Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-25Recorded FutureInsikt Group®
@techreport{group:20210225:business:9e4763a, author = {Insikt Group®}, title = {{The Business of Fraud: An Overview of How Cybercrime Gets Monetized}}, date = {2021-02-25}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0224.pdf}, language = {English}, urldate = {2021-02-26} } The Business of Fraud: An Overview of How Cybercrime Gets Monetized
2021-01-07Recorded FutureInsikt Group®
@techreport{group:20210107:aversary:9771829, author = {Insikt Group®}, title = {{Aversary Infrastructure Report 2020: A Defender's View}}, date = {2021-01-07}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0107.pdf}, language = {English}, urldate = {2021-01-11} } Aversary Infrastructure Report 2020: A Defender's View
Octopus pupy Cobalt Strike Empire Downloader Meterpreter PoshC2
2020-12-30Recorded FutureJohn Wetzel
@techreport{wetzel:20201230:solarwinds:59c847b, author = {John Wetzel}, title = {{SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution}}, date = {2020-12-30}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/pov-2020-1230.pdf}, language = {English}, urldate = {2021-01-05} } SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution
SUNBURST
2020-12-10Recorded FutureInsikt Group®
@techreport{group:20201210:exploit:9c6663c, author = {Insikt Group®}, title = {{Exploit Kits though in Decline, Remain Powerful Tool for Delivering Malware}}, date = {2020-12-10}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1210.pdf}, language = {English}, urldate = {2020-12-14} } Exploit Kits though in Decline, Remain Powerful Tool for Delivering Malware
2020-12-04Recorded FutureInsikt Group®
@online{group:20201204:tibet:42fc885, author = {Insikt Group®}, title = {{Tibet and Taiwan Targeted in Spearphishing Campaigns Using MESSAGEMANIFOLD Malware}}, date = {2020-12-04}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/messagemanifold-malware-spearphishing-campaigns/}, language = {English}, urldate = {2020-12-08} } Tibet and Taiwan Targeted in Spearphishing Campaigns Using MESSAGEMANIFOLD Malware
2020-12-03Recorded FutureInsikt Group®
@techreport{group:20201203:egregor:a56f637, author = {Insikt Group®}, title = {{Egregor Ransomware, Used in a String of High-Profile Attacks, Shows Connections to QakBot}}, date = {2020-12-03}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1203.pdf}, language = {English}, urldate = {2020-12-08} } Egregor Ransomware, Used in a String of High-Profile Attacks, Shows Connections to QakBot
Egregor QakBot
2020-11-10Recorded FutureInsikt Group®
@techreport{group:20201110:new:97e5657, author = {Insikt Group®}, title = {{New APT32 Malware Campaign Targets Cambodian Government}}, date = {2020-11-10}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1110.pdf}, language = {English}, urldate = {2020-11-11} } New APT32 Malware Campaign Targets Cambodian Government
KerrDown METALJACK SOUNDBITE
2020-11-04Recorded FutureInsikt Group®
@techreport{group:20201104:ransomwareasaservice:5ccfc55, author = {Insikt Group®}, title = {{Ransomware-as-a-Service Becomes Increasingly Accessible via Social Media and Open Sources}}, date = {2020-11-04}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1104.pdf}, language = {English}, urldate = {2020-11-06} } Ransomware-as-a-Service Becomes Increasingly Accessible via Social Media and Open Sources
2020-10-27Recorded FutureInsikt Group®
@techreport{group:20201027:pulse:9a5781b, author = {Insikt Group®}, title = {{Pulse Report:Insikt Group Discovers Global Credential Harvesting Campaign Using FiercePhish Open Source Framework}}, date = {2020-10-27}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1027.pdf}, language = {English}, urldate = {2020-11-02} } Pulse Report:Insikt Group Discovers Global Credential Harvesting Campaign Using FiercePhish Open Source Framework
2020-10-16Recorded FutureInsikt Group®
@techreport{group:20201016:banking:bcbd283, author = {Insikt Group®}, title = {{Banking Web Injects Are Top Cyber Threat For Financial Sector}}, date = {2020-10-16}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1016.pdf}, language = {English}, urldate = {2020-10-23} } Banking Web Injects Are Top Cyber Threat For Financial Sector
Cerberus
2020-09-15Recorded FutureInsikt Group®
@techreport{group:20200915:back:2c78a6f, author = {Insikt Group®}, title = {{Back Despite Disruption: RedDelta Resumes Operations}}, date = {2020-09-15}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-0915.pdf}, language = {English}, urldate = {2020-09-16} } Back Despite Disruption: RedDelta Resumes Operations
PlugX
2020-09-03Recorded FutureInsikt Group®
@techreport{group:20200903:russianrelated:448f739, author = {Insikt Group®}, title = {{Russian-related Threats to the 2020 U.S. Presidential Election}}, date = {2020-09-03}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-0903.pdf}, language = {English}, urldate = {2020-09-06} } Russian-related Threats to the 2020 U.S. Presidential Election
2020-07-29Recorded FutureInsikt Group
@techreport{group:20200729:chinese:1929fcd, author = {Insikt Group}, title = {{Chinese State-sponsored Group RedDelta Targets the Vatican and Catholic Organizations}}, date = {2020-07-29}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-0728.pdf}, language = {English}, urldate = {2020-07-30} } Chinese State-sponsored Group RedDelta Targets the Vatican and Catholic Organizations
PlugX
2020-06-10Recorded FutureInsikt Group®
@techreport{group:20200610:new:fbd9342, author = {Insikt Group®}, title = {{New Ransomware-as-a-Service Tool ‘Thanos’ Shows Connections to ‘Hakbit}}, date = {2020-06-10}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-0610.pdf}, language = {English}, urldate = {2020-06-11} } New Ransomware-as-a-Service Tool ‘Thanos’ Shows Connections to ‘Hakbit
Hakbit
2020-03-12Recorded FutureInsikt Group
@online{group:20200312:swallowing:b1becb5, author = {Insikt Group}, title = {{Swallowing the Snake’s Tail: Tracking Turla Infrastructure}}, date = {2020-03-12}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/turla-apt-infrastructure/}, language = {English}, urldate = {2020-03-13} } Swallowing the Snake’s Tail: Tracking Turla Infrastructure
Mosquito Sinowal
2020-01-23Recorded FutureInsikt Group
@techreport{group:20200123:european:c3ca9e3, author = {Insikt Group}, title = {{European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019}}, date = {2020-01-23}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-0123.pdf}, language = {English}, urldate = {2020-01-27} } European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019
pupy pupy pupy
2019-02-06Recorded FutureInsikt Group, Rapid7
@techreport{group:20190206:apt10:74d18e7, author = {Insikt Group and Rapid7}, title = {{APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign}}, date = {2019-02-06}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2019-0206.pdf}, language = {English}, urldate = {2019-12-17} } APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign
Trochilus RAT APT31 Hurricane Panda Stone Panda
2019-02-06Recorded FutureInsikt Group, Rapid7
@techreport{group:20190206:apt10:9c61d0b, author = {Insikt Group and Rapid7}, title = {{APT10 Targeted NorwegianMSP and US Companies in Sustained Campaign}}, date = {2019-02-06}, institution = {Recorded Future}, url = {http://go.recordedfuture.com/hubfs/reports/cta-2019-0206.pdf}, language = {English}, urldate = {2020-01-06} } APT10 Targeted NorwegianMSP and US Companies in Sustained Campaign
RedLeaves
2018-11-13Recorded FutureInsikt Group
@online{group:20181113:chinese:6141b55, author = {Insikt Group}, title = {{Chinese Threat Actor TEMP.Periscope Targets UK-Based Engineering Company Using Russian APT Techniques}}, date = {2018-11-13}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/chinese-threat-actor-tempperiscope/}, language = {English}, urldate = {2020-01-13} } Chinese Threat Actor TEMP.Periscope Targets UK-Based Engineering Company Using Russian APT Techniques
SeDll Leviathan
2018-08-16Recorded FutureSanil Chohan, Winnona Desombre, Justin Grosfelt
@online{chohan:20180816:chinese:91aaa15, author = {Sanil Chohan and Winnona Desombre and Justin Grosfelt}, title = {{Chinese Cyberespionage Originating From Tsinghua University Infrastructure}}, date = {2018-08-16}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/chinese-cyberespionage-operations/}, language = {English}, urldate = {2020-01-09} } Chinese Cyberespionage Originating From Tsinghua University Infrastructure
ext4