Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-22SentinelOneAleksandar Milenkoski, Juan Andrés Guerrero-Saade, Amitai Ben, Shushan Ehrlich
@techreport{milenkoski:20220922:mystery:bd4bb11, author = {Aleksandar Milenkoski and Juan Andrés Guerrero-Saade and Amitai Ben and Shushan Ehrlich}, title = {{The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities}}, date = {2022-09-22}, institution = {SentinelOne}, url = {https://www.sentinelone.com/wp-content/uploads/2022/09/S1_-SentinelLabs_Metador.pdf}, language = {English}, urldate = {2022-09-30} } The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
2022-09Sentinel LABSAmitai Ben Shushan Ehrlich, Aleksandar Milenkoski, Juan Andrés Guerrero-Saade
@online{ehrlich:202209:mystery:fc2eb1e, author = {Amitai Ben Shushan Ehrlich and Aleksandar Milenkoski and Juan Andrés Guerrero-Saade}, title = {{The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities}}, date = {2022-09}, organization = {Sentinel LABS}, url = {https://assets.sentinelone.com/sentinellabs22/metador}, language = {English}, urldate = {2022-09-30} } The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
2022-08-04METABen Nimmo, David Agranovich, Margarita Franklin, Mike Dvilyanski, Nathaniel Gleicher
@techreport{nimmo:20220804:quarterly:012f23e, author = {Ben Nimmo and David Agranovich and Margarita Franklin and Mike Dvilyanski and Nathaniel Gleicher}, title = {{Quarterly Adversarial Threat Report AUGUST 2022}}, date = {2022-08-04}, institution = {META}, url = {https://about.fb.com/wp-content/uploads/2022/08/Quarterly-Adversarial-Threat-Report-Q2-2022.pdf}, language = {English}, urldate = {2022-08-11} } Quarterly Adversarial Threat Report AUGUST 2022
2022-07-13Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia, Siddhart Shibiraj
@online{navarrete:20220713:cobalt:dd907c3, author = {Chris Navarrete and Durgesh Sangvikar and Yu Fu and Yanhui Jia and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption}}, date = {2022-07-13}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-metadata-encryption-decryption/}, language = {English}, urldate = {2022-07-15} } Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption
Cobalt Strike
2022-05-20nccgroupPeter Gurney
@online{gurney:20220520:metastealer:d3c2f0e, author = {Peter Gurney}, title = {{Metastealer – filling the Racoon void}}, date = {2022-05-20}, organization = {nccgroup}, url = {https://research.nccgroup.com/2022/05/20/metastealer-filling-the-racoon-void/}, language = {English}, urldate = {2023-01-31} } Metastealer – filling the Racoon void
MetaStealer
2022-05-06Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia, Siddhart Shibiraj
@online{navarrete:20220506:cobalt:8248108, author = {Chris Navarrete and Durgesh Sangvikar and Yu Fu and Yanhui Jia and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding}}, date = {2022-05-06}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-metadata-encoding-decoding/}, language = {English}, urldate = {2022-05-09} } Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding
Cobalt Strike
2022-05-04MandiantBrandan Schondorfer, Nader Zaveri, Tyler McLellan, Jennifer Brito
@online{schondorfer:20220504:old:47943c4, author = {Brandan Schondorfer and Nader Zaveri and Tyler McLellan and Jennifer Brito}, title = {{Old Services, New Tricks: Cloud Metadata Abuse by UNC2903}}, date = {2022-05-04}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/cloud-metadata-abuse-unc2903}, language = {English}, urldate = {2022-05-05} } Old Services, New Tricks: Cloud Metadata Abuse by UNC2903
WSO
2022-04-19cybleCyble
@online{cyble:20220419:fake:7acd1c5, author = {Cyble}, title = {{Fake MetaMask App Steals Cryptocurrency}}, date = {2022-04-19}, organization = {cyble}, url = {https://blog.cyble.com/2022/04/19/fake-metamask-app-steals-cryptocurrency/}, language = {English}, urldate = {2022-04-20} } Fake MetaMask App Steals Cryptocurrency
2022-04-10Bleeping ComputerBill Toulas
@online{toulas:20220410:new:1241933, author = {Bill Toulas}, title = {{New Meta information stealer distributed in malspam campaign}}, date = {2022-04-10}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-meta-information-stealer-distributed-in-malspam-campaign/}, language = {English}, urldate = {2022-05-05} } New Meta information stealer distributed in malspam campaign
BlackGuard Mars Stealer Raccoon
2022-04-06SANS ISCBrad Duncan
@online{duncan:20220406:windows:2685e57, author = {Brad Duncan}, title = {{Windows MetaStealer Malware}}, date = {2022-04-06}, organization = {SANS ISC}, url = {https://isc.sans.edu/diary/rss/28522}, language = {English}, urldate = {2022-06-27} } Windows MetaStealer Malware
2022-04-06InfoSec Handlers Diary BlogBrad Duncan
@online{duncan:20220406:windows:3802dbd, author = {Brad Duncan}, title = {{Windows MetaStealer Malware}}, date = {2022-04-06}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/forums/diary/Windows+MetaStealer+Malware/28522/}, language = {English}, urldate = {2022-05-05} } Windows MetaStealer Malware
MetaStealer
2022-04META
@techreport{meta:202204:adversarial:92d4268, author = {META}, title = {{Adversarial Threat Report}}, date = {2022-04}, institution = {}, url = {https://about.fb.com/wp-content/uploads/2022/04/Meta-Quarterly-Adversarial-Threat-Report_Q1-2022.pdf}, language = {English}, urldate = {2022-04-12} } Adversarial Threat Report
2022-02-28Bleeping ComputerSergiu Gatlan
@online{gatlan:20220228:meta:70850f0, author = {Sergiu Gatlan}, title = {{Meta: Ukrainian officials, military targeted by Ghostwriter hackers}}, date = {2022-02-28}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/meta-ukrainian-officials-military-targeted-by-ghostwriter-hackers}, language = {English}, urldate = {2022-07-25} } Meta: Ukrainian officials, military targeted by Ghostwriter hackers
Ghostwriter
2022-02-28Twitter (@M_haggis)The Haag
@online{haag:20220228:parsing:7eb8f68, author = {The Haag}, title = {{Tweet on parsing Daxin driver metadata using powershell}}, date = {2022-02-28}, organization = {Twitter (@M_haggis)}, url = {https://twitter.com/M_haggis/status/1498399791276912640}, language = {English}, urldate = {2022-03-07} } Tweet on parsing Daxin driver metadata using powershell
Daxin
2022-02-28Bleeping ComputerSergiu Gatlan
@online{gatlan:20220228:meta:7d5b51a, author = {Sergiu Gatlan}, title = {{Meta: Ukrainian officials, military targeted by Ghostwriter hackers}}, date = {2022-02-28}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/meta-ukrainian-officials-military-targeted-by-ghostwriter-hackers/}, language = {English}, urldate = {2022-03-07} } Meta: Ukrainian officials, military targeted by Ghostwriter hackers
Ghostwriter
2022-02-26METAMETA
@online{meta:20220226:metas:b01fa9a, author = {META}, title = {{Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine}}, date = {2022-02-26}, organization = {META}, url = {https://about.fb.com/news/2022/02/metas-ongoing-efforts-regarding-russias-invasion-of-ukraine/}, language = {English}, urldate = {2022-03-02} } Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine
2022-02-09Bleeping ComputerSergiu Gatlan
@online{gatlan:20220209:meta:e9ad250, author = {Sergiu Gatlan}, title = {{Meta and Chime sue Nigerians behind Facebook, Instagram phishing}}, date = {2022-02-09}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/meta-and-chime-sue-nigerians-behind-facebook-instagram-phishing/}, language = {English}, urldate = {2022-02-10} } Meta and Chime sue Nigerians behind Facebook, Instagram phishing
2022-02-02IBMKevin Henson
@online{henson:20220202:trickbot:fd4964d, author = {Kevin Henson}, title = {{TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware}}, date = {2022-02-02}, organization = {IBM}, url = {https://securityintelligence.com/posts/trickbot-gang-template-based-metaprogramming-bazar-malware/}, language = {English}, urldate = {2022-02-04} } TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware
BazarBackdoor TrickBot
2021-12-07sysdigAlberto Pellitteri
@online{pellitteri:20211207:threat:1b9039a, author = {Alberto Pellitteri}, title = {{Threat news: TeamTNT stealing credentials using EC2 Instance Metadata}}, date = {2021-12-07}, organization = {sysdig}, url = {https://sysdig.com/blog/teamtnt-aws-credentials/}, language = {English}, urldate = {2021-12-08} } Threat news: TeamTNT stealing credentials using EC2 Instance Metadata
TeamTNT
2021-11-16METAMike Dvilyanski, David Agranovich
@online{dvilyanski:20211116:taking:7d056cc, author = {Mike Dvilyanski and David Agranovich}, title = {{Taking Action Against Hackers in Pakistan and Syria}}, date = {2021-11-16}, organization = {META}, url = {https://about.fb.com/news/2021/11/taking-action-against-hackers-in-pakistan-and-syria/}, language = {English}, urldate = {2021-11-17} } Taking Action Against Hackers in Pakistan and Syria
SideCopy