Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-01Security AffairsPierluigi Paganini
@online{paganini:20230201:new:4605a53, author = {Pierluigi Paganini}, title = {{New LockBit Green ransomware variant borrows code from Conti ransomware}}, date = {2023-02-01}, organization = {Security Affairs}, url = {https://securityaffairs.com/141666/cyber-crime/lockbit-green-ransomware-variant.html}, language = {English}, urldate = {2023-02-02} } New LockBit Green ransomware variant borrows code from Conti ransomware
Conti LockBit
2022-07-11Security AffairsPierluigi Paganini
@online{paganini:20220711:anubis:f2a0277, author = {Pierluigi Paganini}, title = {{Anubis Networks is back with new C2 server}}, date = {2022-07-11}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/133115/hacking/anubis-networks-new-c2.html}, language = {English}, urldate = {2022-07-12} } Anubis Networks is back with new C2 server
Anubis
2022-03-23SecurityAffairsPierluigi Paganini
@online{paganini:20220323:its:93ae664, author = {Pierluigi Paganini}, title = {{It’s official, Lapsus$ gang compromised a Microsoft employee’s account}}, date = {2022-03-23}, organization = {SecurityAffairs}, url = {https://securityaffairs.co/wordpress/129391/hacking/lapsus-gang-compromised-microsoft-employees-account.html}, language = {English}, urldate = {2022-03-25} } It’s official, Lapsus$ gang compromised a Microsoft employee’s account
RedLine Stealer
2022-03-15SecurityAffairsPierluigi Paganini
@online{paganini:20220315:caddywiper:13b5403, author = {Pierluigi Paganini}, title = {{CaddyWiper, a new data wiper hits Ukraine}}, date = {2022-03-15}, organization = {SecurityAffairs}, url = {https://securityaffairs.co/wordpress/129069/cyber-warfare-2/caddywiper-wiper-hits-ukraine.html}, language = {English}, urldate = {2022-03-15} } CaddyWiper, a new data wiper hits Ukraine
CaddyWiper
2022-03-13Security AffairsPierluigi Paganini
@online{paganini:20220313:hidden:c809849, author = {Pierluigi Paganini}, title = {{The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years}}, date = {2022-03-13}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/128975/malware/hidden-c2-lampion-trojan-release-212.html}, language = {English}, urldate = {2022-03-14} } The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
lampion
2022-02-21Security AffairsPierluigi Paganini
@online{paganini:20220221:flaw:0b723b0, author = {Pierluigi Paganini}, title = {{A flaw in the encryption algorithm of Hive Ransomware allows retrieving encrypted files}}, date = {2022-02-21}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/128232/security/recover-files-hive-ransomware.html}, language = {English}, urldate = {2022-02-26} } A flaw in the encryption algorithm of Hive Ransomware allows retrieving encrypted files
Hive Hive
2022-02-20Security AffairsPierluigi Paganini
@online{paganini:20220220:conti:a6d57b1, author = {Pierluigi Paganini}, title = {{The Conti ransomware group takes over TrickBot malware operation and plans to replace it with BazarBackdoor malware.}}, date = {2022-02-20}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/128190/cyber-crime/conti-ransomware-takes-over-trickbot.html}, language = {English}, urldate = {2022-02-26} } The Conti ransomware group takes over TrickBot malware operation and plans to replace it with BazarBackdoor malware.
Conti TrickBot
2022-02-09Security AffairsPierluigi Paganini
@online{paganini:20220209:master:b0b64b8, author = {Pierluigi Paganini}, title = {{Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online}}, date = {2022-02-09}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/127826/malware/egregor-sekhmet-decryption-keys.html}, language = {English}, urldate = {2022-02-10} } Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online
Egregor m0yv Maze Sekhmet
2022-02-07SecurityAffairsPierluigi Paganini
@online{paganini:20220207:avast:12bb4e5, author = {Pierluigi Paganini}, title = {{Avast released a free decryptor for TargetCompany ransomware}}, date = {2022-02-07}, organization = {SecurityAffairs}, url = {https://securityaffairs.co/wordpress/127761/malware/targetcompany-ransomware-decryptor.html}, language = {English}, urldate = {2022-02-10} } Avast released a free decryptor for TargetCompany ransomware
TargetCompany
2022-02-02SecurityAffairsPierluigi Paganini
@online{paganini:20220202:experts:0eedd89, author = {Pierluigi Paganini}, title = {{Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op}}, date = {2022-02-02}, organization = {SecurityAffairs}, url = {https://securityaffairs.co/wordpress/127526/apt/apt35-spike-memento-op.html}, language = {English}, urldate = {2022-02-04} } Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op
2020-04-28YoroiAntonio Pirozzi, Luigi Martire, Pierluigi Paganini
@online{pirozzi:20200428:outlaw:e4da556, author = {Antonio Pirozzi and Luigi Martire and Pierluigi Paganini}, title = {{Outlaw is Back, a New Crypto-Botnet Targets European Organizations}}, date = {2020-04-28}, organization = {Yoroi}, url = {https://yoroi.company/research/outlaw-is-back-a-new-crypto-botnet-targets-european-organizations/}, language = {English}, urldate = {2021-06-16} } Outlaw is Back, a New Crypto-Botnet Targets European Organizations
Cpuminer PerlBot
2020-02-29Security AffairsPierluigi Paganini
@online{paganini:20200229:sodinokibi:799a623, author = {Pierluigi Paganini}, title = {{Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm}}, date = {2020-02-29}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/98694/malware/sodinokibi-kenneth-cole-data-breach.html}, language = {English}, urldate = {2020-03-11} } Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm
REvil
2018-01-22Security AffairsPierluigi Paganini
@online{paganini:20180122:op:589613e, author = {Pierluigi Paganini}, title = {{Op EvilTraffic CSE CybSec ZLAB Malware Analysis Report – Exclusive, tens of thousands of compromised sites involved in a new massive malvertising campaign}}, date = {2018-01-22}, organization = {Security Affairs}, url = {http://securityaffairs.co/wordpress/68059/cyber-crime/eviltraffic-malvertising-campaign.html}, language = {English}, urldate = {2020-01-08} } Op EvilTraffic CSE CybSec ZLAB Malware Analysis Report – Exclusive, tens of thousands of compromised sites involved in a new massive malvertising campaign
EvilTraffic
2017-09-06SecurityAffairsPierluigi Paganini
@online{paganini:20170906:shadowbrokers:5909aa9, author = {Pierluigi Paganini}, title = {{ShadowBrokers are back demanding nearly $4m and offering 2 dumps per month}}, date = {2017-09-06}, organization = {SecurityAffairs}, url = {http://securityaffairs.co/wordpress/62770/hacking/shadowbrokers-return.html}, language = {English}, urldate = {2019-12-18} } ShadowBrokers are back demanding nearly $4m and offering 2 dumps per month
The Shadow Brokers
2017-09-01Security AffairsPierluigi Paganini
@online{paganini:20170901:vxer:d2f951b, author = {Pierluigi Paganini}, title = {{Vxer is offering Cobian RAT in the underground, but it is backdoored}}, date = {2017-09-01}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/62573/malware/cobian-rat-backdoor.html}, language = {English}, urldate = {2020-01-06} } Vxer is offering Cobian RAT in the underground, but it is backdoored
Cobian RAT
2017-02-16SecurityAffairsPierluigi Paganini
@online{paganini:20170216:iranian:917f46c, author = {Pierluigi Paganini}, title = {{Iranian hackers behind the Magic Hound campaign linked to Shamoon}}, date = {2017-02-16}, organization = {SecurityAffairs}, url = {https://securityaffairs.co/wordpress/56348/intelligence/magic-hound-campaign.html}, language = {English}, urldate = {2022-07-29} } Iranian hackers behind the Magic Hound campaign linked to Shamoon
pupy APT35
2016-07-07Pierluigi Paganini
@online{paganini:20160707:new:7c765a2, author = {Pierluigi Paganini}, title = {{New threat dubbed Zepto Ransomware is spreading out with a new email spam campaign. It is a variant of the recent Locky Ransomware.}}, date = {2016-07-07}, url = {http://securityaffairs.co/wordpress/49094/malware/zepto-ransomware.html}, language = {English}, urldate = {2019-11-22} } New threat dubbed Zepto Ransomware is spreading out with a new email spam campaign. It is a variant of the recent Locky Ransomware.
Locky
2015-08-26Security AffairsPierluigi Paganini
@online{paganini:20150826:sphinx:dfbcee8, author = {Pierluigi Paganini}, title = {{Sphinx, a new variant of Zeus available for sale in the underground}}, date = {2015-08-26}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/39592/cyber-crime/sphinx-variant-zeus-trojan.html}, language = {English}, urldate = {2020-01-08} } Sphinx, a new variant of Zeus available for sale in the underground
Zeus Sphinx
2015-07-08InfosecPierluigi Paganini
@online{paganini:20150708:animal:bd9d9dc, author = {Pierluigi Paganini}, title = {{Animal Farm APT and the Shadow of French Intelligence}}, date = {2015-07-08}, organization = {Infosec}, url = {https://resources.infosecinstitute.com/animal-farm-apt-and-the-shadow-of-france-intelligence/}, language = {English}, urldate = {2019-12-19} } Animal Farm APT and the Shadow of French Intelligence
SNOWGLOBE
2015-02-19Security AffairsPierluigi Paganini
@online{paganini:20150219:arid:c2612d7, author = {Pierluigi Paganini}, title = {{Arid Viper – Israel entities targeted by malware packaged with sex video}}, date = {2015-02-19}, organization = {Security Affairs}, url = {http://securityaffairs.co/wordpress/33785/cyber-crime/arid-viper-israel-sex-video.html}, language = {English}, urldate = {2020-01-06} } Arid Viper – Israel entities targeted by malware packaged with sex video
AridViper