Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-03-28Malware Explorer BlogNart Villeneuve
@online{villeneuve:20190328:10:b49637d, author = {Nart Villeneuve}, title = {{10 Years Since Ghostnet}}, date = {2019-03-28}, organization = {Malware Explorer Blog}, url = {https://www.nartv.org/2019/03/28/10-years-since-ghostnet/}, language = {English}, urldate = {2020-01-06} } 10 Years Since Ghostnet
Gh0stnet
2017-10-05FireEyeNart Villeneuve, Randi Eitzman, Sandor Nemes, Tyler Dean
@online{villeneuve:20171005:significant:0b91e49, author = {Nart Villeneuve and Randi Eitzman and Sandor Nemes and Tyler Dean}, title = {{Significant FormBook Distribution Campaigns Impacting the U.S. and South Korea}}, date = {2017-10-05}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/10/formbook-malware-distribution-campaigns.html}, language = {English}, urldate = {2019-12-20} } Significant FormBook Distribution Campaigns Impacting the U.S. and South Korea
Formbook
2016-03-28FireEyeNart Villeneuve
@online{villeneuve:20160328:treasurehunt:4224770, author = {Nart Villeneuve}, title = {{TREASUREHUNT: A Custom POS Malware Tool}}, date = {2016-03-28}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2016/03/treasurehunt_a_cust.html}, language = {English}, urldate = {2019-12-20} } TREASUREHUNT: A Custom POS Malware Tool
TreasureHunter
2015-05-23FireEyeNart Villeneuve, Daniel Regalado
@online{villeneuve:20150523:nitlovepos:f990fd4, author = {Nart Villeneuve and Daniel Regalado}, title = {{NitlovePOS: Another New POS Malware}}, date = {2015-05-23}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html}, language = {English}, urldate = {2019-12-20} } NitlovePOS: Another New POS Malware
nitlove
2014-10-06FireEyeNart Villeneuve
@online{villeneuve:20141006:data:78acc83, author = {Nart Villeneuve}, title = {{Data Theft in Aisle 9: A FireEye Look at Threats to Retailers}}, date = {2014-10-06}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/10/data-theft-in-aisle-9-a-fireeye-look-at-threats-to-retailers.html}, language = {English}, urldate = {2019-12-20} } Data Theft in Aisle 9: A FireEye Look at Threats to Retailers
2014-08-13FireEyeNart Villeneuve, Ned Moran, Thoufique Haq, Mike Scott
@techreport{villeneuve:20140813:operation:177e7ba, author = {Nart Villeneuve and Ned Moran and Thoufique Haq and Mike Scott}, title = {{OPERATION SAFFRON ROSE}}, date = {2014-08-13}, institution = {FireEye}, url = {https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf}, language = {English}, urldate = {2020-01-10} } OPERATION SAFFRON ROSE
Flying Kitten
2014-07-31FireEyeNart Villeneuve, Joshua Homan
@online{villeneuve:20140731:spy:5aeca9b, author = {Nart Villeneuve and Joshua Homan}, title = {{Spy of the Tiger}}, date = {2014-07-31}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/07/spy-of-the-tiger.html}, language = {English}, urldate = {2019-12-20} } Spy of the Tiger
paladin APT24
2014-07-09FireEyeNart Villeneuve, Kyle Wilhoit, Joshua Homan
@online{villeneuve:20140709:brutpos:12328f8, author = {Nart Villeneuve and Kyle Wilhoit and Joshua Homan}, title = {{BrutPOS: RDP Bruteforcing Botnet Targeting POS Systems}}, date = {2014-07-09}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/07/brutpos-rdp-bruteforcing-botnet-targeting-pos-systems.html}, language = {English}, urldate = {2019-12-20} } BrutPOS: RDP Bruteforcing Botnet Targeting POS Systems
BrutPOS
2014-02-19FireEyeNart Villeneuve, James T. Bennett
@online{villeneuve:20140219:xtremerat:53e1a83, author = {Nart Villeneuve and James T. Bennett}, title = {{XtremeRAT: Nuisance or Threat?}}, date = {2014-02-19}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2014/02/xtremerat-nuisance-or-threat.html}, language = {English}, urldate = {2019-12-20} } XtremeRAT: Nuisance or Threat?
Xtreme RAT
2013-12-12FireEye IncNart Villeneuve, James T. Bennett, Ned Moran, Thoufique Haq, Mike Scott, Kenneth Geers
@online{villeneuve:20131212:operation:70b2323, author = {Nart Villeneuve and James T. Bennett and Ned Moran and Thoufique Haq and Mike Scott and Kenneth Geers}, title = {{OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs}}, date = {2013-12-12}, organization = {FireEye Inc}, url = {https://www.mandiant.com/resources/operation-ke3chang-targeted-attacks-against-ministries-of-foreign-affairs}, language = {English}, urldate = {2023-01-25} } OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs
Tidepool APT15
2013-09-21FireEyeNed Moran, Nart Villeneuve
@online{moran:20130921:operation:0289318, author = {Ned Moran and Nart Villeneuve}, title = {{Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets}}, date = {2013-09-21}, organization = {FireEye}, url = {https://web.archive.org/web/20130924130243/https://www.fireeye.com/blog/technical/cyber-exploits/2013/09/operation-deputydog-zero-day-cve-2013-3893-attack-against-japanese-targets.html}, language = {English}, urldate = {2020-06-08} } Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets
DeputyDog APT17
2013-09-21FireEyeNart Villeneuve, Ned Moran
@online{villeneuve:20130921:operation:1e6ef8d, author = {Nart Villeneuve and Ned Moran}, title = {{Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets}}, date = {2013-09-21}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/09/operation-deputydog-zero-day-cve-2013-3893-attack-against-japanese-targets.html}, language = {English}, urldate = {2019-12-20} } Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets
DeputyDog
2013-09-06FireEyeNart Villeneuve, Thoufique Haq, Ned Moran
@online{villeneuve:20130906:evasive:1f16aab, author = {Nart Villeneuve and Thoufique Haq and Ned Moran}, title = {{Evasive Tactics: Taidoor}}, date = {2013-09-06}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/09/evasive-tactics-taidoor-3.html}, language = {English}, urldate = {2019-12-20} } Evasive Tactics: Taidoor
taidoor Taleret
2013-08-23FireEyeNart Villeneuve, Thoufique Haq, Ned Moran
@online{villeneuve:20130823:operation:dc4b5d6, author = {Nart Villeneuve and Thoufique Haq and Ned Moran}, title = {{Operation Molerats: Middle East Cyber Attacks Using Poison Ivy}}, date = {2013-08-23}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/08/operation-molerats-middle-east-cyber-attacks-using-poison-ivy.html}, language = {English}, urldate = {2019-12-20} } Operation Molerats: Middle East Cyber Attacks Using Poison Ivy
Poison Ivy Molerats
2013-08-12FireEyeNart Villeneuve, Ned Moran
@online{villeneuve:20130812:survival:4544f24, author = {Nart Villeneuve and Ned Moran}, title = {{Survival of the Fittest: New York Times Attackers Evolve Quickly}}, date = {2013-08-12}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2013/08/survival-of-the-fittest-new-york-times-attackers-evolve-quickly.html}, language = {English}, urldate = {2019-12-20} } Survival of the Fittest: New York Times Attackers Evolve Quickly
yayih
2013-05-20Trend MicroNart Villeneuve, Kyle Wilhoit
@techreport{villeneuve:20130520:safe:5a6a6e7, author = {Nart Villeneuve and Kyle Wilhoit}, title = {{Safe - A Targeted Threat}}, date = {2013-05-20}, institution = {Trend Micro}, url = {https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-safe-a-targeted-threat.pdf}, language = {English}, urldate = {2020-01-22} } Safe - A Targeted Threat
SafeNet
2013Trend MicroNart Villeneuve, Jessa dela Torre
@techreport{villeneuve:2013:fakem:672c581, author = {Nart Villeneuve and Jessa dela Torre}, title = {{FAKEM RAT}}, date = {2013}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/wp/wp-fakem-rat.pdf}, language = {English}, urldate = {2020-01-06} } FAKEM RAT
Terminator RAT
2012-10-23Trend MicroNart Villeneuve, James T. Bennett
@techreport{villeneuve:20121023:detecting:6358dd0, author = {Nart Villeneuve and James T. Bennett}, title = {{Detecting APT Activity with Network Traffic Analysis}}, date = {2012-10-23}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/wp/wp-detecting-apt-activity-with-network-traffic-analysis.pdf}, language = {English}, urldate = {2022-03-07} } Detecting APT Activity with Network Traffic Analysis
Enfal Gh0stnet Nitro sykipot taidoor
2011-10-31Trend MicroNart Villeneuve
@online{villeneuve:20111031:significance:4039c39, author = {Nart Villeneuve}, title = {{The Significance of the "Nitro" Attacks}}, date = {2011-10-31}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/the-significance-of-the-nitro-attacks/}, language = {English}, urldate = {2020-01-08} } The Significance of the "Nitro" Attacks
Nitro