Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-20MalwarebytesHossein Jazi
@online{jazi:20210820:new:2efd65e, author = {Hossein Jazi}, title = {{New variant of Konni malware used in campaign targetting Russia}}, date = {2021-08-20}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2021/08/new-variant-of-konni-malware-used-in-campaign-targetting-russia/}, language = {English}, urldate = {2021-08-25} } New variant of Konni malware used in campaign targetting Russia
Konni
2021-07-28MalwarebytesHossein Jazi
@online{jazi:20210728:crimea:02098e0, author = {Hossein Jazi}, title = {{Crimea “manifesto” deploys VBA Rat using double attack vectors}}, date = {2021-07-28}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-intelligence/2021/07/crimea-manifesto-deploys-vba-rat-using-double-attack-vectors/}, language = {English}, urldate = {2021-08-02} } Crimea “manifesto” deploys VBA Rat using double attack vectors
2021-07-26MalwarebytesThomas Reed
@online{reed:20210726:osxxloader:b3818a3, author = {Thomas Reed}, title = {{OSX.XLoader hides little except its main purpose: What we learned in the installation process}}, date = {2021-07-26}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/mac/2021/07/osx-xloader-hides-little-except-its-main-purpose-what-we-learned-in-the-installation-process/}, language = {English}, urldate = {2021-08-02} } OSX.XLoader hides little except its main purpose: What we learned in the installation process
Xloader
2021-07-23Malwarebyteshasherezade
@online{hasherezade:20210723:avoslocker:54f3a60, author = {hasherezade}, title = {{AvosLocker enters the ransomware scene, asks for partners}}, date = {2021-07-23}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/07/avoslocker-enters-the-ransomware-scene-asks-for-partners/}, language = {English}, urldate = {2021-07-26} } AvosLocker enters the ransomware scene, asks for partners
AvosLocker
2021-07-21MalwarebytesMalwarebytes
@online{malwarebytes:20210721:life:2751d60, author = {Malwarebytes}, title = {{The life and death of the ZeuS Trojan}}, date = {2021-07-21}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/101/2021/07/the-life-and-death-of-the-zeus-trojan/}, language = {English}, urldate = {2021-07-22} } The life and death of the ZeuS Trojan
Zeus
2021-07-19MalwarebytesErika Noerenberg
@online{noerenberg:20210719:remcos:fdf8bd6, author = {Erika Noerenberg}, title = {{Remcos RAT delivered via Visual Basic}}, date = {2021-07-19}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/07/remcos-rat-delivered-via-visual-basic/}, language = {English}, urldate = {2021-07-26} } Remcos RAT delivered via Visual Basic
Remcos
2021-07-16Twitter (@MBThreatIntel)Malwarebytes Threat Intelligence
@online{intelligence:20210716:magecart:3ba6f5b, author = {Malwarebytes Threat Intelligence}, title = {{Tweet on Magecart skimmer using steganography}}, date = {2021-07-16}, organization = {Twitter (@MBThreatIntel)}, url = {https://twitter.com/MBThreatIntel/status/1416101496022724609}, language = {English}, urldate = {2021-07-20} } Tweet on Magecart skimmer using steganography
magecart
2021-07-06Twitter (@MBThreatIntel)Malwarebytes Threat Intelligence
@online{intelligence:20210706:malspam:083ba5a, author = {Malwarebytes Threat Intelligence}, title = {{Tweet on a malspam campaign that is taking advantage of Kaseya VSA ransomware attack to drop CobaltStrike}}, date = {2021-07-06}, organization = {Twitter (@MBThreatIntel)}, url = {https://twitter.com/MBThreatIntel/status/1412518446013812737}, language = {English}, urldate = {2021-07-09} } Tweet on a malspam campaign that is taking advantage of Kaseya VSA ransomware attack to drop CobaltStrike
Cobalt Strike
2021-06-28MalwarebytesJérôme Segura
@online{segura:20210628:lil:e675ba5, author = {Jérôme Segura}, title = {{Lil' skimmer, the Magecart impersonator - Malwarebytes Labs}}, date = {2021-06-28}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2021/06/lil-skimmer-the-magecart-impersonator/}, language = {English}, urldate = {2021-07-09} } Lil' skimmer, the Magecart impersonator - Malwarebytes Labs
magecart
2021-06-01MalwarebytesHossein Jazi
@online{jazi:20210601:kimsuky:922141b, author = {Hossein Jazi}, title = {{Kimsuky APT continues to target South Korean government using AppleSeed backdoor}}, date = {2021-06-01}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/06/kimsuky-apt-continues-to-target-south-korean-government-using-appleseed-backdoor/}, language = {English}, urldate = {2021-06-09} } Kimsuky APT continues to target South Korean government using AppleSeed backdoor
Appleseed
2021-05-28Twitter (@MBThreatIntel)Malwarebytes Threat Intelligence
@online{intelligence:20210528:web:bb73260, author = {Malwarebytes Threat Intelligence}, title = {{Tweet on web skimmer hiding JavaScript inside images for exfiltration}}, date = {2021-05-28}, organization = {Twitter (@MBThreatIntel)}, url = {https://twitter.com/MBThreatIntel/status/1398037002923110400?s=20}, language = {English}, urldate = {2021-06-09} } Tweet on web skimmer hiding JavaScript inside images for exfiltration
2021-05-13MalwarebytesJérôme Segura
@online{segura:20210513:newly:396ce52, author = {Jérôme Segura}, title = {{Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity}}, date = {2021-05-13}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2021/05/newly-observed-php-based-skimmer-shows-ongoing-magecart-group-12-activity/}, language = {English}, urldate = {2021-05-17} } Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity
magecart
2021-04-19MalwarebytesHossein Jazi
@online{jazi:20210419:lazarus:dd2c372, author = {Hossein Jazi}, title = {{Lazarus APT conceals malicious code within BMP image to drop its RAT}}, date = {2021-04-19}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/malwarebytes-news/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/}, language = {English}, urldate = {2021-06-25} } Lazarus APT conceals malicious code within BMP image to drop its RAT
BISTROMATH
2021-04-06MalwarebytesHossein Jazi
@online{jazi:20210406:aurora:af2fbd7, author = {Hossein Jazi}, title = {{Aurora campaign: Attacking Azerbaijan using multiple RATs}}, date = {2021-04-06}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/04/aurora-campaign-attacking-azerbaijan-using-multiple-rats/}, language = {English}, urldate = {2021-04-09} } Aurora campaign: Attacking Azerbaijan using multiple RATs
2021-04-06MalwarebytesThreat Intelligence Team
@online{team:20210406:deep:6279974, author = {Threat Intelligence Team}, title = {{A deep dive into Saint Bot, a new downloader}}, date = {2021-04-06}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/04/a-deep-dive-into-saint-bot-downloader/}, language = {English}, urldate = {2021-04-12} } A deep dive into Saint Bot, a new downloader
Saint Bot
2021-03-25MalwarebytesMalwarebytes Labs
@online{labs:20210325:perkiler:3733a75, author = {Malwarebytes Labs}, title = {{Perkiler malware turns to SMB brute force to spread}}, date = {2021-03-25}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/trojans/2021/03/perkiler-malware-turns-to-smb-brute-force-to-spread/}, language = {English}, urldate = {2021-03-30} } Perkiler malware turns to SMB brute force to spread
win.purplefox
2021-03-24MalwarebytesThreat Intelligence Team
@online{team:20210324:software:f896085, author = {Threat Intelligence Team}, title = {{Software renewal scammers unmasked}}, date = {2021-03-24}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2021/03/software-renewal-scammers-unmasked/}, language = {English}, urldate = {2021-03-25} } Software renewal scammers unmasked
2021-03-18MalwarebytesJovi Umawing
@online{umawing:20210318:hellokitty:1527547, author = {Jovi Umawing}, title = {{HelloKitty: When Cyberpunk met cy-purr-crime}}, date = {2021-03-18}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-spotlight/2021/03/hellokitty-when-cyberpunk-met-cy-purr-crime/}, language = {English}, urldate = {2021-03-19} } HelloKitty: When Cyberpunk met cy-purr-crime
HelloKitty
2021-03-09MalwarebytesPieter Arntz
@online{arntz:20210309:microsoft:9f7d246, author = {Pieter Arntz}, title = {{Microsoft Exchange attacks cause panic as criminals go shell collecting}}, date = {2021-03-09}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/malwarebytes-news/2021/03/microsoft-exchange-attacks-cause-panic-as-criminals-go-shell-collecting/}, language = {English}, urldate = {2021-03-11} } Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-05MalwarebytesHossein Jazi
@online{jazi:20210305:new:eb1e365, author = {Hossein Jazi}, title = {{New steganography attack targets Azerbaijan}}, date = {2021-03-05}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/03/new-steganography-attack-targets-azerbaijan/}, language = {English}, urldate = {2021-03-22} } New steganography attack targets Azerbaijan