Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-03-03Palo Alto Networks Unit 42Robert Falcone, Bryan Lee, Alex Hinchliffe
@online{falcone:20200303:molerats:990b000, author = {Robert Falcone and Bryan Lee and Alex Hinchliffe}, title = {{Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations}}, date = {2020-03-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/molerats-delivers-spark-backdoor/}, language = {English}, urldate = {2020-03-03} } Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations
Downeks JhoneRAT Molerat Loader Spark
2020-01-23Palo Alto Networks Unit 42Adrian McCabe, Unit42
@online{mccabe:20200123:fractured:399ff15, author = {Adrian McCabe and Unit42}, title = {{The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks}}, date = {2020-01-23}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/the-fractured-statue-campaign-u-s-government-targeted-in-spear-phishing-attacks/}, language = {English}, urldate = {2020-01-26} } The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks
CARROTBALL CarrotBat Syscon
2020-01-21Palo Alto Networks Unit 42Cong Zheng, Yang Ji, Asher Davila
@online{zheng:20200121:muhstik:b784bae, author = {Cong Zheng and Yang Ji and Asher Davila}, title = {{Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices}}, date = {2020-01-21}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/muhstik-botnet-attacks-tomato-routers-to-harvest-new-iot-devices/}, language = {English}, urldate = {2020-01-22} } Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices
Tsunami
2019-12-23Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20191223:wireshark:11f95ab, author = {Brad Duncan}, title = {{Wireshark Tutorial: Examining Ursnif Infections}}, date = {2019-12-23}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/wireshark-tutorial-examining-ursnif-infections/}, language = {English}, urldate = {2020-01-13} } Wireshark Tutorial: Examining Ursnif Infections
ISFB
2019-12-17Palo Alto Networks Unit 42Jen Miller-Osborn, Mike Harbison
@online{millerosborn:20191217:rancor:998fe1c, author = {Jen Miller-Osborn and Mike Harbison}, title = {{Rancor: Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia}}, date = {2019-12-17}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/rancor-cyber-espionage-group-uses-new-custom-malware-to-attack-southeast-asia/}, language = {English}, urldate = {2020-01-08} } Rancor: Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia
DDKONG Derusbi KHRAT
2019-12-09Palo Alto Networks Unit 42Bryan Lee, Brittany Ash, Mike Harbison
@online{lee:20191209:trickbot:48d9da3, author = {Bryan Lee and Brittany Ash and Mike Harbison}, title = {{TrickBot Campaign Uses Fake Payroll Emails to Conduct Phishing Attacks}}, date = {2019-12-09}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/trickbot-campaign-uses-fake-payroll-emails-to-conduct-phishing-attacks/}, language = {English}, urldate = {2020-01-22} } TrickBot Campaign Uses Fake Payroll Emails to Conduct Phishing Attacks
TrickBot
2019-12-02Palo Alto Networks Unit 42Unit 42
@online{42:20191202:imminent:462e901, author = {Unit 42}, title = {{Imminent Monitor – a RAT Down Under}}, date = {2019-12-02}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/imminent-monitor-a-rat-down-under/}, language = {English}, urldate = {2020-01-06} } Imminent Monitor – a RAT Down Under
Imminent Monitor RAT
2019-11-29Palo Alto Networks Unit 42Josh Grunzweig, Kyle Wilhoit
@online{grunzweig:20191129:fractured:65257b7, author = {Josh Grunzweig and Kyle Wilhoit}, title = {{The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia}}, date = {2019-11-29}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-the-fractured-block-campaign-carrotbat-malware-used-to-deliver-malware-targeting-southeast-asia/}, language = {English}, urldate = {2020-01-12} } The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
CarrotBat
2019-11-22Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20191122:trickbot:e14933b, author = {Brad Duncan}, title = {{Trickbot Updates Password Grabber Module}}, date = {2019-11-22}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/trickbot-updates-password-grabber-module/}, language = {English}, urldate = {2020-01-22} } Trickbot Updates Password Grabber Module
TrickBot
2019-11-08Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20191108:wireshark:f37b983, author = {Brad Duncan}, title = {{Wireshark Tutorial: Examining Trickbot Infections}}, date = {2019-11-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/wireshark-tutorial-examining-trickbot-infections/}, language = {English}, urldate = {2020-01-06} } Wireshark Tutorial: Examining Trickbot Infections
TrickBot
2019-10-19Palo Alto Networks Unit 42Unit42
@online{unit42:20191019:rat:4a5f30b, author = {Unit42}, title = {{商用RATのエコシステム: Unit 42、高機能商用RAT Blackremote RATの作者を公開後数日で特定}}, date = {2019-10-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.jp/blackremote-money-money-money-a-swedish-actor-peddles-an-expensive-new-rat/}, language = {Japanese}, urldate = {2020-03-25} } 商用RATのエコシステム: Unit 42、高機能商用RAT Blackremote RATの作者を公開後数日で特定
BlackRemote
2019-10-15Palo Alto Networks Unit 42Unit42
@online{unit42:20191015:blackremote:a39e171, author = {Unit42}, title = {{Blackremote: Money Money Money – A Swedish Actor Peddles an Expensive New RAT}}, date = {2019-10-15}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/blackremote-money-money-money-a-swedish-actor-peddles-an-expensive-new-rat/}, language = {English}, urldate = {2020-01-08} } Blackremote: Money Money Money – A Swedish Actor Peddles an Expensive New RAT
BlackRemote
2019-10-03Palo Alto Networks Unit 42Alex Hinchliffe
@online{hinchliffe:20191003:pkplug:4a43ea5, author = {Alex Hinchliffe}, title = {{PKPLUG: Chinese Cyber Espionage Group Attacking Asia}}, date = {2019-10-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/pkplug_chinese_cyber_espionage_group_attacking_asia/}, language = {English}, urldate = {2020-01-07} } PKPLUG: Chinese Cyber Espionage Group Attacking Asia
HenBox Farseer PlugX
2019-06-06Palo Alto Networks Unit 42Ruchna Nigam
@online{nigam:20190606:new:916134e, author = {Ruchna Nigam}, title = {{New Mirai Variant Adds 8 New Exploits, Targets Additional IoT Devices}}, date = {2019-06-06}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/new-mirai-variant-adds-8-new-exploits-targets-additional-iot-devices/}, language = {English}, urldate = {2020-03-09} } New Mirai Variant Adds 8 New Exploits, Targets Additional IoT Devices
Echobot Mirai
2019-05-28Palo Alto Networks Unit 42Robert Falcone, Tom Lancaster
@online{falcone:20190528:emissary:dc0f942, author = {Robert Falcone and Tom Lancaster}, title = {{Emissary Panda Attacks Middle East Government Sharepoint Servers}}, date = {2019-05-28}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/emissary-panda-attacks-middle-east-government-sharepoint-servers/}, language = {English}, urldate = {2020-01-09} } Emissary Panda Attacks Middle East Government Sharepoint Servers
CHINACHOPPER Unidentified 060
2019-05-22Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20190522:shade:7647744, author = {Brad Duncan}, title = {{Shade Ransomware Hits High-Tech, Wholesale, Education Sectors in U.S, Japan, India, Thailand, Canada}}, date = {2019-05-22}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/shade-ransomware-hits-high-tech-wholesale-education-sectors-in-u-s-japan-india-thailand-canada/}, language = {English}, urldate = {2020-01-13} } Shade Ransomware Hits High-Tech, Wholesale, Education Sectors in U.S, Japan, India, Thailand, Canada
Troldesh
2019-04-30Palo Alto Networks Unit 42Bryan Lee, Robert Falcone
@online{lee:20190430:behind:01b3010, author = {Bryan Lee and Robert Falcone}, title = {{Behind the Scenes with OilRig}}, date = {2019-04-30}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/behind-the-scenes-with-oilrig/}, language = {English}, urldate = {2020-01-06} } Behind the Scenes with OilRig
BONDUPDATER
2019-04-17Palo Alto Networks Unit 42Robert Falcone, Brittany Ash
@online{falcone:20190417:aggah:f17c88f, author = {Robert Falcone and Brittany Ash}, title = {{Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign}}, date = {2019-04-17}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/aggah-campaign-bit-ly-blogspot-and-pastebin-used-for-c2-in-large-scale-campaign/}, language = {English}, urldate = {2020-01-07} } Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign
The Gorgon Group
2019-04-08Palo Alto Networks Unit 42Ruchna Nigam
@online{nigam:20190408:mirai:b25b562, author = {Ruchna Nigam}, title = {{Mirai Compiled for New Processors Surfaces in the Wild}}, date = {2019-04-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/mirai-compiled-for-new-processor-surfaces/}, language = {English}, urldate = {2019-11-26} } Mirai Compiled for New Processors Surfaces in the Wild
Mirai
2019-03-19Palo Alto Networks Unit 42Tom Lancaster, Josh Grunzweig
@online{lancaster:20190319:cardinal:b75240f, author = {Tom Lancaster and Josh Grunzweig}, title = {{Cardinal RAT Sins Again, Targets Israeli Fin-Tech Firms}}, date = {2019-03-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cardinal-rat-sins-again-targets-israeli-fin-tech-firms/}, language = {English}, urldate = {2020-01-13} } Cardinal RAT Sins Again, Targets Israeli Fin-Tech Firms
EVILNUM Cardinal RAT EVILNUM