Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-31IBMLimor Kessem, Itzik Chimino
@online{kessem:20220131:topranking:4f697c1, author = {Limor Kessem and Itzik Chimino}, title = {{Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data}}, date = {2022-01-31}, organization = {IBM}, url = {https://securityintelligence.com/posts/ramnit-banking-trojan-stealing-card-data/}, language = {English}, urldate = {2022-02-02} } Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data
Ramnit
2022-01-24IBMMichael Gal, Segev Fogel, Itzik Chimino, Limor Kessem, Charlotte Hammond
@online{gal:20220124:trickbot:8a030b3, author = {Michael Gal and Segev Fogel and Itzik Chimino and Limor Kessem and Charlotte Hammond}, title = {{TrickBot Bolsters Layered Defenses to Prevent Injection Research}}, date = {2022-01-24}, organization = {IBM}, url = {https://securityintelligence.com/posts/trickbot-bolsters-layered-defenses-prevent-injection/}, language = {English}, urldate = {2022-01-25} } TrickBot Bolsters Layered Defenses to Prevent Injection Research
TrickBot
2021-11-01IBMAaron Gdanski, Limor Kessem
@online{gdanski:20211101:from:dc06d28, author = {Aaron Gdanski and Limor Kessem}, title = {{From Thanos to Prometheus: When Ransomware Encryption Goes Wrong}}, date = {2021-11-01}, organization = {IBM}, url = {https://securityintelligence.com/posts/ransomware-encryption-goes-wrong/}, language = {English}, urldate = {2021-11-08} } From Thanos to Prometheus: When Ransomware Encryption Goes Wrong
Hakbit Prometheus
2021-05-10SecurityIntelligenceLimor Kessem
@online{kessem:20210510:shedding:c49ddab, author = {Limor Kessem}, title = {{Shedding Light on the DarkSide Ransomware Attack}}, date = {2021-05-10}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/posts/darkside-oil-pipeline-ransomware-attack/}, language = {English}, urldate = {2021-05-11} } Shedding Light on the DarkSide Ransomware Attack
DarkSide
2021-04-28IBMLimor Kessem
@online{kessem:20210428:sodinokibi:38fd348, author = {Limor Kessem}, title = {{The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash}}, date = {2021-04-28}, organization = {IBM}, url = {https://securityintelligence.com/posts/sodinokibi-revil-ransomware-disrupt-trade-secrets/}, language = {English}, urldate = {2021-05-03} } The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash
REvil
2021-03-11IBMDave McMillen, Limor Kessem
@online{mcmillen:20210311:dridex:1140b01, author = {Dave McMillen and Limor Kessem}, title = {{Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts}}, date = {2021-03-11}, organization = {IBM}, url = {https://securityintelligence.com/dridex-campaign-propelled-by-cutwail-botnet-and-powershell/}, language = {English}, urldate = {2021-03-12} } Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts
Cutwail Dridex
2020-10-19IBM SecurityChen Nahman, Ofir Ozer, Limor Kessem
@online{nahman:20201019:new:587d93c, author = {Chen Nahman and Ofir Ozer and Limor Kessem}, title = {{New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks}}, date = {2020-10-19}, organization = {IBM Security}, url = {https://securityintelligence.com/posts/vizom-malware-targets-brazilian-bank-customers-remote-overlay/}, language = {English}, urldate = {2020-10-23} } New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks
Vizom
2020-05-11SecurityIntelligenceNir Shwarts, Limor Kessem
@online{shwarts:20200511:zeus:81e8585, author = {Nir Shwarts and Limor Kessem}, title = {{Zeus Sphinx Back in Business: Some Core Modifications Arise}}, date = {2020-05-11}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/posts/zeus-sphinx-back-in-business-some-core-modifications-arise/}, language = {English}, urldate = {2022-09-21} } Zeus Sphinx Back in Business: Some Core Modifications Arise
Zeus Sphinx
2020-03-30IBMAmir Gandler, Limor Kessem
@online{gandler:20200330:zeus:bef1da7, author = {Amir Gandler and Limor Kessem}, title = {{Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy}}, date = {2020-03-30}, organization = {IBM}, url = {https://securityintelligence.com/posts/zeus-sphinx-trojan-awakens-amidst-coronavirus-spam-frenzy/}, language = {English}, urldate = {2020-04-01} } Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy
Zeus OpenSSL Zloader
2019-05-16SecurityIntelligenceLimor Kessem
@online{kessem:20190516:goznym:cb4a177, author = {Limor Kessem}, title = {{GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation}}, date = {2019-05-16}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/posts/goznym-closure-comes-in-the-shape-of-a-europol-and-doj-arrest-operation/}, language = {English}, urldate = {2019-12-05} } GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation
Nymaim
2019-04-04SecurityIntelligenceNir Somech, Limor Kessem
@online{somech:20190404:icedid:54ba40f, author = {Nir Somech and Limor Kessem}, title = {{IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth}}, date = {2019-04-04}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/icedid-banking-trojan-spruces-up-injection-tactics-to-add-stealth/}, language = {English}, urldate = {2020-01-08} } IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth
IcedID
2019-02-06SecurityIntelligenceItzik Chimino, Limor Kessem, Ophir Harpaz
@online{chimino:20190206:icedid:ef0caad, author = {Itzik Chimino and Limor Kessem and Ophir Harpaz}, title = {{IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites}}, date = {2019-02-06}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/icedid-operators-using-atsengine-injection-panel-to-hit-e-commerce-sites/}, language = {English}, urldate = {2020-01-08} } IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites
IcedID
2018-09-10SecurityIntelligenceShahar Tavor, Limor Kessem
@online{tavor:20180910:ibm:74fe99b, author = {Shahar Tavor and Limor Kessem}, title = {{IBM X-Force Delves Into ExoBot’s Leaked Source Code}}, date = {2018-09-10}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/ibm-x-force-delves-into-exobots-leaked-source-code/}, language = {English}, urldate = {2020-01-07} } IBM X-Force Delves Into ExoBot’s Leaked Source Code
ExoBot
2018-09-04SecurityIntelligenceLimor Kessem, Maor Wiesen
@online{kessem:20180904:camubot:d0c8b12, author = {Limor Kessem and Maor Wiesen}, title = {{CamuBot: New Financial Malware Targets Brazilian Banking Customers}}, date = {2018-09-04}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/camubot-new-financial-malware-targets-brazilian-banking-customers/}, language = {English}, urldate = {2020-01-13} } CamuBot: New Financial Malware Targets Brazilian Banking Customers
CamuBot
2018-08-22IBMLimor Kessem
@online{kessem:20180822:backswap:73c04f5, author = {Limor Kessem}, title = {{BackSwap Malware Now Targets Six Banks in Spain}}, date = {2018-08-22}, organization = {IBM}, url = {https://securityintelligence.com/backswap-malware-now-targets-six-banks-in-spain/}, language = {English}, urldate = {2019-12-20} } BackSwap Malware Now Targets Six Banks in Spain
BackSwap
2018-02-15SecurityIntelligenceOphir Harpaz, Magal Baz, Limor Kessem
@online{harpaz:20180215:trickbots:2cf1b53, author = {Ophir Harpaz and Magal Baz and Limor Kessem}, title = {{TrickBot’s Cryptocurrency Hunger: Tricking the Bitcoin Out of Wallets}}, date = {2018-02-15}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/trickbots-cryptocurrency-hunger-tricking-the-bitcoin-out-of-wallets/}, language = {English}, urldate = {2020-01-06} } TrickBot’s Cryptocurrency Hunger: Tricking the Bitcoin Out of Wallets
TrickBot
2017-11-13SecurityIntelligenceLimor Kessem, Maor Wiesen, Tal Darsan, Tomer Agayev
@online{kessem:20171113:new:bb937fd, author = {Limor Kessem and Maor Wiesen and Tal Darsan and Tomer Agayev}, title = {{New Banking Trojan IcedID Discovered by IBM X-Force Research}}, date = {2017-11-13}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/}, language = {English}, urldate = {2019-11-27} } New Banking Trojan IcedID Discovered by IBM X-Force Research
IcedID IcedID Downloader
2017-11-08SecurityIntelligenceGadi Ostrovsky, Limor Kessem
@online{ostrovsky:20171108:overlay:ad4efd8, author = {Gadi Ostrovsky and Limor Kessem}, title = {{Overlay RAT Malware Uses AutoIt Scripting to Bypass Antivirus Detection}}, date = {2017-11-08}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/overlay-rat-malware-uses-autoit-scripting-to-bypass-antivirus-detection/}, language = {English}, urldate = {2019-12-10} } Overlay RAT Malware Uses AutoIt Scripting to Bypass Antivirus Detection
Overlay RAT
2017-10-11SecurityIntelligenceLimor Kessem
@online{kessem:20171011:trickbot:57ebc20, author = {Limor Kessem}, title = {{TrickBot Takes to Latin America, Continues to Expand Its Global Reach}}, date = {2017-10-11}, organization = {SecurityIntelligence}, url = {https://securityintelligence.com/trickbot-takes-to-latin-america-continues-to-expand-its-global-reach/}, language = {English}, urldate = {2020-01-08} } TrickBot Takes to Latin America, Continues to Expand Its Global Reach
2017-07-27Security IntelligenceLimor Kessem, Shachar Gritzman
@online{kessem:20170727:after:10c4ba5, author = {Limor Kessem and Shachar Gritzman}, title = {{After Big Takedown Efforts, 20 More BankBot Mobile Malware Apps Make It Into Google Play}}, date = {2017-07-27}, organization = {Security Intelligence}, url = {https://securityintelligence.com/after-big-takedown-efforts-20-more-bankbot-mobile-malware-apps-make-it-into-google-play/}, language = {English}, urldate = {2019-12-06} } After Big Takedown Efforts, 20 More BankBot Mobile Malware Apps Make It Into Google Play
Anubis