Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-19Palo Alto Networks Unit 42Mike Harbison, Peter Renals
@online{harbison:20220719:russian:acbf388, author = {Mike Harbison and Peter Renals}, title = {{Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive}}, date = {2022-07-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cloaked-ursa-online-storage-services-campaigns/}, language = {English}, urldate = {2022-07-19} } Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive
Cobalt Strike EnvyScout Gdrive
2022-07-05Palo Alto Networks Unit 42Mike Harbison, Peter Renals
@online{harbison:20220705:when:277492d, author = {Mike Harbison and Peter Renals}, title = {{When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors}}, date = {2022-07-05}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/brute-ratel-c4-tool}, language = {English}, urldate = {2022-07-12} } When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
2021-12-02Palo Alto Networks Unit 42Robert Falcone, Peter Renals
@online{falcone:20211202:expands:dfaebce, author = {Robert Falcone and Peter Renals}, title = {{APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus}}, date = {2021-12-02}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/tiltedtemple-manageengine-servicedesk-plus/}, language = {English}, urldate = {2021-12-02} } APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
Godzilla Webshell
2021-11-07Palo Alto Networks Unit 42Robert Falcone, Jeff White, Peter Renals
@online{falcone:20211107:targeted:121be00, author = {Robert Falcone and Jeff White and Peter Renals}, title = {{Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer}}, date = {2021-11-07}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/}, language = {English}, urldate = {2021-12-02} } Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite
2021-10-07Palo Alto Networks Unit 42Peter Renals
@online{renals:20211007:silverterrier:e682411, author = {Peter Renals}, title = {{SilverTerrier – Nigerian Business Email Compromise}}, date = {2021-10-07}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/silverterrier-nigerian-business-email-compromise/}, language = {English}, urldate = {2021-10-11} } SilverTerrier – Nigerian Business Email Compromise
2016Palo Alto Networks Unit 42Peter Renals, Simon Conant
@techreport{renals:2016:silverterrier:56ebc9b, author = {Peter Renals and Simon Conant}, title = {{SILVERTERRIER}}, date = {2016}, institution = {Palo Alto Networks Unit 42}, url = {https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/Unit_42/silverterrier-next-evolution-in-nigerian-cybercrime.pdf}, language = {English}, urldate = {2020-01-08} } SILVERTERRIER
SilverTerrier