Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-13TrustwaveLloyd Macrohon, Rodel Mendrez
@online{macrohon:20220113:decrypting:274747e, author = {Lloyd Macrohon and Rodel Mendrez}, title = {{Decrypting Qakbot’s Encrypted Registry Keys}}, date = {2022-01-13}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/decrypting-qakbots-encrypted-registry-keys/}, language = {English}, urldate = {2022-01-25} } Decrypting Qakbot’s Encrypted Registry Keys
QakBot
2021-10-15TrustwaveRodel Mendrez, Lloyd Macrohon
@online{mendrez:20211015:blackbyte:4dfd5aa, author = {Rodel Mendrez and Lloyd Macrohon}, title = {{BlackByte Ransomware – Pt. 1 In-depth Analysis}}, date = {2021-10-15}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-1-in-depth-analysis/}, language = {English}, urldate = {2021-11-03} } BlackByte Ransomware – Pt. 1 In-depth Analysis
2021-10-15TrustwaveRodel Mendrez, Lloyd Macrohon
@online{mendrez:20211015:blackbyte:22439d3, author = {Rodel Mendrez and Lloyd Macrohon}, title = {{BlackByte Ransomware – Pt 2. Code Obfuscation Analysis}}, date = {2021-10-15}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-2-code-obfuscation-analysis/}, language = {English}, urldate = {2021-11-03} } BlackByte Ransomware – Pt 2. Code Obfuscation Analysis
2021-07-03Twitter (@LloydLabs)Lloyd
@online{lloyd:20210703:twitter:b42ed13, author = {Lloyd}, title = {{Twitter Thread on Revil sideloading DLL used in Kaseya attack}}, date = {2021-07-03}, organization = {Twitter (@LloydLabs)}, url = {https://twitter.com/LloydLabs/status/1411098844209819648}, language = {English}, urldate = {2021-07-24} } Twitter Thread on Revil sideloading DLL used in Kaseya attack
REvil
2021-05-04TrustwaveLloyd Macrohon, Rodel Mendrez
@online{macrohon:20210504:pingback:4988e88, author = {Lloyd Macrohon and Rodel Mendrez}, title = {{Pingback: Backdoor At The End Of The ICMP Tunnel}}, date = {2021-05-04}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/backdoor-at-the-end-of-the-icmp-tunnel/}, language = {English}, urldate = {2021-05-04} } Pingback: Backdoor At The End Of The ICMP Tunnel
PingBack
2020-04-10TrustwaveJoshua Deacon, Lloyd Macrohon
@online{deacon:20200410:indepth:13fc66f, author = {Joshua Deacon and Lloyd Macrohon}, title = {{An In-depth Look at MailTo Ransomware, Part Three of Three}}, date = {2020-04-10}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/an-in-depth-look-at-mailto-ransomware-part-three-of-three/}, language = {English}, urldate = {2020-04-14} } An In-depth Look at MailTo Ransomware, Part Three of Three
Mailto
2020-04-08TrustwaveJoshua Deacon, Lloyd Macrohon
@online{deacon:20200408:indepth:c6628d7, author = {Joshua Deacon and Lloyd Macrohon}, title = {{An In-depth Look at MailTo Ransomware, Part Two of Three}}, date = {2020-04-08}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/an-in-depth-look-at-mailto-ransomware-part-two-of-three/}, language = {English}, urldate = {2020-04-14} } An In-depth Look at MailTo Ransomware, Part Two of Three
Mailto
2020-03-31TrustwaveJoshua Deacon, Lloyd Macrohon
@online{deacon:20200331:indepth:3719ebb, author = {Joshua Deacon and Lloyd Macrohon}, title = {{An In-depth Look at MailTo Ransomware, Part One of Three}}, date = {2020-03-31}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/an-in-depth-look-at-mailto-ransomware-part-one-of-three/}, language = {English}, urldate = {2020-04-14} } An In-depth Look at MailTo Ransomware, Part One of Three
Mailto
2017-11-17LloydLabsLloyd Davies
@online{davies:20171117:part:cf7e1c8, author = {Lloyd Davies}, title = {{[Part 1] - Analysing the New Linux/AES.DDoS IoT Malware}}, date = {2017-11-17}, organization = {LloydLabs}, url = {https://blog.syscall.party/post/aes-ddos-analysis-part-1/}, language = {English}, urldate = {2022-07-01} } [Part 1] - Analysing the New Linux/AES.DDoS IoT Malware
Dofloo
2007-04-03USENIXKen Chiang, Levi Lloyd
@online{chiang:20070403:case:5dd68c2, author = {Ken Chiang and Levi Lloyd}, title = {{A Case Study of the Rustock Rootkit and Spam Bot}}, date = {2007-04-03}, organization = {USENIX}, url = {https://www.usenix.org/legacy/event/hotbots07/tech/full_papers/chiang/chiang_html/index.html}, language = {English}, urldate = {2019-12-17} } A Case Study of the Rustock Rootkit and Spam Bot
Rustock