Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-30VolexityAnkur Saini, Callum Roxan, Charlie Gardner, Paul Rascagnères, Steven Adair, Thomas Lancaster
3CX Supply Chain Compromise Leads to ICONIC Incident
3CX Backdoor IconicStealer
2023-03-07VolexityPaul Rascagnères
Using Memory Analysis to Detect EDR-Nullifying Malware
2021-12-14Kaspersky LabsPaul Rascagnères, Pierre Delcher
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa
2021-10-07KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères
LYCEUM Reborn: Counterintelligence in the Middle East
danbot LYCEUM
2021-09-30KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères, Vasily Berdnikov
GhostEmperor: From ProxyLogon to kernel mode
GhostEmperor GhostEmperor
2021-07-14KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères
LuminousMoth APT: Sweeping attacks for the chosen few
Cobalt Strike
2020-10-29Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
KnSpy
2020-10-06TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
PoetRAT: Malware targeting public and private sector in Azerbaijan evolves
Poet RAT
2020-08-13Talos IntelligenceMartin Lee, Paul Rascagnères, Vitor Ventura
Attribution: A Puzzle
WellMail elf.wellmess AcidBox WellMess
2020-06-29Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
PROMETHIUM extends global reach with StrongPity3 APT
StrongPity
2020-05-19Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
The wolf is back...
WolfRAT
2020-04-16Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
Poet RAT
2020-03-05Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
Bisonal: 10 years of play
Korlia
2020-01-16Cisco TalosEric Kuhla, Paul Rascagnères, Vitor Ventura, Warren Mercer
JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
JhoneRAT
2019-11-07Virus BulletinPaul Rascagnères, Warren Mercer
DNS on Fire
DNSpionage Sea Turtle
2019-11-07Virus BulletinPaul Rascagnères, Warren Mercer
DNS on FIre
DNSpionage Sea Turtle
2019-09-24Cisco TalosJungsoo An, Paul Rascagnères, Warren Mercer
How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit
2019-08-27Cisco TalosPaul Rascagnères, Vanja Svajcer
China Chopper still active 9 years later
CHINACHOPPER
2019-07-09Cisco TalosPaul Rascagnères
Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques
Sea Turtle
2019-07-09Talos IntelligenceDanny Adamitis, Paul Rascagnères
Sea Turtle Keeps on Swimming