Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-16Palo Alto Networks Unit 42Jeff White, Kyle Wilhoit
@online{white:20210616:matanbuchus:e514a4b, author = {Jeff White and Kyle Wilhoit}, title = {{Matanbuchus: Malware-as-a-Service with Demonic Intentions}}, date = {2021-06-16}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/matanbuchus-malware-as-a-service/}, language = {English}, urldate = {2021-06-21} } Matanbuchus: Malware-as-a-Service with Demonic Intentions
Matanbuchus BelialDemon
2019-11-29Palo Alto Networks Unit 42Josh Grunzweig, Kyle Wilhoit
@online{grunzweig:20191129:fractured:65257b7, author = {Josh Grunzweig and Kyle Wilhoit}, title = {{The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia}}, date = {2019-11-29}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-the-fractured-block-campaign-carrotbat-malware-used-to-deliver-malware-targeting-southeast-asia/}, language = {English}, urldate = {2020-01-12} } The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
CarrotBat
2018-11-16Palo Alto Networks Unit 42Robert Falcone, Kyle Wilhoit
@online{falcone:20181116:analyzing:037fccb, author = {Robert Falcone and Kyle Wilhoit}, title = {{Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery}}, date = {2018-11-16}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-analyzing-oilrigs-ops-tempo-testing-weaponization-delivery/}, language = {English}, urldate = {2020-01-09} } Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery
OilRig
2018-09-12Palo Alto Networks Unit 42Kyle Wilhoit, Robert Falcone
@online{wilhoit:20180912:oilrig:5892017, author = {Kyle Wilhoit and Robert Falcone}, title = {{OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government}}, date = {2018-09-12}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-oilrig-uses-updated-bondupdater-target-middle-eastern-government/}, language = {English}, urldate = {2020-01-13} } OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government
OilRig
2018-09-12Palo Alto Networks Unit 42Kyle Wilhoit, Robert Falcone
@online{wilhoit:20180912:oilrig:5c64e44, author = {Kyle Wilhoit and Robert Falcone}, title = {{OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government}}, date = {2018-09-12}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2018/09/unit42-oilrig-uses-updated-bondupdater-target-middle-eastern-government/}, language = {English}, urldate = {2019-12-20} } OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government
BONDUPDATER
2018-08-02Palo Alto Networks Unit 42Robert Falcone, David Fuertes, Josh Grunzweig, Kyle Wilhoit
@online{falcone:20180802:gorgon:06112b1, author = {Robert Falcone and David Fuertes and Josh Grunzweig and Kyle Wilhoit}, title = {{The Gorgon Group: Slithering Between Nation State and Cybercrime}}, date = {2018-08-02}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2018/08/unit42-gorgon-group-slithering-nation-state-cybercrime/}, language = {English}, urldate = {2019-12-20} } The Gorgon Group: Slithering Between Nation State and Cybercrime
Loki Password Stealer (PWS) Nanocore RAT NjRAT Quasar RAT Remcos Revenge RAT
2018-08-02Robert Falcone, David Fuertes, Josh Grunzweig, Kyle Wilhoit
@online{falcone:20180802:gorgon:8a338cc, author = {Robert Falcone and David Fuertes and Josh Grunzweig and Kyle Wilhoit}, title = {{The Gorgon Group: Slithering Between Nation State and Cybercrime}}, date = {2018-08-02}, url = {https://unit42.paloaltonetworks.com/unit42-gorgon-group-slithering-nation-state-cybercrime/}, language = {English}, urldate = {2019-11-29} } The Gorgon Group: Slithering Between Nation State and Cybercrime
The Gorgon Group
2018-04-17Palo Alto Networks Unit 42Josh Grunzweig, Brandon Levene, Kyle Wilhoit, Pat Litke
@online{grunzweig:20180417:squirtdanger:86b0da6, author = {Josh Grunzweig and Brandon Levene and Kyle Wilhoit and Pat Litke}, title = {{SquirtDanger: The Swiss Army Knife Malware from Veteran Malware Author TheBottle}}, date = {2018-04-17}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2018/04/unit42-squirtdanger-swiss-army-knife-malware-veteran-malware-author-thebottle/}, language = {English}, urldate = {2019-12-20} } SquirtDanger: The Swiss Army Knife Malware from Veteran Malware Author TheBottle
SquirtDanger
2018-03-20Palo Alto Networks Unit 42Ruchna Nigam, Kyle Wilhoit
@online{nigam:20180320:telerat:b8d1aa5, author = {Ruchna Nigam and Kyle Wilhoit}, title = {{TeleRAT: Another Android Trojan Leveraging Telegram’s Bot API to Target Iranian Users}}, date = {2018-03-20}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2018/03/unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-iranian-users/}, language = {English}, urldate = {2019-12-20} } TeleRAT: Another Android Trojan Leveraging Telegram’s Bot API to Target Iranian Users
IRRat TeleRAT
2014-08-29FireEyeKyle Wilhoit, Thoufique Haq
@online{wilhoit:20140829:connecting:89f1651, author = {Kyle Wilhoit and Thoufique Haq}, title = {{Connecting the Dots: Syrian Malware Team Uses BlackWorm for Attacks}}, date = {2014-08-29}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/08/connecting-the-dots-syrian-malware-team-uses-blackworm-for-attacks.html}, language = {English}, urldate = {2019-12-20} } Connecting the Dots: Syrian Malware Team Uses BlackWorm for Attacks
Blackworm RAT
2014-07-09FireEyeNart Villeneuve, Kyle Wilhoit, Joshua Homan
@online{villeneuve:20140709:brutpos:12328f8, author = {Nart Villeneuve and Kyle Wilhoit and Joshua Homan}, title = {{BrutPOS: RDP Bruteforcing Botnet Targeting POS Systems}}, date = {2014-07-09}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/07/brutpos-rdp-bruteforcing-botnet-targeting-pos-systems.html}, language = {English}, urldate = {2019-12-20} } BrutPOS: RDP Bruteforcing Botnet Targeting POS Systems
BrutPOS
2013-05-20Trend MicroNart Villeneuve, Kyle Wilhoit
@techreport{villeneuve:20130520:safe:5a6a6e7, author = {Nart Villeneuve and Kyle Wilhoit}, title = {{Safe - A Targeted Threat}}, date = {2013-05-20}, institution = {Trend Micro}, url = {https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-safe-a-targeted-threat.pdf}, language = {English}, urldate = {2020-01-22} } Safe - A Targeted Threat
SafeNet
2013-03-04Trend MicroKyle Wilhoit
@online{wilhoit:20130304:indepth:ebccc8b, author = {Kyle Wilhoit}, title = {{In-Depth Look: APT Attack Tools of the Trade}}, date = {2013-03-04}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/in-depth-look-apt-attack-tools-of-the-trade/}, language = {English}, urldate = {2019-07-11} } In-Depth Look: APT Attack Tools of the Trade
HTran