Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-02MorphisecMichael Gorelik
@online{gorelik:20210402:fair:6f62577, author = {Michael Gorelik}, title = {{The “Fair” Upgrade Variant of Phobos Ransomware}}, date = {2021-04-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/the-fair-upgrade-variant-of-phobos-ransomware}, language = {English}, urldate = {2021-04-06} } The “Fair” Upgrade Variant of Phobos Ransomware
Phobos Ransomware
2021-03-16MorphisecNadav Lorber
@online{lorber:20210316:tracking:2d8ef0b, author = {Nadav Lorber}, title = {{Tracking HCrypt: An Active Crypter as a Service}}, date = {2021-03-16}, organization = {Morphisec}, url = {https://blog.morphisec.com/tracking-hcrypt-an-active-crypter-as-a-service}, language = {English}, urldate = {2021-04-20} } Tracking HCrypt: An Active Crypter as a Service
AsyncRAT LimeRAT
2021-03-09MorphisecAlon Groisman
@online{groisman:20210309:minebridge:bd80b6a, author = {Alon Groisman}, title = {{MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism}}, date = {2021-03-09}, organization = {Morphisec}, url = {https://blog.morphisec.com/minebridge-on-the-rise-sophisticated-delivery-mechanism}, language = {English}, urldate = {2021-03-11} } MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
MINEBRIDGE
2021-02-11MorphisecMorphisec
@techreport{morphisec:20210211:analysis:97c0b96, author = {Morphisec}, title = {{An Analysis of the Egregor Ransomware}}, date = {2021-02-11}, institution = {Morphisec}, url = {https://www.morphisec.com/hubfs/eBooks_and_Whitepapers/EGREGOR%20REPORT%20WEB%20FINAL.pdf}, language = {English}, urldate = {2021-02-18} } An Analysis of the Egregor Ransomware
Egregor
2021-02-08MorphisecMichael Dereviashkin
@online{dereviashkin:20210208:long:d1419a2, author = {Michael Dereviashkin}, title = {{Long Live, Osiris; Banking Trojan Targets German IP Addresses}}, date = {2021-02-08}, organization = {Morphisec}, url = {https://blog.morphisec.com/long-live-osiris-banking-trojan-targets-german-ip-addresses}, language = {English}, urldate = {2021-02-09} } Long Live, Osiris; Banking Trojan Targets German IP Addresses
Kronos
2021-02-05MorphisecNadav Lorber
@online{lorber:20210205:cinarat:772720f, author = {Nadav Lorber}, title = {{CinaRAT Resurfaces with New Evasive Tactics and Techniques}}, date = {2021-02-05}, organization = {Morphisec}, url = {https://blog.morphisec.com/cinarat-resurfaces-with-new-evasive-tactics-and-techniques}, language = {English}, urldate = {2021-02-09} } CinaRAT Resurfaces with New Evasive Tactics and Techniques
Quasar RAT
2021-01-04MorphisecArnold Osipov
@techreport{osipov:20210104:threat:b875307, author = {Arnold Osipov}, title = {{Threat Profile the Evolution of the FIN7 JSSLoader}}, date = {2021-01-04}, institution = {Morphisec}, url = {https://www.morphisec.com/hubfs/eBooks_and_Whitepapers/FIN7%20JSSLOADER%20FINAL%20WEB.pdf}, language = {English}, urldate = {2021-01-05} } Threat Profile the Evolution of the FIN7 JSSLoader
JSSLoader
2020-11-12MorphisecArnold Osipov
@online{osipov:20201112:threat:05d4acd, author = {Arnold Osipov}, title = {{Threat Profile: JUPYTER INFOSTEALER}}, date = {2020-11-12}, organization = {Morphisec}, url = {https://blog.morphisec.com/jupyter-infostealer-backdoor-introduction}, language = {English}, urldate = {2020-11-17} } Threat Profile: JUPYTER INFOSTEALER
Jupyter Stealer
2020-11-05MorphisecMichael Gorelik
@online{gorelik:20201105:agent:1cefe08, author = {Michael Gorelik}, title = {{Agent Tesla: A Day in a Life of IR}}, date = {2020-11-05}, organization = {Morphisec}, url = {https://blog.morphisec.com/agent-tesla-a-day-in-a-life-of-ir}, language = {English}, urldate = {2020-11-09} } Agent Tesla: A Day in a Life of IR
Agent Tesla
2020-08-20MorphisecArnold Osipov
@online{osipov:20200820:qakbot:a7e14ef, author = {Arnold Osipov}, title = {{QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal}}, date = {2020-08-20}, organization = {Morphisec}, url = {https://blog.morphisec.com/qakbot-qbot-maldoc-two-new-techniques}, language = {English}, urldate = {2020-08-25} } QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal
QakBot
2020-06-24MorphisecArnold Osipov
@online{osipov:20200624:obfuscated:74bfeed, author = {Arnold Osipov}, title = {{Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex}}, date = {2020-06-24}, organization = {Morphisec}, url = {https://blog.morphisec.com/obfuscated-vbscript-drops-zloader-ursnif-qakbot-dridex}, language = {English}, urldate = {2020-06-25} } Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader
2020-06-16MorphisecMichael Gorelik
@online{gorelik:20200616:crystalbit:1906ecc, author = {Michael Gorelik}, title = {{CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign}}, date = {2020-06-16}, organization = {Morphisec}, url = {https://blog.morphisec.com/crystalbit-apple-double-dll-hijack}, language = {English}, urldate = {2020-06-16} } CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign
2020-06-02MorphisecArnold Osipov
@online{osipov:20200602:ursnifgozi:2e20c85, author = {Arnold Osipov}, title = {{Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass}}, date = {2020-06-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/ursnif/gozi-delivery-excel-macro-4.0-utilization-uptick-ocr-bypass}, language = {English}, urldate = {2020-06-25} } Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB
2020-04-02MorphisecArnold Osipov
@online{osipov:20200402:guloader:af464fe, author = {Arnold Osipov}, title = {{GuLoader: The RAT Downloader}}, date = {2020-04-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/guloader-the-rat-downloader}, language = {English}, urldate = {2021-01-10} } GuLoader: The RAT Downloader
CloudEyE
2020-03-18MorphisecArnold Osipov
@online{osipov:20200318:parallax:fa4b01d, author = {Arnold Osipov}, title = {{Parallax: The new RAT on the block}}, date = {2020-03-18}, organization = {Morphisec}, url = {https://blog.morphisec.com/parallax-rat-active-status}, language = {English}, urldate = {2020-03-25} } Parallax: The new RAT on the block
Parallax RAT
2020-02-28MorphisecMichael Gorelik
@online{gorelik:20200228:trickbot:678683b, author = {Michael Gorelik}, title = {{Trickbot Delivery Method Gets a New Upgrade Focusing on Windows 10}}, date = {2020-02-28}, organization = {Morphisec}, url = {https://blog.morphisec.com/trickbot-delivery-method-gets-a-new-upgrade-focusing-on-windows}, language = {English}, urldate = {2020-03-03} } Trickbot Delivery Method Gets a New Upgrade Focusing on Windows 10
TrickBot
2020-01-30MorphisecArnold Osipov
@online{osipov:20200130:trickbot:da5c80d, author = {Arnold Osipov}, title = {{Trickbot Trojan Leveraging a New Windows 10 UAC Bypass}}, date = {2020-01-30}, organization = {Morphisec}, url = {https://blog.morphisec.com/trickbot-uses-a-new-windows-10-uac-bypass}, language = {English}, urldate = {2020-02-03} } Trickbot Trojan Leveraging a New Windows 10 UAC Bypass
TrickBot
2019-12-10Sentinel LABSVitali Kremez, Joshua Platt, Jason Reaves
@online{kremez:20191210:morphisec:c0fc51c, author = {Vitali Kremez and Joshua Platt and Jason Reaves}, title = {{MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS}}, date = {2019-12-10}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/the-deadly-planeswalker-how-the-trickbot-group-united-high-tech-crimeware-apt/}, language = {English}, urldate = {2020-01-08} } MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS
Anchor
2019-05-13MorphisecArnold Osipov
@online{osipov:20190513:look:7526002, author = {Arnold Osipov}, title = {{A Look At Hworm / Houdini aka Njrat}}, date = {2019-05-13}, organization = {Morphisec}, url = {http://blog.morphisec.com/hworm-houdini-aka-njrat}, language = {English}, urldate = {2020-01-05} } A Look At Hworm / Houdini aka Njrat
Houdini
2019-03-01MorphisecAlon Groisman
@online{groisman:20190301:threat:aaf612e, author = {Alon Groisman}, title = {{Threat Alert: AVE Maria infostealer on the rise}}, date = {2019-03-01}, organization = {Morphisec}, url = {http://blog.morphisec.com/threat-alert-ave-maria-infostealer-on-the-rise-with-new-stealthier-delivery}, language = {English}, urldate = {2020-01-09} } Threat Alert: AVE Maria infostealer on the rise
Ave Maria