Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-27Positive TechnologiesPT ESC Threat Intelligence
@online{intelligence:20210427:lazarus:64179a4, author = {PT ESC Threat Intelligence}, title = {{Lazarus Group Recruitment: Threat Hunters vs Head Hunters}}, date = {2021-04-27}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/lazarus-recruitment/}, language = {English}, urldate = {2021-04-29} } Lazarus Group Recruitment: Threat Hunters vs Head Hunters
2020-11-13Youtube (The Standoff)Alexey Zakharov, Positive Technologies
@online{zakharov:20201113:ff202eng:1d1222c, author = {Alexey Zakharov and Positive Technologies}, title = {{FF_202_Eng - From old Higaisa samples to new Winnti backdoors: The story of one research}}, date = {2020-11-13}, organization = {Youtube (The Standoff)}, url = {https://www.youtube.com/watch?v=8x-pGlWpIYI}, language = {English}, urldate = {2020-11-23} } FF_202_Eng - From old Higaisa samples to new Winnti backdoors: The story of one research
CROSSWALK Unidentified 076 (Higaisa LNK to Shellcode)
2020-06-19Positive TechnologiesAlexey Vishnyakov
@online{vishnyakov:20200619:eagle:01efbbd, author = {Alexey Vishnyakov}, title = {{The eagle eye is back: old and new backdoors from APT30}}, date = {2020-06-19}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/}, language = {English}, urldate = {2020-06-20} } The eagle eye is back: old and new backdoors from APT30
backspace NETEAGLE RCtrl RHttpCtrl APT 30
2020-05-24Positive TechnologiesPT ESC Threat Intelligence
@online{intelligence:20200524:operation:2ce432b, author = {PT ESC Threat Intelligence}, title = {{Operation TA505: network infrastructure. Part 3.}}, date = {2020-05-24}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/operation-ta505-part3/}, language = {English}, urldate = {2020-11-23} } Operation TA505: network infrastructure. Part 3.
AndroMut Buhtrap SmokeLoader
2020-05-22Positive TechnologiesPT ESC Threat Intelligence
@online{intelligence:20200522:operation:6e4f978, author = {PT ESC Threat Intelligence}, title = {{Operation TA505: investigating the ServHelper backdoor with NetSupport RAT. Part 2.}}, date = {2020-05-22}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/operation-ta505-part2/}, language = {English}, urldate = {2020-11-23} } Operation TA505: investigating the ServHelper backdoor with NetSupport RAT. Part 2.
NetSupportManager RAT ServHelper
2020-04-17Youtube (Positive Technologies)PTSecurity
@online{ptsecurity:20200417:mlw:583a7fe, author = {PTSecurity}, title = {{Mlw #41: новый сложный загрузчик APT-группировки TA505}}, date = {2020-04-17}, organization = {Youtube (Positive Technologies)}, url = {https://www.youtube.com/watch?v=k3sM88o_maM}, language = {Russian}, urldate = {2020-10-08} } Mlw #41: новый сложный загрузчик APT-группировки TA505
SnatchLoader
2019-11-15Positive TechnologiesPositive Technologies
@online{technologies:20191115:studying:b64a9fd, author = {Positive Technologies}, title = {{Studying Donot Team}}, date = {2019-11-15}, organization = {Positive Technologies}, url = {http://blog.ptsecurity.com/2019/11/studying-donot-team.html}, language = {English}, urldate = {2020-01-05} } Studying Donot Team
yty
2019-10-23Positive TechnologiesPositive Technologies
@techreport{technologies:20191023:calypso:7aaf680, author = {Positive Technologies}, title = {{Calypso APT}}, date = {2019-10-23}, institution = {Positive Technologies}, url = {https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf}, language = {Russian}, urldate = {2020-01-10} } Calypso APT
Calypso group
2019-08-22Positive TechnologiesPositive Technologies
@online{technologies:20190822:operation:894166f, author = {Positive Technologies}, title = {{Operation TaskMasters: Cyberespionage in the digital economy age}}, date = {2019-08-22}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/operation-taskmasters-2019/}, language = {English}, urldate = {2020-07-11} } Operation TaskMasters: Cyberespionage in the digital economy age
2019-08-21Positive TechnologiesKirill Shipulin
@online{shipulin:20190821:finding:b0c4a09, author = {Kirill Shipulin}, title = {{Finding Neutrino}}, date = {2019-08-21}, organization = {Positive Technologies}, url = {https://web.archive.org/web/20191223034907/http://blog.ptsecurity.com/2019/08/finding-neutrino.html}, language = {English}, urldate = {2021-09-22} } Finding Neutrino
Neutrino
2017Positive TechnologiesPositive Technologies
@techreport{technologies:2017:cobalt:ca8c7aa, author = {Positive Technologies}, title = {{COBALT STRIKES BACK: AN EVOLVING MULTINATIONAL THREAT TO FINANCE}}, date = {2017}, institution = {Positive Technologies}, url = {https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Cobalt-2017-eng.pdf}, language = {English}, urldate = {2019-12-17} } COBALT STRIKES BACK: AN EVOLVING MULTINATIONAL THREAT TO FINANCE
Cobalt