Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-02-27Palo Alto Networks Unit 42Lior Rochberger, Tom Fakterman
Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations
FINALDRAFT FINALDRAFT REF7707
2024-09-26Palo Alto Networks Unit 42Daniel Frank, Lior Rochberger
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
FPSpy KLogEXE Kimsuky
2024-05-23Palo Alto Networks Unit 42Daniel Frank, Lior Rochberger
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia
Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter CL-STA-0043
2024-02-12Palo Alto Networks Unit 42Dan Yashnik, Lior Rochberger
Diving Into Glupteba's UEFI Bootkit
Glupteba
2023-09-22Palo Alto Networks Unit 42Lior Rochberger, Robert Falcone, Tom Fakterman
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda
Cobalt Strike MimiKatz RemCom ShadowPad TONESHELL
2023-09-22Palo Alto Networks Unit 42Lior Rochberger, Robert Falcone, Tom Fakterman
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus
Reshell GALLIUM
2023-08-01Palo Alto Networks Unit 42Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm
2023-07-20paloalto Netoworks: Unit42Lior Rochberger, Shimi Cohen
Threat Group Assessment: Mallox Ransomware
TargetCompany
2023-06-16Palo Alto Networks: Cortex Threat ResearchLior Rochberger
Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa
CHINACHOPPER Ladon Yasso CL-STA-0043
2022-05-09CybereasonLior Rochberger
Cybereason vs. Quantum Locker Ransomware
IcedID Mount Locker
2022-02-08CybereasonLior Rochberger
Cybereason vs. Lorenz Ransomware
Lorenz
2021-08-03CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
CHINACHOPPER Cobalt Strike MimiKatz Nebulae
2021-04-22CybereasonLior Rochberger
Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
Prometei Prometei
2021-01-12CybereasonLior Rochberger
Cybereason vs. Conti Ransomware
BazarBackdoor Conti
2020-11-26CybereasonCybereason Nocturnus, Lior Rochberger
Cybereason vs. Egregor Ransomware
Cobalt Strike Egregor IcedID ISFB QakBot
2020-11-02CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
Back to the Future: Inside the Kimsuky KGH Spyware Suite
BabyShark GoldDragon KGH_SPY Kimsuky
2020-05-28CybereasonAssaf Dahan, Eli Salem, Lior Rochberger
Valak: More than Meets the Eye
Valak
2020-04-30CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Yaron Rimmer
EVENTBOT: A NEW MOBILE BANKING TROJAN IS BORN
Eventbot
2020-02-05CybereasonAssaf Dahan, Lior Rochberger
The Hole in the Bucket: Attackers Abuse Bitbucket to Deliver an Arsenal of Malware
Amadey Azorult Predator The Thief STOP Vidar
2019-12-11CybereasonAssaf Dahan, Eli Salem, Lior Rochberger, Mary Zhao, Matt Hart, Niv Yona, Omer Yampel
Dropping Anchor: From a TrickBot Infection to the Discovery of the Anchor Malware
Anchor WIZARD SPIDER
2019-10-24CybereasonAssaf Dahan, Cybereason Nocturnus, Lior Rochberger
Hunting Raccoon: The new Masked Bandit on the Block
Raccoon
2019-04-02CybereasonLior Rochberger, Matan Zatz, Noa Pinkas
Triple Threat: Emotet Deploys Trickbot to Steal Data & Spread Ryuk
Ryuk TrickBot
2019-01-03CybereasonEli Salem, Lior Rochberger, Niv Yona
LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack
sLoad