Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-28JuniperPaul Kimayong
@online{kimayong:20230828:dreambus:8065a04, author = {Paul Kimayong}, title = {{DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability}}, date = {2023-08-28}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/dreambus-botnet-resurfaces-targets-rocketmq-vulnerability}, language = {English}, urldate = {2023-08-31} } DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability
DreamBus
2022-08-31JuniperPaul Kimayong
@online{kimayong:20220831:asbit:611ae9b, author = {Paul Kimayong}, title = {{Asbit: An Emerging Remote Desktop Trojan}}, date = {2022-08-31}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/asbit-an-emerging-remote-desktop-trojan}, language = {English}, urldate = {2022-09-01} } Asbit: An Emerging Remote Desktop Trojan
Asbit
2022-03-24JuniperPaul Kimayong
@online{kimayong:20220324:muhstik:b70f2b9, author = {Paul Kimayong}, title = {{Muhstik Gang targets Redis Servers}}, date = {2022-03-24}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/security/muhstik-gang-targets-redis-servers}, language = {English}, urldate = {2022-03-28} } Muhstik Gang targets Redis Servers
Tsunami
2021-10-11JuniperPaul Kimayong
@online{kimayong:20211011:necro:9b112bd, author = {Paul Kimayong}, title = {{Necro Python Botnet Goes After Vulnerable VisualTools DVR}}, date = {2021-10-11}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr}, language = {English}, urldate = {2021-10-25} } Necro Python Botnet Goes After Vulnerable VisualTools DVR
N3Cr0m0rPh
2021-09-08JuniperPaul Kimayong
@online{kimayong:20210908:aggah:8508369, author = {Paul Kimayong}, title = {{Aggah Malware Campaign Expands to Zendesk and GitHub to Host Its Malware}}, date = {2021-09-08}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/security/aggah-malware-campaign-expands-to-zendesk-and-github-to-host-its-malware}, language = {English}, urldate = {2021-09-10} } Aggah Malware Campaign Expands to Zendesk and GitHub to Host Its Malware
Agent Tesla
2021-04-08JuniperPaul Kimayong
@online{kimayong:20210408:sysrv:c1cbc71, author = {Paul Kimayong}, title = {{Sysrv Botnet Expands and Gains Persistence}}, date = {2021-04-08}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/sysrv-botnet-expands-and-gains-persistence}, language = {English}, urldate = {2021-04-12} } Sysrv Botnet Expands and Gains Persistence
2020-12-01JuniperPaul Kimayong
@online{kimayong:20201201:darkirc:f22ae7d, author = {Paul Kimayong}, title = {{DarkIRC bot exploits recent Oracle WebLogic vulnerability}}, date = {2020-12-01}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/darkirc-bot-exploits-oracle-weblogic-vulnerability}, language = {English}, urldate = {2021-03-30} } DarkIRC bot exploits recent Oracle WebLogic vulnerability
DarkIRC
2020-10-05JuniperPaul Kimayong
@online{kimayong:20201005:new:739309f, author = {Paul Kimayong}, title = {{New pastebin-like service used in multiple malware campaigns}}, date = {2020-10-05}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/new-pastebin-like-service-used-in-multiple-malware-campaigns}, language = {English}, urldate = {2020-10-07} } New pastebin-like service used in multiple malware campaigns
Agent Tesla LimeRAT RedLine Stealer
2020-08-12JuniperPaul Kimayong
@online{kimayong:20200812:icedid:b40f8b4, author = {Paul Kimayong}, title = {{IcedID Campaign Strikes Back}}, date = {2020-08-12}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/iceid-campaign-strikes-back}, language = {English}, urldate = {2020-08-27} } IcedID Campaign Strikes Back
IcedID
2020-06-18JuniperPaul Kimayong
@online{kimayong:20200618:covid19:4bb5511, author = {Paul Kimayong}, title = {{COVID-19 and FMLA Campaigns used to install new IcedID banking malware}}, date = {2020-06-18}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/covid-19-and-fmla-campaigns-used-to-install-new-icedid-banking-malware}, language = {English}, urldate = {2020-06-23} } COVID-19 and FMLA Campaigns used to install new IcedID banking malware
IcedID
2019-09-26JuniperPaul Kimayong
@online{kimayong:20190926:masad:0f8ea5a, author = {Paul Kimayong}, title = {{Masad Stealer: Exfiltrating using Telegram}}, date = {2019-09-26}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/masad-stealer-exfiltrating-using-telegram}, language = {English}, urldate = {2020-09-03} } Masad Stealer: Exfiltrating using Telegram
Masad Stealer
2018-05-21JuniperPaul Kimayong
@online{kimayong:20180521:nukebot:dcd8985, author = {Paul Kimayong}, title = {{Nukebot Banking Trojan targeting people in France}}, date = {2018-05-21}, organization = {Juniper}, url = {https://forums.juniper.net/t5/Threat-Research/Nukebot-Banking-Trojan-targeting-people-in-France/ba-p/326702}, language = {English}, urldate = {2019-11-22} } Nukebot Banking Trojan targeting people in France
TinyNuke
2018-02-13JuniperPaul Kimayong
@online{kimayong:20180213:new:b8d70e2, author = {Paul Kimayong}, title = {{New Gootkit Banking Trojan variant pushes the limits on evasive behavior}}, date = {2018-02-13}, organization = {Juniper}, url = {https://forums.juniper.net/t5/Security-Now/New-Gootkit-Banking-Trojan-variant-pushes-the-limits-on-evasive/ba-p/319055}, language = {English}, urldate = {2019-12-10} } New Gootkit Banking Trojan variant pushes the limits on evasive behavior
GootKit