Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-14KasperskyMark Lechtik, Paul Rascagnères, Aseel Kayal
@online{lechtik:20210714:luminousmoth:a5cf19d, author = {Mark Lechtik and Paul Rascagnères and Aseel Kayal}, title = {{LuminousMoth APT: Sweeping attacks for the chosen few}}, date = {2021-07-14}, organization = {Kaspersky}, url = {https://securelist.com/apt-luminousmoth/103332/}, language = {English}, urldate = {2021-07-20} } LuminousMoth APT: Sweeping attacks for the chosen few
Cobalt Strike
2021-05-06KasperskyMark Lechtik, Giampaolo Dedola
@online{lechtik:20210506:operation:b437cc1, author = {Mark Lechtik and Giampaolo Dedola}, title = {{Operation TunnelSnake}}, date = {2021-05-06}, organization = {Kaspersky}, url = {https://securelist.com/operation-tunnelsnake-and-moriya-rootkit/101831/}, language = {English}, urldate = {2021-05-08} } Operation TunnelSnake
Moriya
2021-04-05KasperskyIvan Kwiatkowski, Pierre Delcher, Mark Lechtik
@online{kwiatkowski:20210405:leap:9f488d4, author = {Ivan Kwiatkowski and Pierre Delcher and Mark Lechtik}, title = {{The leap of a Cycldek-related threat actor}}, date = {2021-04-05}, organization = {Kaspersky}, url = {https://securelist.com/the-leap-of-a-cycldek-related-threat-actor/101243/}, language = {English}, urldate = {2021-04-14} } The leap of a Cycldek-related threat actor
2020-10-05Kaspersky LabsMark Lechtik, Igor Kuznetsov
@techreport{lechtik:20201005:mosaicregressor:9e14a30, author = {Mark Lechtik and Igor Kuznetsov}, title = {{MosaicRegressor: Lurking in the Shadows of UEFI (Technical Details)}}, date = {2020-10-05}, institution = {Kaspersky Labs}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/10/05094208/MosaicRegressor_Technical-details.pdf}, language = {English}, urldate = {2020-10-08} } MosaicRegressor: Lurking in the Shadows of UEFI (Technical Details)
2020-10-05Kaspersky LabsMark Lechtik, Igor Kuznetsov
@online{lechtik:20201005:mosaicregressor:66ce234, author = {Mark Lechtik and Igor Kuznetsov}, title = {{MosaicRegressor: Lurking in the Shadows of UEFI}}, date = {2020-10-05}, organization = {Kaspersky Labs}, url = {https://securelist.com/mosaicregressor/98849/}, language = {English}, urldate = {2020-10-08} } MosaicRegressor: Lurking in the Shadows of UEFI
2020-09-24CAROMark Lechtik, Giampaolo Dedola
@online{lechtik:20200924:cycldek:8b488b1, author = {Mark Lechtik and Giampaolo Dedola}, title = {{Cycldek aka Goblin Panda: Chronicles of the Goblin}}, date = {2020-09-24}, organization = {CARO}, url = {https://drive.google.com/file/d/11otA_VmL061KcFC5MhDYuNdIKHYbpyrd/view}, language = {English}, urldate = {2020-09-25} } Cycldek aka Goblin Panda: Chronicles of the Goblin
NewCore RAT USBCulprit
2020-06-03Kaspersky LabsGReAT, Mark Lechtik, Giampaolo Dedola
@online{great:20200603:cycldek:ed9a830, author = {GReAT and Mark Lechtik and Giampaolo Dedola}, title = {{Cycldek: Bridging the (air) gap}}, date = {2020-06-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/cycldek-bridging-the-air-gap/97157/}, language = {English}, urldate = {2020-06-03} } Cycldek: Bridging the (air) gap
8.t Dropper NewCore RAT PlugX USBCulprit Hellsing
2020-05-07AVARMark Lechtik, Ariel Jugnheit
@online{lechtik:20200507:north:3cfaf43, author = {Mark Lechtik and Ariel Jugnheit}, title = {{The North Korean AV Anthology: a unique look on DPRK’s Anti-Virus market}}, date = {2020-05-07}, organization = {AVAR}, url = {https://drive.google.com/file/d/1lq0Sjw4FKBxf017Ss7W7uGMvs7CgFzcA/view}, language = {English}, urldate = {2020-05-07} } The North Korean AV Anthology: a unique look on DPRK’s Anti-Virus market
Volgmer
2018-06-12Check Point ResearchMark Lechtik
@online{lechtik:20180612:deep:67efc2c, author = {Mark Lechtik}, title = {{Deep Dive into UPAS Kit vs. Kronos}}, date = {2018-06-12}, organization = {Check Point Research}, url = {https://research.checkpoint.com/deep-dive-upas-kit-vs-kronos/}, language = {English}, urldate = {2020-01-07} } Deep Dive into UPAS Kit vs. Kronos
UPAS
2018-02-04Check PointMark Lechtik
@online{lechtik:20180204:dorkbot:7c9daf2, author = {Mark Lechtik}, title = {{DorkBot: An Investigation}}, date = {2018-02-04}, organization = {Check Point}, url = {https://research.checkpoint.com/dorkbot-an-investigation/}, language = {English}, urldate = {2020-01-09} } DorkBot: An Investigation
NgrBot