Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-31CERT.PLMarcin Dudek, Michał Praszmo
@online{dudek:20211231:iko:bd137c3, author = {Marcin Dudek and Michał Praszmo}, title = {{IKO activation - Malware campaign}}, date = {2021-12-31}, organization = {CERT.PL}, url = {https://cert.pl/posts/2021/12/aktywacja-aplikacji-iko/}, language = {Polish}, urldate = {2022-01-05} } IKO activation - Malware campaign
Coper
2021-12-10Mississippi State UniversityDeMarcus M. Thomas Sr.
@online{sr:20211210:detecting:8a6e597, author = {DeMarcus M. Thomas Sr.}, title = {{Detecting malware in memory with memory object relationships}}, date = {2021-12-10}, organization = {Mississippi State University}, url = {https://scholarsjunction.msstate.edu/cgi/viewcontent.cgi?article=6309&context=td}, language = {English}, urldate = {2021-12-31} } Detecting malware in memory with memory object relationships
2021-11-17MalwareTechMarcus Hutchins
@online{hutchins:20211117:indepth:8fa7808, author = {Marcus Hutchins}, title = {{An in-depth look at hacking back, active defense, and cyber letters of marque}}, date = {2021-11-17}, organization = {MalwareTech}, url = {https://www.malwaretech.com/2021/11/an-in-depth-look-at-hacking-back-active-defense-and-cyber-letters-of-marque.html}, language = {English}, urldate = {2021-11-19} } An in-depth look at hacking back, active defense, and cyber letters of marque
2021-11-07Marco Ramilli's BlogMarco Ramilli
@online{ramilli:20211107:conti:1f13ec3, author = {Marco Ramilli}, title = {{CONTI Ransomware: Cheat Sheet}}, date = {2021-11-07}, organization = {Marco Ramilli's Blog}, url = {https://marcoramilli.com/2021/11/07/conti-ransomware-cheat-sheet/}, language = {English}, urldate = {2021-11-08} } CONTI Ransomware: Cheat Sheet
Conti
2021-10-26splunkMarcus LaFerrera
@online{laferrera:20211026:higher:9e4b682, author = {Marcus LaFerrera}, title = {{High(er) Fidelity Software Supply Chain Attack Detection}}, date = {2021-10-26}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/high-er-fidelity-software-supply-chain-attack-detection.html}, language = {English}, urldate = {2021-11-03} } High(er) Fidelity Software Supply Chain Attack Detection
2021-10-24CitizenLabBill Marczak, John Scott-Railton, Siena Anstis, Bahr Abdul Razzak, Ron Deibert
@online{marczak:20211024:breaking:26acce3, author = {Bill Marczak and John Scott-Railton and Siena Anstis and Bahr Abdul Razzak and Ron Deibert}, title = {{Breaking the News New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts}}, date = {2021-10-24}, organization = {CitizenLab}, url = {https://citizenlab.ca/2021/10/breaking-news-new-york-times-journalist-ben-hubbard-pegasus/}, language = {English}, urldate = {2021-11-02} } Breaking the News New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts
Chrysaor
2021-09-27KasperskyLeonid Bezvershenko, Marc Rivero López, Dmitry Galov
@online{bezvershenko:20210927:bloodystealer:5944099, author = {Leonid Bezvershenko and Marc Rivero López and Dmitry Galov}, title = {{BloodyStealer and gaming assets for sale}}, date = {2021-09-27}, organization = {Kaspersky}, url = {https://securelist.com/bloodystealer-and-gaming-assets-for-sale/104319/}, language = {English}, urldate = {2021-10-05} } BloodyStealer and gaming assets for sale
BloodyStealer
2021-09-22McAfeeAlexandre Mundo, Marc Elias
@online{mundo:20210922:blackmatter:75b98d9, author = {Alexandre Mundo and Marc Elias}, title = {{BlackMatter Ransomware Analysis; The Dark Side Returns}}, date = {2021-09-22}, organization = {McAfee}, url = {https://www.mcafee.com/blogs/enterprise/blackmatter-ransomware-analysis-the-dark-side-returns/}, language = {English}, urldate = {2021-09-23} } BlackMatter Ransomware Analysis; The Dark Side Returns
BlackMatter
2021-09-13CitizenLabBill Marczak, John Scott-Railton, Bahr Abdul Razzak, Noura Al-Jizawi, Siena Anstis, Kristin Berdan, Ron Deibert
@online{marczak:20210913:forcedentry:7427f45, author = {Bill Marczak and John Scott-Railton and Bahr Abdul Razzak and Noura Al-Jizawi and Siena Anstis and Kristin Berdan and Ron Deibert}, title = {{FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)}}, date = {2021-09-13}, organization = {CitizenLab}, url = {https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/}, language = {English}, urldate = {2021-09-14} } FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)
2021-08-27Seguranca InformaticaPedro Tavares
@online{tavares:20210827:fraude:0e0b29a, author = {Pedro Tavares}, title = {{Fraude personificando a marca Continente espalha-se através do WhatsApp: Não se deixe enganar!}}, date = {2021-08-27}, organization = {Seguranca Informatica}, url = {https://seguranca-informatica.pt/fraude-personificando-a-marca-continente-espalha-se-atraves-do-whatsapp-nao-se-deixe-enganar/}, language = {Portugese}, urldate = {2021-09-12} } Fraude personificando a marca Continente espalha-se através do WhatsApp: Não se deixe enganar!
2021-08-24CitizenLabBill Marczak, Ali Abdulemam, Noura Al-Jizawi, Siena Anstis, Kristin Berdan, John Scott-Railton, Ron Deibert
@online{marczak:20210824:from:6363bde, author = {Bill Marczak and Ali Abdulemam and Noura Al-Jizawi and Siena Anstis and Kristin Berdan and John Scott-Railton and Ron Deibert}, title = {{From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits}}, date = {2021-08-24}, organization = {CitizenLab}, url = {https://citizenlab.ca/2021/08/bahrain-hacks-activists-with-nso-group-zero-click-iphone-exploits/}, language = {English}, urldate = {2021-08-24} } From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits
Chrysaor
2021-08-23Marco Ramilli
@online{ramilli:20210823:paradise:2539869, author = {Marco Ramilli}, title = {{Paradise Ransomware: The Builder}}, date = {2021-08-23}, url = {https://marcoramilli.com/2021/08/23/paradise-ransomware-the-builder/}, language = {English}, urldate = {2021-08-23} } Paradise Ransomware: The Builder
Paradise
2021-07-18Twitter (@billmarczak)Bill Marczak
@online{marczak:20210718:twitter:d1f4dfe, author = {Bill Marczak}, title = {{Twitter thread with a couple of interesting bits from AmnestyTech's new report on Pegasus}}, date = {2021-07-18}, organization = {Twitter (@billmarczak)}, url = {https://twitter.com/billmarczak/status/1416801439402262529}, language = {English}, urldate = {2021-07-24} } Twitter thread with a couple of interesting bits from AmnestyTech's new report on Pegasus
Chrysaor
2021-07-18CitizenLabBill Marczak, John Scott-Railton, Siena Anstis, Ron Deibert
@online{marczak:20210718:independent:f943436, author = {Bill Marczak and John Scott-Railton and Siena Anstis and Ron Deibert}, title = {{Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware}}, date = {2021-07-18}, organization = {CitizenLab}, url = {https://citizenlab.ca/2021/07/amnesty-peer-review/}, language = {English}, urldate = {2021-07-21} } Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware
Chrysaor
2021-07-15CitizenLabBill Marczak, John Scott-Railton, Kristin Berdan, Bahr Abdul Razzak, Ron Deibert
@online{marczak:20210715:hooking:7f3adbe, author = {Bill Marczak and John Scott-Railton and Kristin Berdan and Bahr Abdul Razzak and Ron Deibert}, title = {{Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus}}, date = {2021-07-15}, organization = {CitizenLab}, url = {https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/}, language = {English}, urldate = {2021-07-20} } Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot
2021-07-04Marco Ramilli's BlogMarco Ramilli
@online{ramilli:20210704:babuk:3ba79a8, author = {Marco Ramilli}, title = {{Babuk Ransomware: The Builder}}, date = {2021-07-04}, organization = {Marco Ramilli's Blog}, url = {https://marcoramilli.com/2021/07/05/babuk-ransomware-the-builder/}, language = {English}, urldate = {2021-07-06} } Babuk Ransomware: The Builder
Babuk Babuk
2021-06-24SentinelOneMarco Figueroa
@online{figueroa:20210624:evasive:7f0d507, author = {Marco Figueroa}, title = {{Evasive Maneuvers | Massive IcedID Campaign Aims For Stealth with Benign Macros}}, date = {2021-06-24}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/evasive-maneuvers-massive-icedid-campaign-aims-for-stealth-with-benign-macros/}, language = {English}, urldate = {2021-06-29} } Evasive Maneuvers | Massive IcedID Campaign Aims For Stealth with Benign Macros
IcedID
2021-06-17KasperskyMarc Rivero López
@online{lpez:20210617:black:f563c4b, author = {Marc Rivero López}, title = {{Black Kingdom ransomware}}, date = {2021-06-17}, organization = {Kaspersky}, url = {https://securelist.com/black-kingdom-ransomware/102873/}, language = {English}, urldate = {2021-06-21} } Black Kingdom ransomware
BlackKingdom Ransomware
2021-06-14Marco Ramilli's BlogMarco Ramilli
@online{ramilli:20210614:allegedly:ad3d608, author = {Marco Ramilli}, title = {{The Allegedly Ryuk Ransomware builder: #RyukJoke}}, date = {2021-06-14}, organization = {Marco Ramilli's Blog}, url = {https://marcoramilli.com/2021/06/14/the-allegedly-ryuk-ransomware-builder-ryukjoke/}, language = {English}, urldate = {2021-08-23} } The Allegedly Ryuk Ransomware builder: #RyukJoke
Chaos
2021-05-20SentinelOneMarco Figueroa
@online{figueroa:20210520:caught:04692f1, author = {Marco Figueroa}, title = {{Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers}}, date = {2021-05-20}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/caught-in-the-cloud-how-a-monero-cryptominer-exploits-docker-containers/}, language = {English}, urldate = {2021-05-26} } Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers