Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20210916:threat:ae9400e, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: NetWire RAT is Coming Down the Line}}, date = {2021-09-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/09/threat-thursday-netwire-rat-is-coming-down-the-line}, language = {English}, urldate = {2021-09-19} } Threat Thursday: NetWire RAT is Coming Down the Line
NetWire RC
2021-09-16Black Lotus LabsBlack Lotus Labs
@online{labs:20210916:no:7a40fbb, author = {Black Lotus Labs}, title = {{No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders}}, date = {2021-09-16}, organization = {Black Lotus Labs}, url = {https://blog.lumen.com/no-longer-just-theory-black-lotus-labs-uncovers-linux-executables-deployed-as-stealth-windows-loaders/}, language = {English}, urldate = {2021-09-19} } No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders
PrivetSanya Meterpreter
2021-09-10S2W LAB Inc.S2W TALON
@online{talon:20210910:groove:3dab88b, author = {S2W TALON}, title = {{Groove x RAMP : The relation between Groove, Babuk, Payload.bin, RAMP, and BlackMatter}}, date = {2021-09-10}, organization = {S2W LAB Inc.}, url = {https://medium.com/s2wlab/groove-x-ramp-the-relation-between-groove-babuk-ramp-and-blackmatter-f75644f8f92d}, language = {English}, urldate = {2021-09-14} } Groove x RAMP : The relation between Groove, Babuk, Payload.bin, RAMP, and BlackMatter
Babuk BlackMatter Babuk BlackMatter
2021-09-09Lacework LabsLacework Labs
@online{labs:20210909:pysa:3115858, author = {Lacework Labs}, title = {{PYSA Ransomware Gang adds Linux Support}}, date = {2021-09-09}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/pysa-ransomware-gang-adds-linux-support/}, language = {English}, urldate = {2021-09-10} } PYSA Ransomware Gang adds Linux Support
Mespinoza
2021-09-09BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20210909:threat:79cd668, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Get Your Paws Off My Data, Raccoon Infostealer}}, date = {2021-09-09}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/09/threat-thursday-raccoon-infostealer}, language = {English}, urldate = {2021-09-19} } Threat Thursday: Get Your Paws Off My Data, Raccoon Infostealer
Raccoon
2021-09-08Medium s2wlabS2W TALON
@online{talon:20210908:grooves:64ea498, author = {S2W TALON}, title = {{Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands}}, date = {2021-09-08}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/grooves-thoughts-on-blackmatter-babuk-and-interruption-in-the-supply-of-cheese-in-the-b5328bc764f2}, language = {English}, urldate = {2021-09-12} } Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands
Babuk BlackMatter Babuk BlackMatter
2021-09-08Ciper Tech SolutionsCipher Tech ACCE Team
@online{team:20210908:rapidly:d7c3f22, author = {Cipher Tech ACCE Team}, title = {{Rapidly Evolving BlackMatter Ransomware Tactics}}, date = {2021-09-08}, organization = {Ciper Tech Solutions}, url = {https://www.ciphertechsolutions.com/rapidly-evolving-blackmatter-ransomware-tactics/}, language = {English}, urldate = {2021-09-09} } Rapidly Evolving BlackMatter Ransomware Tactics
BlackMatter
2021-09-08laceworkLacework Labs
@online{labs:20210908:muhstik:f7875d9, author = {Lacework Labs}, title = {{Muhstik Takes Aim at Confluence CVE 2021-26084}}, date = {2021-09-08}, organization = {lacework}, url = {https://www.lacework.com/blog/muhstik-takes-aim-at-confluence-cve-2021-26084/}, language = {English}, urldate = {2021-09-12} } Muhstik Takes Aim at Confluence CVE 2021-26084
Tsunami
2021-09-05Chuongdong blogChuong Dong
@online{dong:20210905:blackmatter:2673021, author = {Chuong Dong}, title = {{BlackMatter Ransomware v2.0}}, date = {2021-09-05}, organization = {Chuongdong blog}, url = {https://chuongdong.com/reverse%20engineering/2021/09/05/BlackMatterRansomware/}, language = {English}, urldate = {2021-09-09} } BlackMatter Ransomware v2.0
BlackMatter
2021-09-01YouTube (Black Hat)Aragorn Tseng, Charles Li
@online{tseng:20210901:mem2img:7817a5d, author = {Aragorn Tseng and Charles Li}, title = {{Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=6SDdUVejR2w}, language = {English}, urldate = {2021-09-12} } Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network
Cobalt Strike PlugX Waterbear
2021-09-01YouTube (Black Hat)Tianze Ding, Junyu Zhou
@online{ding:20210901:domain:92aa2f7, author = {Tianze Ding and Junyu Zhou}, title = {{Domain Borrowing: Catch My C2 Traffic if You Can}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=eVr0kKdgM2I}, language = {English}, urldate = {2021-09-14} } Domain Borrowing: Catch My C2 Traffic if You Can
2021-09-01YouTube (Black Hat)Tsuyoshi Taniguchi, Christian Doerr
@online{taniguchi:20210901:how:98ed0d5, author = {Tsuyoshi Taniguchi and Christian Doerr}, title = {{How Did the Adversaries Abusing the Bitcoin Blockchain Evade Our Takeover?}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=y8Z9KnL8s8s}, language = {English}, urldate = {2021-09-12} } How Did the Adversaries Abusing the Bitcoin Blockchain Evade Our Takeover?
Cerber Pony
2021-09-01Medium s2wlabS2W LAB INTELLIGENCE TEAM, Denise Dasom Kim, Jungyeon Lim, Yeonghyeon Jeong, Sujin Lim, Chaewon Moon
@online{team:20210901:blackmatter:6a2a025, author = {S2W LAB INTELLIGENCE TEAM and Denise Dasom Kim and Jungyeon Lim and Yeonghyeon Jeong and Sujin Lim and Chaewon Moon}, title = {{BlackMatter x Babuk : Using the same web server for sharing leaked files}}, date = {2021-09-01}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/blackmatter-x-babuk-using-the-same-web-server-for-sharing-leaked-files-d01c20a74751}, language = {English}, urldate = {2021-09-06} } BlackMatter x Babuk : Using the same web server for sharing leaked files
Babuk BlackMatter Babuk BlackMatter
2021-08-31Minerva LabsMinerva Labs
@online{labs:20210831:blackmatter:26abef6, author = {Minerva Labs}, title = {{BlackMatter - The New Star Of Ransomware}}, date = {2021-08-31}, organization = {Minerva Labs}, url = {https://blog.minerva-labs.com/blackmatter}, language = {English}, urldate = {2021-09-12} } BlackMatter - The New Star Of Ransomware
BlackMatter
2021-08-23NetskopeGustavo Palazolo
@online{palazolo:20210823:netskope:356b783, author = {Gustavo Palazolo}, title = {{Netskope Threat Coverage: BlackMatter}}, date = {2021-08-23}, organization = {Netskope}, url = {https://www.netskope.com/blog/netskope-threat-coverage-blackmatter}, language = {English}, urldate = {2021-08-25} } Netskope Threat Coverage: BlackMatter
BlackMatter
2021-08-20YouTube (Black Hat)Allison Wikoff, Richard Emerson
@online{wikoff:20210820:kitten:3234e60, author = {Allison Wikoff and Richard Emerson}, title = {{The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker}}, date = {2021-08-20}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=nilzxS9rxEM}, language = {English}, urldate = {2021-09-02} } The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker
LittleLooter
2021-08-19BlackberryBlackBerry Research & Intelligence Team
@online{team:20210819:blackberry:2eec433, author = {BlackBerry Research & Intelligence Team}, title = {{BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware}}, date = {2021-08-19}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/08/blackberry-prevents-threat-actor-group-ta575-and-dridex-malware}, language = {English}, urldate = {2021-08-23} } BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware
Cobalt Strike Dridex
2021-08-12BlackberryBlackBerry Research & Intelligence Team
@online{team:20210812:threat:254ba6c, author = {BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Ficker Infostealer Malware}}, date = {2021-08-12}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/08/threat-thursday-ficker-infostealer-malware}, language = {English}, urldate = {2021-08-17} } Threat Thursday: Ficker Infostealer Malware
Ficker Stealer
2021-08-09SophosMark Loman
@online{loman:20210809:blackmatter:d7606f3, author = {Mark Loman}, title = {{BlackMatter ransomware emerges from the shadow of DarkSide}}, date = {2021-08-09}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2021/08/09/blackmatter-ransomware-emerges-from-the-shadow-of-darkside/}, language = {English}, urldate = {2021-08-25} } BlackMatter ransomware emerges from the shadow of DarkSide
BlackMatter BlackMatter
2021-08-06Group-IBAndrey Zhdanov
@online{zhdanov:20210806:its:e5b4483, author = {Andrey Zhdanov}, title = {{It's alive! The story behind the BlackMatter ransomware strain}}, date = {2021-08-06}, organization = {Group-IB}, url = {https://blog.group-ib.com/blackmatter#}, language = {English}, urldate = {2021-08-09} } It's alive! The story behind the BlackMatter ransomware strain
BlackMatter DarkSide BlackMatter DarkSide