Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-24Kaspersky LabsPierre Delcher, Ivan Kwiatkowski
@online{delcher:20230424:tomiris:2d65352, author = {Pierre Delcher and Ivan Kwiatkowski}, title = {{Tomiris called, they want their Turla malware back}}, date = {2023-04-24}, organization = {Kaspersky Labs}, url = {https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/}, language = {English}, urldate = {2023-04-26} } Tomiris called, they want their Turla malware back
KopiLuwak Andromeda Ave Maria GoldMax JLORAT Kazuar Meterpreter QUIETCANARY RATel Roopy Telemiris tomiris Topinambour
2022-08-10KasperskyPierre Delcher, Giampaolo Dedola
@online{delcher:20220810:vilerat:a47ce21, author = {Pierre Delcher and Giampaolo Dedola}, title = {{VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges}}, date = {2022-08-10}, organization = {Kaspersky}, url = {https://securelist.com/vilerat-deathstalkers-continuous-strike/107075/}, language = {English}, urldate = {2022-08-12} } VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges
2022-06-30KasperskyPierre Delcher
@online{delcher:20220630:sessionmanager:f171df2, author = {Pierre Delcher}, title = {{The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact}}, date = {2022-06-30}, organization = {Kaspersky}, url = {https://securelist.com/the-sessionmanager-iis-backdoor/106868/}, language = {English}, urldate = {2022-07-05} } The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
MimiKatz Owlproxy SessionManager
2021-12-14Kaspersky LabsPaul Rascagnères, Pierre Delcher
@online{rascagnres:20211214:owowa:4a26756, author = {Paul Rascagnères and Pierre Delcher}, title = {{Owowa: the add-on that turns your OWA into a credential stealer and remote access panel}}, date = {2021-12-14}, organization = {Kaspersky Labs}, url = {https://securelist.com/owowa-credential-stealer-and-remote-access/105219/}, language = {English}, urldate = {2021-12-17} } Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa
2021-09-29Kaspersky LabsIvan Kwiatkowski, Pierre Delcher
@online{kwiatkowski:20210929:darkhalo:d81f7d2, author = {Ivan Kwiatkowski and Pierre Delcher}, title = {{DarkHalo after SolarWinds: the Tomiris connection (UNC2849)}}, date = {2021-09-29}, organization = {Kaspersky Labs}, url = {https://securelist.com/darkhalo-after-solarwinds-the-tomiris-connection/104311/}, language = {English}, urldate = {2021-11-30} } DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris
2021-04-05KasperskyIvan Kwiatkowski, Pierre Delcher, Mark Lechtik
@online{kwiatkowski:20210405:leap:9f488d4, author = {Ivan Kwiatkowski and Pierre Delcher and Mark Lechtik}, title = {{The leap of a Cycldek-related threat actor}}, date = {2021-04-05}, organization = {Kaspersky}, url = {https://securelist.com/the-leap-of-a-cycldek-related-threat-actor/101243/}, language = {English}, urldate = {2021-04-14} } The leap of a Cycldek-related threat actor
2020-12-03Kaspersky LabsPierre Delcher
@online{delcher:20201203:what:9853c58, author = {Pierre Delcher}, title = {{What did DeathStalker hide between two ferns?}}, date = {2020-12-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/what-did-deathstalker-hide-between-two-ferns/99616/}, language = {English}, urldate = {2020-12-08} } What did DeathStalker hide between two ferns?
PowerPepper Evilnum
2020-10-15Kaspersky LabsIvan Kwiatkowski, Pierre Delcher, Félix Aime
@online{kwiatkowski:20201015:iamtheking:1c3917e, author = {Ivan Kwiatkowski and Pierre Delcher and Félix Aime}, title = {{IAmTheKing and the SlothfulMedia malware family}}, date = {2020-10-15}, organization = {Kaspersky Labs}, url = {https://securelist.com/iamtheking-and-the-slothfulmedia-malware-family/99000/}, language = {English}, urldate = {2020-10-16} } IAmTheKing and the SlothfulMedia malware family
SlothfulMedia
2020-08-24Kaspersky LabsIvan Kwiatkowski, Pierre Delcher, Maher Yamout
@online{kwiatkowski:20200824:lifting:fd3c725, author = {Ivan Kwiatkowski and Pierre Delcher and Maher Yamout}, title = {{Lifting the veil on DeathStalker, a mercenary triumvirate}}, date = {2020-08-24}, organization = {Kaspersky Labs}, url = {https://securelist.com/deathstalker-mercenary-triumvirate/98177/}, language = {English}, urldate = {2020-08-25} } Lifting the veil on DeathStalker, a mercenary triumvirate
EVILNUM Janicab Evilnum
2020-07-28Kaspersky LabsIvan Kwiatkowski, Pierre Delcher, Félix Aime
@online{kwiatkowski:20200728:lazarus:5b1523a, author = {Ivan Kwiatkowski and Pierre Delcher and Félix Aime}, title = {{Lazarus on the hunt for big game}}, date = {2020-07-28}, organization = {Kaspersky Labs}, url = {https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/}, language = {English}, urldate = {2020-07-30} } Lazarus on the hunt for big game
Dacls Dacls Dacls VHD Ransomware
2020-03-31Kaspersky LabsIvan Kwiatkowski, Félix Aime, Pierre Delcher
@online{kwiatkowski:20200331:holy:857c397, author = {Ivan Kwiatkowski and Félix Aime and Pierre Delcher}, title = {{Holy water: ongoing targeted water-holing attack in Asia}}, date = {2020-03-31}, organization = {Kaspersky Labs}, url = {https://securelist.com/holy-water-ongoing-targeted-water-holing-attack-in-asia/96311/}, language = {English}, urldate = {2020-04-07} } Holy water: ongoing targeted water-holing attack in Asia
Godlike12