Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-08PTSecurityPTSecurity
@techreport{ptsecurity:20200908:shadowpad:2903f45, author = {PTSecurity}, title = {{ShadowPad: new activity from the Winnti group}}, date = {2020-09-08}, institution = {PTSecurity}, url = {https://www.ptsecurity.com/upload/corporate/ww-en/pt-esc/winnti-2020-eng.pdf}, language = {English}, urldate = {2020-10-08} } ShadowPad: new activity from the Winnti group
CCleaner Backdoor Korlia ShadowPad TypeHash
2020-07-23PTSecurityArseniy Sharoglazov
@online{sharoglazov:20200723:attacking:f5a1ee2, author = {Arseniy Sharoglazov}, title = {{Attacking MS Exchange Web Interfaces}}, date = {2020-07-23}, organization = {PTSecurity}, url = {https://swarm.ptsecurity.com/attacking-ms-exchange-web-interfaces/}, language = {English}, urldate = {2020-07-30} } Attacking MS Exchange Web Interfaces
2020-06-16PTSecurityPT ESC Threat Intelligence
@online{intelligence:20200616:cobalt:2071fd2, author = {PT ESC Threat Intelligence}, title = {{Cobalt: tactics and tools update}}, date = {2020-06-16}, organization = {PTSecurity}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/cobalt_upd_ttps/}, language = {English}, urldate = {2020-06-16} } Cobalt: tactics and tools update
CobInt
2020-06-04PTSecurityPT ESC Threat Intelligence
@online{intelligence:20200604:covid19:45fa7ba, author = {PT ESC Threat Intelligence}, title = {{COVID-19 and New Year greetings: an investigation into the tools and methods used by the Higaisa group}}, date = {2020-06-04}, organization = {PTSecurity}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/covid-19-and-new-year-greetings-the-higaisa-group/}, language = {English}, urldate = {2020-06-05} } COVID-19 and New Year greetings: an investigation into the tools and methods used by the Higaisa group
Ghost RAT
2020-05-20PTSecurityPT ESC Threat Intelligence
@online{intelligence:20200520:operation:7f6282e, author = {PT ESC Threat Intelligence}, title = {{Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet}}, date = {2020-05-20}, organization = {PTSecurity}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/operation-ta505/}, language = {English}, urldate = {2020-06-05} } Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet
FlawedAmmyy
2020-04-17Youtube (Positive Technologies)PTSecurity
@online{ptsecurity:20200417:mlw:583a7fe, author = {PTSecurity}, title = {{Mlw #41: новый сложный загрузчик APT-группировки TA505}}, date = {2020-04-17}, organization = {Youtube (Positive Technologies)}, url = {https://www.youtube.com/watch?v=k3sM88o_maM}, language = {Russian}, urldate = {2020-10-08} } Mlw #41: новый сложный загрузчик APT-группировки TA505
SnatchLoader
2019-11-11HabrPTSecurity
@online{ptsecurity:20191111:operation:3bc93dc, author = {PTSecurity}, title = {{Operation TA505, part four. Twins}}, date = {2019-11-11}, organization = {Habr}, url = {https://habr.com/ru/company/pt/blog/475328/}, language = {English}, urldate = {2020-01-13} } Operation TA505, part four. Twins
2019-10-31PTSecurityPTSecurity
@online{ptsecurity:20191031:calypso:adaf761, author = {PTSecurity}, title = {{Calypso APT: new group attacking state institutions}}, date = {2019-10-31}, organization = {PTSecurity}, url = {https://www.ptsecurity.com/ww-en/analytics/calypso-apt-2019/}, language = {English}, urldate = {2020-01-12} } Calypso APT: new group attacking state institutions
BYEBY FlyingDutchman Hussar PlugX