Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-10-29Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20201029:donots:850f31b, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread}}, date = {2020-10-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/10/donot-firestarter.html}, language = {English}, urldate = {2020-10-29} } DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
Unidentified APK 005
2020-10-06TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20201006:poetrat:17f845e, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PoetRAT: Malware targeting public and private sector in Azerbaijan evolves}}, date = {2020-10-06}, organization = {Talos}, url = {https://blog.talosintelligence.com/2020/10/poetrat-update.html}, language = {English}, urldate = {2020-10-07} } PoetRAT: Malware targeting public and private sector in Azerbaijan evolves
Poet RAT
2020-08-13Talos IntelligenceMartin Lee, Paul Rascagnères, Vitor Ventura
@online{lee:20200813:attribution:ced59ff, author = {Martin Lee and Paul Rascagnères and Vitor Ventura}, title = {{Attribution: A Puzzle}}, date = {2020-08-13}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2020/08/attribution-puzzle.html}, language = {English}, urldate = {2020-08-14} } Attribution: A Puzzle
WellMail elf.wellmess AcidBox WellMess
2020-06-29Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200629:promethium:e80cd47, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PROMETHIUM extends global reach with StrongPity3 APT}}, date = {2020-06-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html}, language = {English}, urldate = {2020-06-30} } PROMETHIUM extends global reach with StrongPity3 APT
StrongPity
2020-05-19Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200519:wolf:8e65365, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{The wolf is back...}}, date = {2020-05-19}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/05/the-wolf-is-back.html}, language = {English}, urldate = {2020-05-20} } The wolf is back...
WolfRAT
2020-04-16Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200416:poetrat:ab5659a, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors}}, date = {2020-04-16}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html}, language = {English}, urldate = {2020-05-05} } PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
Poet RAT
2020-03-05Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200305:bisonal:7885944, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{Bisonal: 10 years of play}}, date = {2020-03-05}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/03/bisonal-10-years-of-play.html}, language = {English}, urldate = {2020-03-05} } Bisonal: 10 years of play
Korlia
2020-01-16Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura, Eric Kuhla
@online{mercer:20200116:jhonerat:b41f102, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura and Eric Kuhla}, title = {{JhoneRAT: Cloud based python RAT targeting Middle Eastern countries}}, date = {2020-01-16}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/01/jhonerat.html}, language = {English}, urldate = {2020-01-27} } JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
JhoneRAT
2019-09-24Cisco TalosWarren Mercer, Paul Rascagnères, Jungsoo An
@online{mercer:20190924:how:ac2b53e, author = {Warren Mercer and Paul Rascagnères and Jungsoo An}, title = {{How Tortoiseshell created a fake veteran hiring website to host malware}}, date = {2019-09-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/09/tortoiseshell-fake-veterans.html}, language = {English}, urldate = {2019-12-02} } How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit
2019-08-27Cisco TalosPaul Rascagnères, Vanja Svajcer
@online{rascagnres:20190827:china:2d2bbb8, author = {Paul Rascagnères and Vanja Svajcer}, title = {{China Chopper still active 9 years later}}, date = {2019-08-27}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/08/china-chopper-still-active-9-years-later.html}, language = {English}, urldate = {2019-10-14} } China Chopper still active 9 years later
CHINACHOPPER
2019-07-09Talos IntelligenceDanny Adamitis, Paul Rascagnères
@online{adamitis:20190709:sea:62515b8, author = {Danny Adamitis and Paul Rascagnères}, title = {{Sea Turtle Keeps on Swimming}}, date = {2019-07-09}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2019/07/sea-turtle-keeps-on-swimming.html}, language = {English}, urldate = {2020-06-08} } Sea Turtle Keeps on Swimming
2019-04-23TalosWarren Mercer, Paul Rascagnères
@online{mercer:20190423:dnspionage:509e055, author = {Warren Mercer and Paul Rascagnères}, title = {{DNSpionage brings out the Karkoff}}, date = {2019-04-23}, organization = {Talos}, url = {https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html}, language = {English}, urldate = {2019-12-20} } DNSpionage brings out the Karkoff
DNSpionage Karkoff DNSpionage
2019-04-17Cisco TalosDanny Adamitis, David Maynor, Warren Mercer, Matthew Olney, Paul Rascagnères
@online{adamitis:20190417:dns:0146532, author = {Danny Adamitis and David Maynor and Warren Mercer and Matthew Olney and Paul Rascagnères}, title = {{DNS Hijacking Abuses Trust In Core Internet Service}}, date = {2019-04-17}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/04/seaturtle.html}, language = {English}, urldate = {2020-01-09} } DNS Hijacking Abuses Trust In Core Internet Service
Sea Turtle
2019-03-13Cisco TalosWarren Mercer, Paul Rascagnères, Ben Baker
@online{mercer:20190313:glitchpos:a94f15c, author = {Warren Mercer and Paul Rascagnères and Ben Baker}, title = {{GlitchPOS: New PoS malware for sale}}, date = {2019-03-13}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/03/glitchpos-new-pos-malware-for-sale.html}, language = {English}, urldate = {2019-10-29} } GlitchPOS: New PoS malware for sale
GlitchPOS
2019-02-04CiscoWarren Mercer, Paul Rascagnères, Jaeson Schultz
@online{mercer:20190204:exilerat:1f7c57c, author = {Warren Mercer and Paul Rascagnères and Jaeson Schultz}, title = {{ExileRAT shares C2 with LuckyCat, targets Tibet}}, date = {2019-02-04}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2019/02/exilerat-shares-c2-with-luckycat.html}, language = {English}, urldate = {2020-01-07} } ExileRAT shares C2 with LuckyCat, targets Tibet
LuckyCat Exile RAT
2019-01-30Cisco TalosEdmund Brumaghin, Paul Rascagnères, Jungsoo An
@online{brumaghin:20190130:fake:3499d4e, author = {Edmund Brumaghin and Paul Rascagnères and Jungsoo An}, title = {{Fake Cisco Job Posting Targets Korean Candidates}}, date = {2019-01-30}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/01/fake-korean-job-posting.html}, language = {English}, urldate = {2020-01-10} } Fake Cisco Job Posting Targets Korean Candidates
CoreDN
2018-11-27Cisco TalosWarren Mercer, Paul Rascagnères
@online{mercer:20181127:dnspionage:7f0b0f3, author = {Warren Mercer and Paul Rascagnères}, title = {{DNSpionage Campaign Targets Middle East}}, date = {2018-11-27}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html}, language = {English}, urldate = {2020-05-18} } DNSpionage Campaign Targets Middle East
DNSpionage DNSpionage
2018-11-08Cisco TalosEdmund Brumaghin, Warren Mercer, Paul Rascagnères, Vitor Ventura
@online{brumaghin:20181108:metamorfo:d12fe7e, author = {Edmund Brumaghin and Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{Metamorfo Banking Trojan Keeps Its Sights on Brazil}}, date = {2018-11-08}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/11/metamorfo-brazilian-campaigns.html}, language = {English}, urldate = {2020-01-06} } Metamorfo Banking Trojan Keeps Its Sights on Brazil
Metamorfo
2018-11-05CiscoDanny Adamitis, Warren Mercer, Paul Rascagnères, Vitor Ventura, Eric Kuhla
@online{adamitis:20181105:persian:5adf8c2, author = {Danny Adamitis and Warren Mercer and Paul Rascagnères and Vitor Ventura and Eric Kuhla}, title = {{Persian Stalker pillages Iranian users of Instagram and Telegram}}, date = {2018-11-05}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2018/11/persian-stalker.html}, language = {English}, urldate = {2019-11-27} } Persian Stalker pillages Iranian users of Instagram and Telegram
FakeGram
2018-09-24Cisco TalosPaul Rascagnères, Vitor Ventura, Tomislav Pericin, Robert Perica
@online{rascagnres:20180924:adwind:9b737eb, author = {Paul Rascagnères and Vitor Ventura and Tomislav Pericin and Robert Perica}, title = {{Adwind Dodges AV via DDE}}, date = {2018-09-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/09/adwind-dodgesav-dde.html}, language = {English}, urldate = {2020-01-06} } Adwind Dodges AV via DDE
AdWind