Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2016-05-24Palo Alto Networks Unit 42Josh Grunzweig, Mike Scott, Bryan Lee
@online{grunzweig:20160524:new:d1cd669, author = {Josh Grunzweig and Mike Scott and Bryan Lee}, title = {{New Wekby Attacks Use DNS Requests As Command and Control Mechanism}}, date = {2016-05-24}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/}, language = {English}, urldate = {2019-12-20} } New Wekby Attacks Use DNS Requests As Command and Control Mechanism
Roseam
2016-05-22Palo Alto Networks Unit 42Micah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn, Tom Keigher
@online{yates:20160522:operation:9cfd4ae, author = {Micah Yates and Mike Scott and Brandon Levene and Jen Miller-Osborn and Tom Keigher}, title = {{Operation Ke3chang Resurfaces With New TidePool Malware}}, date = {2016-05-22}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/operation-ke3chang-resurfaces-with-new-tidepool-malware/}, language = {English}, urldate = {2020-01-06} } Operation Ke3chang Resurfaces With New TidePool Malware
APT15
2016-05-22Palo Alto Networks Unit 42Micah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn, Tom Keigher
@online{yates:20160522:operation:2e8f4a8, author = {Micah Yates and Mike Scott and Brandon Levene and Jen Miller-Osborn and Tom Keigher}, title = {{Operation Ke3chang Resurfaces With New TidePool Malware}}, date = {2016-05-22}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/}, language = {English}, urldate = {2019-12-20} } Operation Ke3chang Resurfaces With New TidePool Malware
Tidepool
2016-04-22Palo Alto Networks Unit 42Micah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn
@online{yates:20160422:new:249e32b, author = {Micah Yates and Mike Scott and Brandon Levene and Jen Miller-Osborn}, title = {{New Poison Ivy RAT Variant Targets Hong Kong Pro-Democracy Activists}}, date = {2016-04-22}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2016/04/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists/}, language = {English}, urldate = {2019-12-20} } New Poison Ivy RAT Variant Targets Hong Kong Pro-Democracy Activists
Poison Ivy
2015-11-10Palo Alto Networks Unit 42Robert Falcone, Mike Scott, Juan Cortes
@online{falcone:20151110:bookworm:41d48c9, author = {Robert Falcone and Mike Scott and Juan Cortes}, title = {{Bookworm Trojan: A Model of Modular Architecture}}, date = {2015-11-10}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/bookworm-trojan-a-model-of-modular-architecture/}, language = {English}, urldate = {2022-09-19} } Bookworm Trojan: A Model of Modular Architecture
Bookworm
2014-11-21FireEyeNed Moran, Mike Scott, Mike Oppenheim, Joshua Homan
@online{moran:20141121:operation:18b04d9, author = {Ned Moran and Mike Scott and Mike Oppenheim and Joshua Homan}, title = {{Operation Double Tap}}, date = {2014-11-21}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/11/operation_doubletap.html}, language = {English}, urldate = {2019-12-20} } Operation Double Tap
pirpi
2014-09-30FireEyeThoufique Haq, Ned Moran, Sai Vashisht, Mike Scott
@techreport{haq:20140930:operation:ce4e85c, author = {Thoufique Haq and Ned Moran and Sai Vashisht and Mike Scott}, title = {{OPERATION QUANTUM ENTANGLEMENT}}, date = {2014-09-30}, institution = {FireEye}, url = {https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf}, language = {English}, urldate = {2020-01-08} } OPERATION QUANTUM ENTANGLEMENT
NewCT DragonOK
2014-09-04FireEyeMike Scott, James T. Bennett
@online{scott:20140904:forced:c6ce09b, author = {Mike Scott and James T. Bennett}, title = {{Forced to Adapt: XSLCmd Backdoor Now on OS X}}, date = {2014-09-04}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html}, language = {English}, urldate = {2019-12-20} } Forced to Adapt: XSLCmd Backdoor Now on OS X
XSLCmd APT15
2014-08-13FireEyeNart Villeneuve, Ned Moran, Thoufique Haq, Mike Scott
@techreport{villeneuve:20140813:operation:177e7ba, author = {Nart Villeneuve and Ned Moran and Thoufique Haq and Mike Scott}, title = {{OPERATION SAFFRON ROSE}}, date = {2014-08-13}, institution = {FireEye}, url = {https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf}, language = {English}, urldate = {2020-01-10} } OPERATION SAFFRON ROSE
Flying Kitten
2014-06-10FireEyeMike Scott
@online{scott:20140610:clandestine:6d515ab, author = {Mike Scott}, title = {{Clandestine Fox, Part Deux}}, date = {2014-06-10}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/06/clandestine-fox-part-deux.html}, language = {English}, urldate = {2019-12-20} } Clandestine Fox, Part Deux
PlugX
2013-12-12FireEye IncNart Villeneuve, James T. Bennett, Ned Moran, Thoufique Haq, Mike Scott, Kenneth Geers
@online{villeneuve:20131212:operation:70b2323, author = {Nart Villeneuve and James T. Bennett and Ned Moran and Thoufique Haq and Mike Scott and Kenneth Geers}, title = {{OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs}}, date = {2013-12-12}, organization = {FireEye Inc}, url = {https://www.mandiant.com/resources/operation-ke3chang-targeted-attacks-against-ministries-of-foreign-affairs}, language = {English}, urldate = {2023-01-25} } OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs
Tidepool APT15
2013-11-10FireEyeSai Omkar Vashisht, Mike Scott, Thoufique Haq, Ned Moran
@online{vashisht:20131110:operation:d653a09, author = {Sai Omkar Vashisht and Mike Scott and Thoufique Haq and Ned Moran}, title = {{Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method}}, date = {2013-11-10}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/11/operation-ephemeral-hydra-ie-zero-day-linked-to-deputydog-uses-diskless-method.html}, language = {English}, urldate = {2019-12-20} } Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method
9002 RAT