Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-29ProofpointSelena Larson, Proofpoint Staff
@online{larson:20210929:ta544:ab2f0d3, author = {Selena Larson and Proofpoint Staff}, title = {{TA544 Targets Italian Organizations with Ursnif Malware}}, date = {2021-09-29}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/security-briefs/ta544-targets-italian-organizations-ursnif-malware}, language = {English}, urldate = {2021-10-11} } TA544 Targets Italian Organizations with Ursnif Malware
ISFB
2021-09-24ProofpointProofpoint
@online{proofpoint:20210924:daily:403b8bd, author = {Proofpoint}, title = {{Daily Ruleset Update Summary 2021/09/24}}, date = {2021-09-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/daily-ruleset-update-summary-20210924}, language = {English}, urldate = {2021-10-05} } Daily Ruleset Update Summary 2021/09/24
MirrorBlast
2021-09-08ProofpointDavide Canali, Crista Giering, Tim Kromphardt, Sam Scholten
@online{davidecanali:20210908:advance:4742243, author = {Davide Canali and Crista Giering and Tim Kromphardt and Sam Scholten}, title = {{Advance Fee Fraud: The Emergence of Elaborate Crypto Schemes}}, date = {2021-09-08}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/advance-fee-fraud-emergence-elaborate-crypto-schemes}, language = {English}, urldate = {2021-09-14} } Advance Fee Fraud: The Emergence of Elaborate Crypto Schemes
2021-07-28ProofpointJoshua Miller, Michael Raggi, Crista Giering
@online{miller:20210728:i:23e9aad, author = {Joshua Miller and Michael Raggi and Crista Giering}, title = {{I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona}}, date = {2021-07-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/i-knew-you-were-trouble-ta456-targets-defense-contractor-alluring-social-media}, language = {English}, urldate = {2021-07-29} } I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona
Liderc SysKit
2021-07-19ProofpointJoe Wise, Konstantin Klinger, Selena Larson, Proofpoint Threat Research Team
@online{wise:20210719:new:cb02a85, author = {Joe Wise and Konstantin Klinger and Selena Larson and Proofpoint Threat Research Team}, title = {{New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware}}, date = {2021-07-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-threat-actor-uses-spanish-language-lures-distribute-seldom-observed-bandook}, language = {English}, urldate = {2021-07-26} } New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook
2021-07-12ProofpointJoshua Miller, Crista Giering, Threat Research Team
@online{miller:20210712:operation:c819876, author = {Joshua Miller and Crista Giering and Threat Research Team}, title = {{Operation SpoofedScholars: A Conversation with TA453}}, date = {2021-07-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/operation-spoofedscholars-conversation-ta453}, language = {English}, urldate = {2021-07-20} } Operation SpoofedScholars: A Conversation with TA453
2021-07-01ProofpointSelena Larson, Bryan Campbell
@online{larson:20210701:malware:6c6fb99, author = {Selena Larson and Bryan Campbell}, title = {{Malware Masquerades as Privacy Tool}}, date = {2021-07-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/malware-masquerades-privacy-tool}, language = {English}, urldate = {2021-07-11} } Malware Masquerades as Privacy Tool
2021-06-29ProofpointSelena Larson, Daniel Blackford
@online{larson:20210629:cobalt:99ad5a0, author = {Selena Larson and Daniel Blackford}, title = {{Cobalt Strike: Favorite Tool from APT to Crimeware}}, date = {2021-06-29}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/cobalt-strike-favorite-tool-apt-crimeware}, language = {English}, urldate = {2021-06-29} } Cobalt Strike: Favorite Tool from APT to Crimeware
Cobalt Strike
2021-06-24ProofpointDennis Schwarz, Matthew Mesa, Crista Giering
@online{schwarz:20210624:jssloader:ab99f14, author = {Dennis Schwarz and Matthew Mesa and Crista Giering}, title = {{JSSLoader: Recoded and Reloaded}}, date = {2021-06-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/jssloader-recoded-and-reloaded}, language = {English}, urldate = {2021-06-25} } JSSLoader: Recoded and Reloaded
JSSLoader
2021-06-17ProofpointKonstantin Klinger, Dennis Schwarz, Selena Larson
@online{klinger:20210617:new:2641c84, author = {Konstantin Klinger and Dennis Schwarz and Selena Larson}, title = {{New TA402 Molerats Malware Targets Governments in the Middle East}}, date = {2021-06-17}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-ta402-molerats-malware-targets-governments-middle-east}, language = {English}, urldate = {2021-06-21} } New TA402 Molerats Malware Targets Governments in the Middle East
Molerat Loader
2021-06-16ProofpointSelena Larson, Daniel Blackford, Garrett M. Graff
@online{larson:20210616:first:2e436a0, author = {Selena Larson and Daniel Blackford and Garrett M. Graff}, title = {{The First Step: Initial Access Leads to Ransomware}}, date = {2021-06-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/first-step-initial-access-leads-ransomware}, language = {English}, urldate = {2021-06-21} } The First Step: Initial Access Leads to Ransomware
BazarBackdoor Egregor IcedID Maze QakBot REvil Ryuk TrickBot WastedLocker
2021-06-10ProofpointAxel F
@online{f:20210610:ransom:749613f, author = {Axel F}, title = {{Ransom DDoS Extortion Actor “Fancy Lazarus” Returns}}, date = {2021-06-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ransom-ddos-extortion-actor-fancy-lazarus-returns}, language = {English}, urldate = {2021-06-16} } Ransom DDoS Extortion Actor “Fancy Lazarus” Returns
2021-05-03ProofpointKelsey Merriman, Bryan Campbell, Selena Larson, Proofpoint Threat Research Team
@online{merriman:20210503:new:cd4d275, author = {Kelsey Merriman and Bryan Campbell and Selena Larson and Proofpoint Threat Research Team}, title = {{New Variant of Buer Loader Written in Rust}}, date = {2021-05-03}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust}, language = {English}, urldate = {2021-05-03} } New Variant of Buer Loader Written in Rust
Buer
2021-04-27ProofpointCrista Giering, fnaves, Andrew Conway, Adam McNeil
@online{giering:20210427:flubot:3b61899, author = {Crista Giering and fnaves and Andrew Conway and Adam McNeil}, title = {{FluBot Android Malware Spreading Rapidly Through Europe, May Hit U.S. Soon}}, date = {2021-04-27}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/flubot-android-malware-spreading-rapidly-through-europe-may-hit-us-soon}, language = {English}, urldate = {2021-05-04} } FluBot Android Malware Spreading Rapidly Through Europe, May Hit U.S. Soon
FluBot
2021-04-15ProofpointSelena Larson
@online{larson:20210415:threat:cdfef32, author = {Selena Larson}, title = {{Threat Actors Pair Tax-Themed Lures With COVID-19, Healthcare Themes}}, date = {2021-04-15}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/security-briefs/threat-actors-pair-tax-themed-lures-covid-19-healthcare-themes}, language = {English}, urldate = {2021-08-23} } Threat Actors Pair Tax-Themed Lures With COVID-19, Healthcare Themes
Dridex TrickBot
2021-03-30ProofpointJoshua Miller, Proofpoint Threat Research Team
@online{miller:20210330:badblood:3cab448, author = {Joshua Miller and Proofpoint Threat Research Team}, title = {{BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns}}, date = {2021-03-30}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453-targets-us-and-israeli-medical-research-personnel-credential}, language = {English}, urldate = {2021-03-31} } BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns
2021-03-24ProofpointItir Clarke, Assaf Friedman
@online{clarke:20210324:oauth:5092c3f, author = {Itir Clarke and Assaf Friedman}, title = {{OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications}}, date = {2021-03-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/cloud-security/oauth-abuse-think-solarwindssolorigate-campaign-focus-cloud-applications}, language = {English}, urldate = {2021-03-25} } OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications
2021-03-18ProofpointBrandon Murphy, Dennis Schwarz, Jack Mott, Proofpoint Threat Research Team
@online{murphy:20210318:now:d4bd40e, author = {Brandon Murphy and Dennis Schwarz and Jack Mott and Proofpoint Threat Research Team}, title = {{Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft}}, date = {2021-03-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/now-you-see-it-now-you-dont-copperstealer-performs-widespread-theft}, language = {English}, urldate = {2021-03-19} } Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft
CopperStealer SmokeLoader
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
@online{schwarz:20210310:nimzaloader:f6960d4, author = {Dennis Schwarz and Matthew Mesa and Proofpoint Threat Research Team}, title = {{NimzaLoader: TA800’s New Initial Access Malware}}, date = {2021-03-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/nimzaloader-ta800s-new-initial-access-malware}, language = {English}, urldate = {2021-03-12} } NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-02-25ProofpointMichael Raggi, Proofpoint Threat Research Team
@online{raggi:20210225:ta413:400254c, author = {Michael Raggi and Proofpoint Threat Research Team}, title = {{TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations}}, date = {2021-02-25}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta413-leverages-new-friarfox-browser-extension-target-gmail-accounts-global}, language = {English}, urldate = {2021-02-25} } TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations
scanbox Sepulcher