Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-30ProofpointMichael Raggi, Sveva Vittoria Scenarelli, PWC UK
@online{raggi:20220830:rising:650b12e, author = {Michael Raggi and Sveva Vittoria Scenarelli and PWC UK}, title = {{Rising Tide: Chasing the Currents of Espionage in the South China Sea}}, date = {2022-08-30}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/chasing-currents-espionage-south-china-sea}, language = {English}, urldate = {2022-08-31} } Rising Tide: Chasing the Currents of Espionage in the South China Sea
scanbox Meterpreter APT40
2022-07-22PWC UKKrystle Reid
@online{reid:20220722:old:6fb4943, author = {Krystle Reid}, title = {{Old cat, new tricks, bad habits An analysis of Charming Kitten’s new tools and OPSEC errors}}, date = {2022-07-22}, organization = {PWC UK}, url = {https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/old-cat-new-tricks.html}, language = {English}, urldate = {2022-07-25} } Old cat, new tricks, bad habits An analysis of Charming Kitten’s new tools and OPSEC errors
TelegramGrabber
2022-04-28PWCPWC UK
@techreport{uk:20220428:cyber:c43873f, author = {PWC UK}, title = {{Cyber Threats 2021: A Year in Retrospect (Annex)}}, date = {2022-04-28}, institution = {PWC}, url = {https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-annex-download.pdf}, language = {English}, urldate = {2022-04-29} } Cyber Threats 2021: A Year in Retrospect (Annex)
Cobalt Strike Conti PlugX RokRAT Inception Framework Red Menshen
2022-04-28PWCPWC UK
@techreport{uk:20220428:cyber:46707aa, author = {PWC UK}, title = {{Cyber Threats 2021: A Year in Retrospect}}, date = {2022-04-28}, institution = {PWC}, url = {https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf}, language = {English}, urldate = {2023-07-02} } Cyber Threats 2021: A Year in Retrospect
BPFDoor APT15 APT31 APT41 APT9 BlackTech BRONZE EDGEWOOD DAGGER PANDA Earth Lusca HAFNIUM HAZY TIGER Inception Framework LOTUS PANDA QUILTED TIGER RedAlpha Red Dev 17 Red Menshen Red Nue VICEROY TIGER
2021-12-08PWC UKAdam Prescott
@online{prescott:20211208:chasing:3921a35, author = {Adam Prescott}, title = {{Chasing Shadows: A deep dive into the latest obfuscation methods being used by ShadowPad}}, date = {2021-12-08}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-services/research/chasing-shadows.html}, language = {English}, urldate = {2021-12-13} } Chasing Shadows: A deep dive into the latest obfuscation methods being used by ShadowPad
ShadowPad Earth Lusca
2021-02-28PWC UKPWC UK
@techreport{uk:20210228:cyber:bd780cd, author = {PWC UK}, title = {{Cyber Threats 2020: A Year in Retrospect}}, date = {2021-02-28}, institution = {PWC UK}, url = {https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf}, language = {English}, urldate = {2021-03-04} } Cyber Threats 2020: A Year in Retrospect
elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare APT10 APT23 APT27 APT31 APT41 BlackTech BRONZE EDGEWOOD Inception Framework MUSTANG PANDA Red Charon Red Nue Sea Turtle Tonto Team
2020-12-11PWC UKTwitter (@BitsOfBinary)
@online{bitsofbinary:20201211:macos:a00d112, author = {Twitter (@BitsOfBinary)}, title = {{Tweet on macOS Manuscypt samples}}, date = {2020-12-11}, organization = {PWC UK}, url = {https://twitter.com/BitsOfBinary/status/1337330286787518464}, language = {English}, urldate = {2020-12-14} } Tweet on macOS Manuscypt samples
Manuscrypt
2020-09-29PWC UKAndy Auld
@online{auld:20200929:whats:2782a62, author = {Andy Auld}, title = {{What's behind the increase in ransomware attacks this year?}}, date = {2020-09-29}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-services/insights/what-is-behind-ransomware-attacks-increase.html}, language = {English}, urldate = {2021-05-25} } What's behind the increase in ransomware attacks this year?
DarkSide Avaddon Clop Conti DoppelPaymer Dridex Emotet FriedEx Mailto PwndLocker QakBot REvil Ryuk SMAUG SunCrypt TrickBot WastedLocker
2020-09-17PWC UKPWC UK
@online{uk:20200917:analysis:6156982, author = {PWC UK}, title = {{Analysis of WellMail malware's Command and Control (C2) server}}, date = {2020-09-17}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-services/insights/wellmail.html}, language = {English}, urldate = {2020-09-25} } Analysis of WellMail malware's Command and Control (C2) server
WellMail
2020-08-17PWCPWC UK
@online{uk:20200817:wellmess:a67a30c, author = {PWC UK}, title = {{WellMess malware: analysis of its Command and Control (C2) server}}, date = {2020-08-17}, organization = {PWC}, url = {https://www.pwc.co.uk/issues/cyber-security-services/insights/wellmess-analysis-command-control.html}, language = {English}, urldate = {2020-08-20} } WellMess malware: analysis of its Command and Control (C2) server
elf.wellmess
2020-07-16PWC UKPWC UK
@online{uk:20200716:how:8504d30, author = {PWC UK}, title = {{How WellMess malware has been used to target Covid-19 vaccines}}, date = {2020-07-16}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-services/insights/cleaning-up-after-wellmess.html}, language = {English}, urldate = {2020-07-17} } How WellMess malware has been used to target Covid-19 vaccines
elf.wellmess WellMess
2020-03-09PWC UKKris McConkey, Sveva Vittoria Scenarelli
@online{mcconkey:20200309:tracking:1979cbf, author = {Kris McConkey and Sveva Vittoria Scenarelli}, title = {{Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1}}, date = {2020-03-09}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-services/research/tracking-kimsuky-north-korea-based-cyber-espionage-group-part-1.html}, language = {English}, urldate = {2021-05-03} } Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
BabyShark MyDogs Kimsuky
2020-03-09PWC UKKris McConkey, Sveva Vittoria Scenarelli
@online{mcconkey:20200309:tracking:5a16ab4, author = {Kris McConkey and Sveva Vittoria Scenarelli}, title = {{Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 2}}, date = {2020-03-09}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-data-privacy/research/tracking-kimsuky-north-korea-based-cyber-espionage-group-part-2.html}, language = {English}, urldate = {2020-07-13} } Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 2
BabyShark MyDogs Kimsuky
2020-03-03PWC UKPWC UK
@techreport{uk:20200303:cyber:1f1eef0, author = {PWC UK}, title = {{Cyber Threats 2019:A Year in Retrospect}}, date = {2020-03-03}, institution = {PWC UK}, url = {https://www.pwc.co.uk/cyber-security/assets/cyber-threats-2019-retrospect.pdf}, language = {English}, urldate = {2020-03-03} } Cyber Threats 2019:A Year in Retrospect
KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare APT41 MUSTANG PANDA Sea Turtle
2020-02-18PWC UKKris McConkey, Sveva Vittoria Scenarelli
@online{mcconkey:20200218:tracking:b1acf1a, author = {Kris McConkey and Sveva Vittoria Scenarelli}, title = {{Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1}}, date = {2020-02-18}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-data-privacy/research/tracking-kimsuky-north-korea-based-cyber-espionage-group-part-1.html}, language = {English}, urldate = {2020-02-26} } Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
Kimsuky
2017-11-02PWC UKBart Parys
@online{parys:20171102:keyboys:b57094e, author = {Bart Parys}, title = {{The KeyBoys are back in town}}, date = {2017-11-02}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-data-privacy/research/the-keyboys-are-back-in-town.html}, language = {English}, urldate = {2020-06-18} } The KeyBoys are back in town
KeyBoy
2017-04-04PWC UKPWC UK
@techreport{uk:20170404:operation:6d02e48, author = {PWC UK}, title = {{Operation Cloud Hopper}}, date = {2017-04-04}, institution = {PWC UK}, url = {https://www.pwc.co.uk/cyber-security/pdf/cloud-hopper-report-final-v4.pdf}, language = {English}, urldate = {2020-01-10} } Operation Cloud Hopper
APT10