Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-07GooglePierre-Marc Bureau, Google Threat Analysis Group
@online{bureau:20220907:initial:d1975b3, author = {Pierre-Marc Bureau and Google Threat Analysis Group}, title = {{Initial access broker repurposing techniques in targeted attacks against Ukraine}}, date = {2022-09-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/initial-access-broker-repurposing-techniques-in-targeted-attacks-against-ukraine/}, language = {English}, urldate = {2022-09-13} } Initial access broker repurposing techniques in targeted attacks against Ukraine
AnchorMail Cobalt Strike IcedID
2014-03-18ESET ResearchPierre-Marc Bureau
@online{bureau:20140318:operation:1b1bd17, author = {Pierre-Marc Bureau}, title = {{Operation Windigo – the vivisection of a large Linux server‑side credential‑stealing malware campaign}}, date = {2014-03-18}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2014/03/18/operation-windigo-the-vivisection-of-a-large-linux-server-side-credential-stealing-malware-campaign/}, language = {English}, urldate = {2019-11-14} } Operation Windigo – the vivisection of a large Linux server‑side credential‑stealing malware campaign
Boaxxe Glupteba
2014-03ESET ResearchOlivier Bilodeau, Pierre-Marc Bureau, Joan Calvet, Alexis Dorais-Joncas, Marc-Etienne M.Léveillé, Benjamin Vanheuverzwijn
@techreport{bilodeau:201403:operation:40b7f42, author = {Olivier Bilodeau and Pierre-Marc Bureau and Joan Calvet and Alexis Dorais-Joncas and Marc-Etienne M.Léveillé and Benjamin Vanheuverzwijn}, title = {{OPERATION WINDIGO}}, date = {2014-03}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf}, language = {English}, urldate = {2020-01-08} } OPERATION WINDIGO
Ebury
2013-09-25ESET ResearchPierre-Marc Bureau
@online{bureau:20130925:win32napolar:aba54b1, author = {Pierre-Marc Bureau}, title = {{Win32/Napolar – A new bot on the block}}, date = {2013-09-25}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2013/09/25/win32napolar-a-new-bot-on-the-block/}, language = {English}, urldate = {2019-11-14} } Win32/Napolar – A new bot on the block
Solarbot
2013-04-26ESET ResearchPierre-Marc Bureau
@online{bureau:20130426:linuxcdorkeda:ab3e321, author = {Pierre-Marc Bureau}, title = {{Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole}}, date = {2013-04-26}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/}, language = {English}, urldate = {2019-11-14} } Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole
CDorked
2012-12-18ESET ResearchPierre-Marc Bureau
@online{bureau:20121218:malicious:c863bcf, author = {Pierre-Marc Bureau}, title = {{Malicious Apache module used for content injection: Linux/Chapro.A}}, date = {2012-12-18}, organization = {ESET Research}, url = {http://blog.eset.com/2012/12/18/malicious-apache-module-used-for-content-injection-linuxchapro-a}, language = {English}, urldate = {2019-12-20} } Malicious Apache module used for content injection: Linux/Chapro.A
Chapro