Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-09Medium walmartglobaltechJason Reaves, Joshua Platt, Jonathan Mccay
@online{reaves:20230509:metastealer:11ef397, author = {Jason Reaves and Joshua Platt and Jonathan Mccay}, title = {{MetaStealer string decryption and DGA overview}}, date = {2023-05-09}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/metastealer-string-decryption-and-dga-overview-5f38f76830cd}, language = {English}, urldate = {2023-05-11} } MetaStealer string decryption and DGA overview
MetaStealer
2023-05-03METABen Nimmo, Nathaniel Gleicher
@online{nimmo:20230503:metas:b21c75a, author = {Ben Nimmo and Nathaniel Gleicher}, title = {{Meta’s Adversarial Threat Report, First Quarter 2023}}, date = {2023-05-03}, organization = {META}, url = {https://about.fb.com/news/2023/05/metas-adversarial-threat-report-first-quarter-2023/}, language = {English}, urldate = {2023-05-04} } Meta’s Adversarial Threat Report, First Quarter 2023
2023-01-19CiscoGuilherme Venere
@online{venere:20230119:following:c60f349, author = {Guilherme Venere}, title = {{Following the LNK metadata trail}}, date = {2023-01-19}, organization = {Cisco}, url = {https://blog.talosintelligence.com/following-the-lnk-metadata-trail}, language = {English}, urldate = {2023-04-06} } Following the LNK metadata trail
BumbleBee PhotoLoader QakBot
2023-01-13Metabase QLeonardo Beltran, Diana Tadeo
@online{beltran:20230113:grandoreiro:751868d, author = {Leonardo Beltran and Diana Tadeo}, title = {{Grandoreiro banking malware: deciphering the DGA}}, date = {2023-01-13}, organization = {Metabase Q}, url = {https://www.metabaseq.com/grandoreiro-banking-malware-deciphering-the-dga/}, language = {English}, urldate = {2023-08-30} } Grandoreiro banking malware: deciphering the DGA
Grandoreiro
2022-09-22SentinelOneAleksandar Milenkoski, Juan Andrés Guerrero-Saade, Amitai Ben, Shushan Ehrlich
@techreport{milenkoski:20220922:mystery:bd4bb11, author = {Aleksandar Milenkoski and Juan Andrés Guerrero-Saade and Amitai Ben and Shushan Ehrlich}, title = {{The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities}}, date = {2022-09-22}, institution = {SentinelOne}, url = {https://www.sentinelone.com/wp-content/uploads/2022/09/S1_-SentinelLabs_Metador.pdf}, language = {English}, urldate = {2022-09-30} } The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
2022-09Sentinel LABSAmitai Ben Shushan Ehrlich, Aleksandar Milenkoski, Juan Andrés Guerrero-Saade
@online{ehrlich:202209:mystery:fc2eb1e, author = {Amitai Ben Shushan Ehrlich and Aleksandar Milenkoski and Juan Andrés Guerrero-Saade}, title = {{The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities}}, date = {2022-09}, organization = {Sentinel LABS}, url = {https://assets.sentinelone.com/sentinellabs22/metador}, language = {English}, urldate = {2022-09-30} } The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
2022-08-04METABen Nimmo, David Agranovich, Margarita Franklin, Mike Dvilyanski, Nathaniel Gleicher
@techreport{nimmo:20220804:quarterly:012f23e, author = {Ben Nimmo and David Agranovich and Margarita Franklin and Mike Dvilyanski and Nathaniel Gleicher}, title = {{Quarterly Adversarial Threat Report AUGUST 2022}}, date = {2022-08-04}, institution = {META}, url = {https://about.fb.com/wp-content/uploads/2022/08/Quarterly-Adversarial-Threat-Report-Q2-2022.pdf}, language = {English}, urldate = {2022-08-11} } Quarterly Adversarial Threat Report AUGUST 2022
2022-07-13Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia, Siddhart Shibiraj
@online{navarrete:20220713:cobalt:dd907c3, author = {Chris Navarrete and Durgesh Sangvikar and Yu Fu and Yanhui Jia and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption}}, date = {2022-07-13}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-metadata-encryption-decryption/}, language = {English}, urldate = {2022-07-15} } Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption
Cobalt Strike
2022-05-20nccgroupPeter Gurney
@online{gurney:20220520:metastealer:d3c2f0e, author = {Peter Gurney}, title = {{Metastealer – filling the Racoon void}}, date = {2022-05-20}, organization = {nccgroup}, url = {https://research.nccgroup.com/2022/05/20/metastealer-filling-the-racoon-void/}, language = {English}, urldate = {2023-01-31} } Metastealer – filling the Racoon void
MetaStealer
2022-05-06Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia, Siddhart Shibiraj
@online{navarrete:20220506:cobalt:8248108, author = {Chris Navarrete and Durgesh Sangvikar and Yu Fu and Yanhui Jia and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding}}, date = {2022-05-06}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-metadata-encoding-decoding/}, language = {English}, urldate = {2022-05-09} } Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding
Cobalt Strike
2022-05-04MandiantBrandan Schondorfer, Nader Zaveri, Tyler McLellan, Jennifer Brito
@online{schondorfer:20220504:old:47943c4, author = {Brandan Schondorfer and Nader Zaveri and Tyler McLellan and Jennifer Brito}, title = {{Old Services, New Tricks: Cloud Metadata Abuse by UNC2903}}, date = {2022-05-04}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/cloud-metadata-abuse-unc2903}, language = {English}, urldate = {2022-05-05} } Old Services, New Tricks: Cloud Metadata Abuse by UNC2903
WSO
2022-04-19cybleCyble
@online{cyble:20220419:fake:7acd1c5, author = {Cyble}, title = {{Fake MetaMask App Steals Cryptocurrency}}, date = {2022-04-19}, organization = {cyble}, url = {https://blog.cyble.com/2022/04/19/fake-metamask-app-steals-cryptocurrency/}, language = {English}, urldate = {2022-04-20} } Fake MetaMask App Steals Cryptocurrency
2022-04-10Bleeping ComputerBill Toulas
@online{toulas:20220410:new:1241933, author = {Bill Toulas}, title = {{New Meta information stealer distributed in malspam campaign}}, date = {2022-04-10}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-meta-information-stealer-distributed-in-malspam-campaign/}, language = {English}, urldate = {2022-05-05} } New Meta information stealer distributed in malspam campaign
BlackGuard Mars Stealer Raccoon
2022-04-06SANS ISCBrad Duncan
@online{duncan:20220406:windows:2685e57, author = {Brad Duncan}, title = {{Windows MetaStealer Malware}}, date = {2022-04-06}, organization = {SANS ISC}, url = {https://isc.sans.edu/diary/rss/28522}, language = {English}, urldate = {2022-06-27} } Windows MetaStealer Malware
2022-04-06InfoSec Handlers Diary BlogBrad Duncan
@online{duncan:20220406:windows:3802dbd, author = {Brad Duncan}, title = {{Windows MetaStealer Malware}}, date = {2022-04-06}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/forums/diary/Windows+MetaStealer+Malware/28522/}, language = {English}, urldate = {2022-05-05} } Windows MetaStealer Malware
MetaStealer
2022-04META
@techreport{meta:202204:adversarial:92d4268, author = {META}, title = {{Adversarial Threat Report}}, date = {2022-04}, institution = {}, url = {https://about.fb.com/wp-content/uploads/2022/04/Meta-Quarterly-Adversarial-Threat-Report_Q1-2022.pdf}, language = {English}, urldate = {2022-04-12} } Adversarial Threat Report
2022-02-28Bleeping ComputerSergiu Gatlan
@online{gatlan:20220228:meta:70850f0, author = {Sergiu Gatlan}, title = {{Meta: Ukrainian officials, military targeted by Ghostwriter hackers}}, date = {2022-02-28}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/meta-ukrainian-officials-military-targeted-by-ghostwriter-hackers}, language = {English}, urldate = {2022-07-25} } Meta: Ukrainian officials, military targeted by Ghostwriter hackers
Ghostwriter
2022-02-28Twitter (@M_haggis)The Haag
@online{haag:20220228:parsing:7eb8f68, author = {The Haag}, title = {{Tweet on parsing Daxin driver metadata using powershell}}, date = {2022-02-28}, organization = {Twitter (@M_haggis)}, url = {https://twitter.com/M_haggis/status/1498399791276912640}, language = {English}, urldate = {2022-03-07} } Tweet on parsing Daxin driver metadata using powershell
Daxin
2022-02-28Bleeping ComputerSergiu Gatlan
@online{gatlan:20220228:meta:7d5b51a, author = {Sergiu Gatlan}, title = {{Meta: Ukrainian officials, military targeted by Ghostwriter hackers}}, date = {2022-02-28}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/meta-ukrainian-officials-military-targeted-by-ghostwriter-hackers/}, language = {English}, urldate = {2022-03-07} } Meta: Ukrainian officials, military targeted by Ghostwriter hackers
Ghostwriter
2022-02-26METAMETA
@online{meta:20220226:metas:b01fa9a, author = {META}, title = {{Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine}}, date = {2022-02-26}, organization = {META}, url = {https://about.fb.com/news/2022/02/metas-ongoing-efforts-regarding-russias-invasion-of-ukraine/}, language = {English}, urldate = {2022-03-02} } Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine