Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-28ProofpointJoshua Miller, Michael Raggi, Crista Giering
@online{miller:20210728:i:23e9aad, author = {Joshua Miller and Michael Raggi and Crista Giering}, title = {{I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona}}, date = {2021-07-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/i-knew-you-were-trouble-ta456-targets-defense-contractor-alluring-social-media}, language = {English}, urldate = {2021-07-29} } I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona
Liderc SysKit
2021-07-19ProofpointJoe Wise, Konstantin Klinger, Selena Larson, Proofpoint Threat Research Team
@online{wise:20210719:new:cb02a85, author = {Joe Wise and Konstantin Klinger and Selena Larson and Proofpoint Threat Research Team}, title = {{New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware}}, date = {2021-07-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-threat-actor-uses-spanish-language-lures-distribute-seldom-observed-bandook}, language = {English}, urldate = {2021-07-26} } New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook
2021-07-12ProofpointJoshua Miller, Crista Giering, Threat Research Team
@online{miller:20210712:operation:c819876, author = {Joshua Miller and Crista Giering and Threat Research Team}, title = {{Operation SpoofedScholars: A Conversation with TA453}}, date = {2021-07-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/operation-spoofedscholars-conversation-ta453}, language = {English}, urldate = {2021-07-20} } Operation SpoofedScholars: A Conversation with TA453
2021-07-01ProofpointSelena Larson, Bryan Campbell
@online{larson:20210701:malware:6c6fb99, author = {Selena Larson and Bryan Campbell}, title = {{Malware Masquerades as Privacy Tool}}, date = {2021-07-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/malware-masquerades-privacy-tool}, language = {English}, urldate = {2021-07-11} } Malware Masquerades as Privacy Tool
2021-06-29ProofpointSelena Larson, Daniel Blackford
@online{larson:20210629:cobalt:99ad5a0, author = {Selena Larson and Daniel Blackford}, title = {{Cobalt Strike: Favorite Tool from APT to Crimeware}}, date = {2021-06-29}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/cobalt-strike-favorite-tool-apt-crimeware}, language = {English}, urldate = {2021-06-29} } Cobalt Strike: Favorite Tool from APT to Crimeware
Cobalt Strike
2021-06-24ProofpointDennis Schwarz, Matthew Mesa, Crista Giering
@online{schwarz:20210624:jssloader:ab99f14, author = {Dennis Schwarz and Matthew Mesa and Crista Giering}, title = {{JSSLoader: Recoded and Reloaded}}, date = {2021-06-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/jssloader-recoded-and-reloaded}, language = {English}, urldate = {2021-06-25} } JSSLoader: Recoded and Reloaded
JSSLoader
2021-06-17ProofpointKonstantin Klinger, Dennis Schwarz, Selena Larson
@online{klinger:20210617:new:2641c84, author = {Konstantin Klinger and Dennis Schwarz and Selena Larson}, title = {{New TA402 Molerats Malware Targets Governments in the Middle East}}, date = {2021-06-17}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-ta402-molerats-malware-targets-governments-middle-east}, language = {English}, urldate = {2021-06-21} } New TA402 Molerats Malware Targets Governments in the Middle East
Molerat Loader
2021-06-16ProofpointSelena Larson, Daniel Blackford, Garrett M. Graff
@online{larson:20210616:first:2e436a0, author = {Selena Larson and Daniel Blackford and Garrett M. Graff}, title = {{The First Step: Initial Access Leads to Ransomware}}, date = {2021-06-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/first-step-initial-access-leads-ransomware}, language = {English}, urldate = {2021-06-21} } The First Step: Initial Access Leads to Ransomware
BazarBackdoor Egregor IcedID Maze QakBot REvil Ryuk TrickBot WastedLocker
2021-06-10ProofpointAxel F
@online{f:20210610:ransom:749613f, author = {Axel F}, title = {{Ransom DDoS Extortion Actor “Fancy Lazarus” Returns}}, date = {2021-06-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ransom-ddos-extortion-actor-fancy-lazarus-returns}, language = {English}, urldate = {2021-06-16} } Ransom DDoS Extortion Actor “Fancy Lazarus” Returns
2021-05-03ProofpointKelsey Merriman, Bryan Campbell, Selena Larson, Proofpoint Threat Research Team
@online{merriman:20210503:new:cd4d275, author = {Kelsey Merriman and Bryan Campbell and Selena Larson and Proofpoint Threat Research Team}, title = {{New Variant of Buer Loader Written in Rust}}, date = {2021-05-03}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust}, language = {English}, urldate = {2021-05-03} } New Variant of Buer Loader Written in Rust
Buer
2021-04-27ProofpointCrista Giering, fnaves, Andrew Conway, Adam McNeil
@online{giering:20210427:flubot:3b61899, author = {Crista Giering and fnaves and Andrew Conway and Adam McNeil}, title = {{FluBot Android Malware Spreading Rapidly Through Europe, May Hit U.S. Soon}}, date = {2021-04-27}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/flubot-android-malware-spreading-rapidly-through-europe-may-hit-us-soon}, language = {English}, urldate = {2021-05-04} } FluBot Android Malware Spreading Rapidly Through Europe, May Hit U.S. Soon
FluBot
2021-03-30ProofpointJoshua Miller, Proofpoint Threat Research Team
@online{miller:20210330:badblood:3cab448, author = {Joshua Miller and Proofpoint Threat Research Team}, title = {{BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns}}, date = {2021-03-30}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453-targets-us-and-israeli-medical-research-personnel-credential}, language = {English}, urldate = {2021-03-31} } BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns
2021-03-24ProofpointItir Clarke, Assaf Friedman
@online{clarke:20210324:oauth:5092c3f, author = {Itir Clarke and Assaf Friedman}, title = {{OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications}}, date = {2021-03-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/cloud-security/oauth-abuse-think-solarwindssolorigate-campaign-focus-cloud-applications}, language = {English}, urldate = {2021-03-25} } OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications
2021-03-18ProofpointBrandon Murphy, Dennis Schwarz, Jack Mott, Proofpoint Threat Research Team
@online{murphy:20210318:now:d4bd40e, author = {Brandon Murphy and Dennis Schwarz and Jack Mott and Proofpoint Threat Research Team}, title = {{Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft}}, date = {2021-03-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/now-you-see-it-now-you-dont-copperstealer-performs-widespread-theft}, language = {English}, urldate = {2021-03-19} } Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft
CopperStealer SmokeLoader
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
@online{schwarz:20210310:nimzaloader:f6960d4, author = {Dennis Schwarz and Matthew Mesa and Proofpoint Threat Research Team}, title = {{NimzaLoader: TA800’s New Initial Access Malware}}, date = {2021-03-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/nimzaloader-ta800s-new-initial-access-malware}, language = {English}, urldate = {2021-03-12} } NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-02-25ProofpointMichael Raggi, Proofpoint Threat Research Team
@online{raggi:20210225:ta413:400254c, author = {Michael Raggi and Proofpoint Threat Research Team}, title = {{TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations}}, date = {2021-02-25}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta413-leverages-new-friarfox-browser-extension-target-gmail-accounts-global}, language = {English}, urldate = {2021-02-25} } TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations
scanbox Sepulcher
2021-02-16ProofpointProofpoint Threat Research Team
@online{team:20210216:q4:4a82474, author = {Proofpoint Threat Research Team}, title = {{Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes}}, date = {2021-02-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/q4-2020-threat-report-quarterly-analysis-cybersecurity-trends-tactics-and-themes}, language = {English}, urldate = {2021-05-31} } Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes
Emotet Ryuk NARWHAL SPIDER
2021-02-11ProofpointProofpoint Threat Research Team
@online{team:20210211:baza:41ddf2c, author = {Proofpoint Threat Research Team}, title = {{A Baza Valentine’s Day}}, date = {2021-02-11}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/baza-valentines-day}, language = {English}, urldate = {2021-02-25} } A Baza Valentine’s Day
BazarBackdoor
2021-01-26ProofpointDennis Schwarz, Axel F., Brandon Murphy
@online{schwarz:20210126:new:2eefe69, author = {Dennis Schwarz and Axel F. and Brandon Murphy}, title = {{New Year, New Version of DanaBot}}, date = {2021-01-26}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-year-new-version-danabot}, language = {English}, urldate = {2021-01-27} } New Year, New Version of DanaBot
DanaBot
2020-12-08ProofpointTony Paterra
@online{paterra:20201208:understanding:d16755c, author = {Tony Paterra}, title = {{Understanding BEC Scams: Supplier Invoicing Fraud}}, date = {2020-12-08}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/cybersecurity-essentials/understanding-bec-scams-supplier-invoicing-fraud}, language = {English}, urldate = {2020-12-10} } Understanding BEC Scams: Supplier Invoicing Fraud