motw/108383/}, language = {English}, urldate = {2022-12-29} } BlueNoroff introduces new methods bypassing MoTW
LazarLoader
2022-12-14Kaspersky LabsGReAT, Kaspersky Lab ICS CERT
@online{great:20221214:reassessing:94f663f, author = {GReAT and Kaspersky Lab ICS CERT}, title = {{Reassessing cyberwarfare. Lessons learned in 2022}}, date = {2022-12-14}, organization = {Kaspersky Labs}, url = {https://securelist.com/reassessing-cyberwarfare-lessons-learned-in-2022/108328/}, language = {English}, urldate = {2022-12-14} } Reassessing cyberwarfare. Lessons learned in 2022
2022-12-08KasperskyGReAT
@online{great:20221208:deathstalker:a171c50, author = {GReAT}, title = {{DeathStalker targets legal entities with new Janicab variant}}, date = {2022-12-08}, organization = {Kaspersky}, url = {https://securelist.com/deathstalker-targets-legal-entities-with-new-janicab-variant/108131/}, language = {English}, urldate = {2022-12-14} } DeathStalker targets legal entities with new Janicab variant
Janicab Janicab Stormwind
2022-12-01KasperskyFyodor Sinitsyn, Yanis Zinchenko
@online{sinitsyn:20221201:crywiper:a9785ec, author = {Fyodor Sinitsyn and Yanis Zinchenko}, title = {{Новый троянец CryWiper прикидывается шифровальщиком}}, date = {2022-12-01}, organization = {Kaspersky}, url = {https://securelist.ru/novyj-troyanec-crywiper/106114/}, language = {Russian}, urldate = {2022-12-06} } Новый троянец CryWiper прикидывается шифровальщиком
2022-11-15Kaspersky LabsKonstantin Zykov, Jornt van der Wiel
@online{zykov:20221115:dtrack:9f8ed2a, author = {Konstantin Zykov and Jornt van der Wiel}, title = {{DTrack activity targeting Europe and Latin America}}, date = {2022-11-15}, organization = {Kaspersky Labs}, url = {https://securelist.com/dtrack-targeting-europe-latin-america/107798/}, language = {English}, urldate = {2022-11-18} } DTrack activity targeting Europe and Latin America
Dtrack
2022-10-31Kaspersky LabsSuguru Ishimaru
@online{ishimaru:20221031:apt10:c9040fd, author = {Suguru Ishimaru}, title = {{APT10: Tracking down LODEINFO 2022, part II}}, date = {2022-10-31}, organization = {Kaspersky Labs}, url = {https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-ii/107745/}, language = {English}, urldate = {2022-12-29} } APT10: Tracking down LODEINFO 2022, part II
LODEINFO
2022-10-31Kaspersky LabsSuguru Ishimaru
@online{ishimaru:20221031:apt10:d6c1888, author = {Suguru Ishimaru}, title = {{APT10: Tracking down LODEINFO 2022, part I}}, date = {2022-10-31}, organization = {Kaspersky Labs}, url = {https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-i/107742/}, language = {English}, urldate = {2022-12-29} } APT10: Tracking down LODEINFO 2022, part I
LODEINFO
2022-10-17KasperskyKurt Baumgartner, Georgy Kucherin
@online{baumgartner:20221017:diceyf:8aa2bed, author = {Kurt Baumgartner and Georgy Kucherin}, title = {{DiceyF deploys GamePlayerFramework in online casino development studio}}, date = {2022-10-17}, organization = {Kaspersky}, url = {https://securelist.com/diceyf-deploys-gameplayerframework-in-online-casino-development-studio/107723/}, language = {English}, urldate = {2022-10-25} } DiceyF deploys GamePlayerFramework in online casino development studio
GamePlayerFramework
2022-10-03Kaspersky LabsGReAT
@online{great:20221003:defttorero:da8a03c, author = {GReAT}, title = {{DeftTorero: tactics, techniques and procedures of intrusions revealed}}, date = {2022-10-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/defttorero-tactics-techniques-and-procedures/107610/}, language = {English}, urldate = {2022-10-07} } DeftTorero: tactics, techniques and procedures of intrusions revealed
Nightrunner Tunna ASPXSpy LaZagne ExplosiveRAT reGeorg Volatile Cedar
2022-09-28KasperskyGReAT
@online{great:20220928:prilex:63ddfb7, author = {GReAT}, title = {{Prilex: the pricey prickle credit card complex}}, date = {2022-09-28}, organization = {Kaspersky}, url = {https://securelist.com/prilex-atm-pos-malware-evolution/107551/}, language = {English}, urldate = {2022-09-30} } Prilex: the pricey prickle credit card complex
2022-09-26KasperskyHaim Zigel, Oleg Kupreev, Artem Ushkov
@online{zigel:20220926:nullmixer:c623b01, author = {Haim Zigel and Oleg Kupreev and Artem Ushkov}, title = {{NullMixer: oodles of Trojans in a single dropper}}, date = {2022-09-26}, organization = {Kaspersky}, url = {https://securelist.com/nullmixer-oodles-of-trojans-in-a-single-dropper/107498/}, language = {English}, urldate = {2023-02-06} } NullMixer: oodles of Trojans in a single dropper
ColdStealer DanaBot GCleaner Nullmixer PrivateLoader PseudoManuscrypt RedLine Stealer SmokeLoader Vidar