Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-23KrollKeith Wojcieszek, Ryan Hicks, George Glass
@online{wojcieszek:20230623:deep:04da3ed, author = {Keith Wojcieszek and Ryan Hicks and George Glass}, title = {{Deep Dive into GOOTLOADER Malware and Its Infection Chain}}, date = {2023-06-23}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/deep-dive-gootloader-malware-infection-chain}, language = {English}, urldate = {2023-07-13} } Deep Dive into GOOTLOADER Malware and Its Infection Chain
GootLoader
2023-02-13KrollLaurie Iacono, Stephen Green
@online{iacono:20230213:royal:c789fcc, author = {Laurie Iacono and Stephen Green}, title = {{Royal Ransomware Deep Dive}}, date = {2023-02-13}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/royal-ransomware-deep-dive}, language = {English}, urldate = {2023-04-22} } Royal Ransomware Deep Dive
Cobalt Strike Royal Ransom
2023-02-02KrollStephen Green, Elio Biasiotto
@online{green:20230202:hive:4624808, author = {Stephen Green and Elio Biasiotto}, title = {{Hive Ransomware Technical Analysis and Initial Access Discovery}}, date = {2023-02-02}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/hive-ransomware-technical-analysis-initial-access-discovery}, language = {English}, urldate = {2023-04-22} } Hive Ransomware Technical Analysis and Initial Access Discovery
BATLOADER Cobalt Strike Hive
2023-01-23KrollStephen Green, Elio Biasiotto
@online{green:20230123:black:dd89d21, author = {Stephen Green and Elio Biasiotto}, title = {{Black Basta – Technical Analysis}}, date = {2023-01-23}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/black-basta-technical-analysis}, language = {English}, urldate = {2023-04-22} } Black Basta – Technical Analysis
Black Basta Cobalt Strike MimiKatz QakBot SystemBC
2022-12-13KrollKeith Wojcieszek, Dave Truman, Stephen Green, George Glass
@online{wojcieszek:20221213:threat:0328cee, author = {Keith Wojcieszek and Dave Truman and Stephen Green and George Glass}, title = {{Threat Actors use Google Ads to Deploy VIDAR Stealer}}, date = {2022-12-13}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/threat-actors-google-ads-deploy-vidar-stealer}, language = {English}, urldate = {2023-04-25} } Threat Actors use Google Ads to Deploy VIDAR Stealer
Vidar
2022-06-02KrollSean Straw
@online{straw:20220602:modpipe:8215b5e, author = {Sean Straw}, title = {{ModPipe POS Malware: New Hooking Targets Extract Card Data}}, date = {2022-06-02}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/modpipe-pos-malware-new-hooking-targets-extract-card-data}, language = {English}, urldate = {2022-08-31} } ModPipe POS Malware: New Hooking Targets Extract Card Data
ModPipe
2022-05-27KrollCole Manaster, George Glass, Elio Biasiotto
@online{manaster:20220527:emotet:77000c1, author = {Cole Manaster and George Glass and Elio Biasiotto}, title = {{Emotet Analysis: New LNKs in the Infection Chain – The Monitor, Issue 20}}, date = {2022-05-27}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/monitor/emotet-analysis-new-lnk-in-the-infection-chain}, language = {English}, urldate = {2022-05-31} } Emotet Analysis: New LNKs in the Infection Chain – The Monitor, Issue 20
Emotet
2022-04-18RiskIQJennifer Grob
@online{grob:20220418:riskiq:d5109f2, author = {Jennifer Grob}, title = {{RiskIQ: Trickbot Rickroll}}, date = {2022-04-18}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/04ec92f4}, language = {English}, urldate = {2022-04-20} } RiskIQ: Trickbot Rickroll
TrickBot
2022-03-22KrollCole Manaster, Pierson Clair
@online{manaster:20220322:analyzing:908d98b, author = {Cole Manaster and Pierson Clair}, title = {{Analyzing Exmatter: A Ransomware Data Exfiltration Tool}}, date = {2022-03-22}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/analyzing-exmatter-ransomware-data-exfiltration-tool}, language = {English}, urldate = {2022-04-29} } Analyzing Exmatter: A Ransomware Data Exfiltration Tool
ExMatter