Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-30PrevailionPrevailion
@online{prevailion:20220330:wizard:6eb38a7, author = {Prevailion}, title = {{Wizard Spider continues to confound}}, date = {2022-03-30}, organization = {Prevailion}, url = {https://blog.prevailion.com/wizard-spider-continues-to-confound-4298370f6903}, language = {English}, urldate = {2022-03-31} } Wizard Spider continues to confound
BazarBackdoor Cobalt Strike Emotet
2022-03-15PrevailionMatt Stafford, Sherman Smith
@online{stafford:20220315:what:1df16e6, author = {Matt Stafford and Sherman Smith}, title = {{What Wicked Webs We Un-weave}}, date = {2022-03-15}, organization = {Prevailion}, url = {https://www.prevailion.com/what-wicked-webs-we-unweave/}, language = {English}, urldate = {2022-03-17} } What Wicked Webs We Un-weave
Cobalt Strike Conti
2021-12-14PrevailionMatt Stafford, Sherman Smith
@online{stafford:20211214:darkwatchman:d60bc6c, author = {Matt Stafford and Sherman Smith}, title = {{DarkWatchman: A new evolution in fileless techniques}}, date = {2021-12-14}, organization = {Prevailion}, url = {https://www.prevailion.com/darkwatchman-new-fileness-techniques/}, language = {English}, urldate = {2021-12-23} } DarkWatchman: A new evolution in fileless techniques
DarkWatchman
2021-11-09PrevailionPrevailion, Accenture Cyber Threat Intelligence
@online{prevailion:20211109:who:f88228a, author = {Prevailion and Accenture Cyber Threat Intelligence}, title = {{Who are latest targets of cyber group Lyceum?}}, date = {2021-11-09}, organization = {Prevailion}, url = {https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/}, language = {English}, urldate = {2021-11-09} } Who are latest targets of cyber group Lyceum?
Milan Shark LYCEUM
2021-09-01PrevailionPrevailion
@online{prevailion:20210901:diving:a8fed12, author = {Prevailion}, title = {{Diving Deep into UNC1151’s Infrastructure: Ghostwriter and beyond}}, date = {2021-09-01}, organization = {Prevailion}, url = {https://www.prevailion.com/diving-deep-into-unc1151s-infrastructure-ghostwriter-and-beyond/}, language = {English}, urldate = {2021-09-02} } Diving Deep into UNC1151’s Infrastructure: Ghostwriter and beyond
2021-07-28PrevailionPrevailion
@online{prevailion:20210728:cert:296a6ee, author = {Prevailion}, title = {{Cert Safari: Leveraging TLS Certificates to Hunt Evil}}, date = {2021-07-28}, organization = {Prevailion}, url = {https://www.prevailion.com/cert-safari-leveraging-tls-certificates-to-hunt-evil/}, language = {English}, urldate = {2021-08-02} } Cert Safari: Leveraging TLS Certificates to Hunt Evil
2020-06-05PrevailionDanny Adamitis
@online{adamitis:20200605:gh0st:849c227, author = {Danny Adamitis}, title = {{The Gh0st Remains the Same}}, date = {2020-06-05}, organization = {Prevailion}, url = {https://blog.prevailion.com/2020/06/the-gh0st-remains-same8.html}, language = {English}, urldate = {2020-06-08} } The Gh0st Remains the Same
Ghost RAT
2020-05-06PrevailionDanny Adamitis
@online{adamitis:20200506:phantom:2a752f7, author = {Danny Adamitis}, title = {{Phantom in the Command Shell}}, date = {2020-05-06}, organization = {Prevailion}, url = {https://blog.prevailion.com/2020/05/phantom-in-command-shell5.html}, language = {English}, urldate = {2020-05-07} } Phantom in the Command Shell
EVILNUM
2020-03-19PrevailionPrevailion
@online{prevailion:20200319:curious:082e652, author = {Prevailion}, title = {{The Curious Case of the Criminal Curriculum Vitae}}, date = {2020-03-19}, organization = {Prevailion}, url = {https://blog.prevailion.com/2020/03/the-curious-case-of-criminal-curriculum.html}, language = {English}, urldate = {2020-06-30} } The Curious Case of the Criminal Curriculum Vitae
LALALA Stealer NetSupportManager RAT Rekt Loader
2020-02-06PrevailionDanny Adamitis
@online{adamitis:20200206:triune:ada8ad3, author = {Danny Adamitis}, title = {{The Triune Threat: MasterMana Returns}}, date = {2020-02-06}, organization = {Prevailion}, url = {https://blog.prevailion.com/2020/02/the-triune-threat-mastermana-returns.html}, language = {English}, urldate = {2020-04-13} } The Triune Threat: MasterMana Returns
Azorult Loki Password Stealer (PWS)
2020-01-07PrevailionDanny Adamitis
@online{adamitis:20200107:summer:637a53f, author = {Danny Adamitis}, title = {{Summer Mirage}}, date = {2020-01-07}, organization = {Prevailion}, url = {https://blog.prevailion.com/2020/01/summer-mirage.html}, language = {English}, urldate = {2020-01-12} } Summer Mirage
POWERSTATS
2019-09-11PrevailionDanny Adamitis, Elizabeth Wharton
@online{adamitis:20190911:autumn:8bec4cb, author = {Danny Adamitis and Elizabeth Wharton}, title = {{Autumn Aperture}}, date = {2019-09-11}, organization = {Prevailion}, url = {https://blog.prevailion.com/2019/09/autumn-aperture-report.html}, language = {English}, urldate = {2020-06-08} } Autumn Aperture
Kimsuky