Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-25CrowdStrikewilliam thomas, Adrian Liviu Arsene, Farid Hendi
@online{thomas:20220225:crowdstrike:6af36f9, author = {william thomas and Adrian Liviu Arsene and Farid Hendi}, title = {{CrowdStrike Falcon Protects from New Wiper Malware Used in Ukraine Cyberattacks}}, date = {2022-02-25}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-falcon-protects-against-wiper-malware-used-in-ukraine-attacks/}, language = {English}, urldate = {2022-03-02} } CrowdStrike Falcon Protects from New Wiper Malware Used in Ukraine Cyberattacks
HermeticWiper
2022-01-31CrowdStrikeSarang Sonawane, Liviu Arsene
@online{sonawane:20220131:crowdstrike:1fd4945, author = {Sarang Sonawane and Liviu Arsene}, title = {{CrowdStrike Falcon Proactively Protects Against Wiper Malware as CISA Warns U.S. Companies of Potential Attacks}}, date = {2022-01-31}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-protects-against-data-wiping-malware/}, language = {English}, urldate = {2022-02-02} } CrowdStrike Falcon Proactively Protects Against Wiper Malware as CISA Warns U.S. Companies of Potential Attacks
WhisperGate
2021-11-17CrowdStrikeThomas Moses, Sarang Sonawane, Liviu Arsene
@online{moses:20211117:ransomware:5d7431b, author = {Thomas Moses and Sarang Sonawane and Liviu Arsene}, title = {{Ransomware (R)evolution Plagues Organizations, But CrowdStrike Protection Never Wavers}}, date = {2021-11-17}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-prevents-volume-shadow-tampering-by-lockbit-ransomware/}, language = {English}, urldate = {2021-11-19} } Ransomware (R)evolution Plagues Organizations, But CrowdStrike Protection Never Wavers
LockBit
2021-08-11CrowdStrikeLiviu Arsene
@online{arsene:20210811:teaching:aeec28a, author = {Liviu Arsene}, title = {{Teaching an Old Dog New Tricks: 2017 Magniber Ransomware Uses PrintNightmare Vulnerability to Infect Victims in South Korea}}, date = {2021-08-11}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/magniber-ransomware-caught-using-printnightmare-vulnerability/}, language = {English}, urldate = {2021-09-02} } Teaching an Old Dog New Tricks: 2017 Magniber Ransomware Uses PrintNightmare Vulnerability to Infect Victims in South Korea
Magniber
2021-07-07CrowdStrikeKaran Sood, Liviu Arsene
@online{sood:20210707:how:84886a9, author = {Karan Sood and Liviu Arsene}, title = {{How CrowdStrike Falcon Stops REvil Ransomware Used in the Kaseya Attack}}, date = {2021-07-07}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-stops-revil-ransomware-from-kaseya-attack/}, language = {English}, urldate = {2021-07-19} } How CrowdStrike Falcon Stops REvil Ransomware Used in the Kaseya Attack
REvil
2021-06-10CrowdStrikeFarid Hendi, Liviu Arsene
@online{hendi:20210610:crowdstrike:ed1b61b, author = {Farid Hendi and Liviu Arsene}, title = {{CrowdStrike Falcon Protects Customers from Recent COZY BEAR Sophisticated Phishing Campaign}}, date = {2021-06-10}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-protects-against-recent-cozy-bear-phishing-campaign/}, language = {English}, urldate = {2021-06-24} } CrowdStrike Falcon Protects Customers from Recent COZY BEAR Sophisticated Phishing Campaign
2020-11-23BitdefenderLiviu Arsene, Radu Tudorica
@online{arsene:20201123:trickbot:bcf3c42, author = {Liviu Arsene and Radu Tudorica}, title = {{TrickBot is Dead. Long Live TrickBot!}}, date = {2020-11-23}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/11/trickbot-is-dead-long-live-trickbot/}, language = {English}, urldate = {2020-11-25} } TrickBot is Dead. Long Live TrickBot!
TrickBot
2020-11-16BitdefenderVictor Vrabie, Liviu Arsene
@techreport{vrabie:20201116:dissecting:1b39d4d, author = {Victor Vrabie and Liviu Arsene}, title = {{Dissecting a Chinese APT Targeting South Eastern Asian Government Institutions}}, date = {2020-11-16}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/379/Bitdefender-Whitepaper-Chinese-APT.pdf}, language = {English}, urldate = {2020-11-18} } Dissecting a Chinese APT Targeting South Eastern Asian Government Institutions
Chinoxy FunnyDream
2020-10-15BitdefenderSilvia Pripoae, Liviu Arsene
@techreport{pripoae:20201015:looking:9414244, author = {Silvia Pripoae and Liviu Arsene}, title = {{Looking Into the Eye of the Interplanetary Storm}}, date = {2020-10-15}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/376/Bitdefender-Whitepaper-IPStorm.pdf}, language = {English}, urldate = {2020-10-23} } Looking Into the Eye of the Interplanetary Storm
IPStorm IPStorm
2020-08-20BitdefenderLiviu Arsene, Victor Vrabie, Bogdan Rusu, Alexandru Maximciuc, Cristina Vatamanu
@techreport{arsene:20200820:more:a98fa7e, author = {Liviu Arsene and Victor Vrabie and Bogdan Rusu and Alexandru Maximciuc and Cristina Vatamanu}, title = {{More Evidence of APT Hackers-for-Hire Usedfor Industrial Espionage}}, date = {2020-08-20}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/365/Bitdefender-PR-Whitepaper-APTHackers-creat4740-en-EN-GenericUse.pdf}, language = {English}, urldate = {2020-08-27} } More Evidence of APT Hackers-for-Hire Usedfor Industrial Espionage
2020-06-30BitdefenderLiviu Arsene, Radu Tudorica, Cristina Vatamanu, Alexandru Maximciuc
@techreport{arsene:20200630:strongpity:ed365fb, author = {Liviu Arsene and Radu Tudorica and Cristina Vatamanu and Alexandru Maximciuc}, title = {{StrongPity APT - Revealing Trojanized Tools, Working Hours and Infrastructure}}, date = {2020-06-30}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/353/Bitdefender-Whitepaper-StrongPity-APT.pdf}, language = {English}, urldate = {2020-06-30} } StrongPity APT - Revealing Trojanized Tools, Working Hours and Infrastructure
StrongPity
2020-05-21BitdefenderLiviu Arsene, Bogdan Rusu
@techreport{arsene:20200521:iranian:d9e1468, author = {Liviu Arsene and Bogdan Rusu}, title = {{Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia}}, date = {2020-05-21}, institution = {Bitdefender}, url = {https://bitdefender.com/files/News/CaseStudies/study/332/Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive.pdf}, language = {English}, urldate = {2020-05-23} } Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
MimiKatz Remexi
2020-05-18CrowdStrikeKaran Sood, Shaun Hurley, Liviu Arsene
@online{sood:20200518:darkside:a32cfcd, author = {Karan Sood and Shaun Hurley and Liviu Arsene}, title = {{DarkSide Goes Dark: How CrowdStrike Falcon Customers Were Protected}}, date = {2020-05-18}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/falcon-protects-from-darkside-ransomware/}, language = {English}, urldate = {2021-06-09} } DarkSide Goes Dark: How CrowdStrike Falcon Customers Were Protected
DarkSide DarkSide
2020-05-13BitdefenderLiviu Arsene
@online{arsene:20200513:global:6217d6f, author = {Liviu Arsene}, title = {{Global Ransomware and Cyberattacks on Healthcare Spike during Pandemic}}, date = {2020-05-13}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/05/global-ransomware-and-cyberattacks-on-healthcare-spike-during-pandemic/?utm_campaign=twitter&utm_medium=twitter&utm_source=twitter}, language = {English}, urldate = {2020-07-06} } Global Ransomware and Cyberattacks on Healthcare Spike during Pandemic
2020-03-26BitdefenderLiviu Arsene
@online{arsene:20200326:android:946032b, author = {Liviu Arsene}, title = {{Android Apps and Malware Capitalize on Coronavirus}}, date = {2020-03-26}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/03/android-apps-and-malware-capitalize-on-coronavirus}, language = {English}, urldate = {2020-03-26} } Android Apps and Malware Capitalize on Coronavirus
Anubis Joker
2020-03-25BitdefenderLiviu Arsene
@online{arsene:20200325:new:51ce027, author = {Liviu Arsene}, title = {{New Router DNS Hijacking Attacks Abuse Bitbucket to Host Infostealer}}, date = {2020-03-25}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/03/new-router-dns-hijacking-attacks-abuse-bitbucket-to-host-infostealer/}, language = {English}, urldate = {2020-03-30} } New Router DNS Hijacking Attacks Abuse Bitbucket to Host Infostealer
Oski Stealer
2020-03-20BitdefenderLiviu Arsene
@online{arsene:20200320:5:46813c6, author = {Liviu Arsene}, title = {{5 Times More Coronavirus-themed Malware Reports during March}}, date = {2020-03-20}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/03/5-times-more-coronavirus-themed-malware-reports-during-march/?utm_campaign=twitter&utm_medium=twitter&utm_source=twitter}, language = {English}, urldate = {2020-03-26} } 5 Times More Coronavirus-themed Malware Reports during March
ostap HawkEye Keylogger Koadic Loki Password Stealer (PWS) Nanocore RAT Remcos
2020-03-18BitdefenderLiviu Arsene, Radu Tudorica, Alexandru Maximciuc, Cristina Vatamanu
@techreport{arsene:20200318:new:2d895da, author = {Liviu Arsene and Radu Tudorica and Alexandru Maximciuc and Cristina Vatamanu}, title = {{New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong}}, date = {2020-03-18}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/316/Bitdefender-Whitepaper-TrickBot-en-EN-interactive.pdf}, language = {English}, urldate = {2020-03-19} } New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong
TrickBot
2020-01-07BitdefenderLiviu Arsene
@online{arsene:20200107:hold:b9c1aa4, author = {Liviu Arsene}, title = {{Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining}}, date = {2020-01-07}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/01/hold-my-beer-mirai-spinoff-named-liquorbot-incorporates-cryptomining/}, language = {English}, urldate = {2020-01-13} } Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining
LiquorBot
2017-10-26MacworldLiviu Arsene
@online{arsene:20171026:keranger:a908ea4, author = {Liviu Arsene}, title = {{Keranger: the first “in-the-wild” ransomware for Macs. But certainly not the last}}, date = {2017-10-26}, organization = {Macworld}, url = {https://www.macworld.com/article/3234650/macs/keranger-the-first-in-the-wild-ransomware-for-macs-but-certainly-not-the-last.html}, language = {English}, urldate = {2020-01-08} } Keranger: the first “in-the-wild” ransomware for Macs. But certainly not the last
KeRanger