Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-16RiskIQRiskIQ
@online{riskiq:20210916:untangling:d1e0f1b, author = {RiskIQ}, title = {{Untangling the Spider Web: The Curious Connection Between WIZARD SPIDER’s Ransomware Infrastructure and a Windows Zero-Day Exploit}}, date = {2021-09-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/c88cf7e6}, language = {English}, urldate = {2021-09-19} } Untangling the Spider Web: The Curious Connection Between WIZARD SPIDER’s Ransomware Infrastructure and a Windows Zero-Day Exploit
Cobalt Strike Ryuk
2021-09-08RiskIQJennifer Grob
@online{grob:20210908:bulletproof:902e9f2, author = {Jennifer Grob}, title = {{Bulletproof Hosting Services: Investigating Flowspec}}, date = {2021-09-08}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/2a36a7d2/description}, language = {English}, urldate = {2021-09-10} } Bulletproof Hosting Services: Investigating Flowspec
Azorult Glupteba
2021-08-25RiskIQJordan Herman
@online{herman:20210825:eitest:e4c2c31, author = {Jordan Herman}, title = {{EITest: Linkages to the Ongoing Malware Delivery Campaign Referred to as "Gootloader"}}, date = {2021-08-25}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f5d5ed38}, language = {English}, urldate = {2021-08-30} } EITest: Linkages to the Ongoing Malware Delivery Campaign Referred to as "Gootloader"
GootLoader
2021-07-30RiskIQTeam Atlas
@online{atlas:20210730:bear:04ae603, author = {Team Atlas}, title = {{Bear Tracks: Infrastructure Patterns Lead to More Than 30 Active APT29 C2 Servers}}, date = {2021-07-30}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/541a465f/description}, language = {English}, urldate = {2021-08-02} } Bear Tracks: Infrastructure Patterns Lead to More Than 30 Active APT29 C2 Servers
elf.wellmess WellMess
2021-07-28RiskIQJennifer Grob, Jordan Herman
@online{grob:20210728:use:8287989, author = {Jennifer Grob and Jordan Herman}, title = {{Use of XAMPP Web Component to Identify Agent Tesla Infrastructure}}, date = {2021-07-28}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/40000d46}, language = {English}, urldate = {2021-07-29} } Use of XAMPP Web Component to Identify Agent Tesla Infrastructure
Agent Tesla
2021-07-14RiskIQJordan Herman
@online{herman:20210714:bulletproof:6b4372f, author = {Jordan Herman}, title = {{Bulletproof Hosting Services: Investigating Media Land LLC, Part 2}}, date = {2021-07-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/7b83636f}, language = {English}, urldate = {2021-07-20} } Bulletproof Hosting Services: Investigating Media Land LLC, Part 2
2021-06-30RiskIQJennifer Grob, Jordan Herman
@online{grob:20210630:bulletproof:5d71486, author = {Jennifer Grob and Jordan Herman}, title = {{Bulletproof Hosting Services: Investigating Media Land LLC}}, date = {2021-06-30}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/49db7be3}, language = {English}, urldate = {2021-07-02} } Bulletproof Hosting Services: Investigating Media Land LLC
2021-06-16RiskIQJordan Herman
@online{herman:20210616:bit2check:760db1e, author = {Jordan Herman}, title = {{Bit2Check: Investigating Actors in the Carding Space}}, date = {2021-06-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f1e8399e}, language = {English}, urldate = {2021-06-21} } Bit2Check: Investigating Actors in the Carding Space
2021-06-02RiskIQJennifer Grob
@online{grob:20210602:review:df29e01, author = {Jennifer Grob}, title = {{Review of Sysrv-hello Cryptjacking Botnet}}, date = {2021-06-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/98f391f9}, language = {English}, urldate = {2021-06-16} } Review of Sysrv-hello Cryptjacking Botnet
2021-05-26RiskIQJordan Herman
@online{herman:20210526:mobileinter:bfb90e8, author = {Jordan Herman}, title = {{The MobileInter Skimmer: Hosted by Google, Hiding in Images}}, date = {2021-05-26}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/8109e7ab}, language = {English}, urldate = {2021-06-09} } The MobileInter Skimmer: Hosted by Google, Hiding in Images
2021-05-20RiskIQJennifer Grob
@online{grob:20210520:analysis:1b7ae0b, author = {Jennifer Grob}, title = {{Analysis of Infrastructure used by DarkSide Affiliates}}, date = {2021-05-20}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/fdf74f23}, language = {English}, urldate = {2021-05-26} } Analysis of Infrastructure used by DarkSide Affiliates
DarkSide
2021-05-05RiskIQKelsey Clapp
@online{clapp:20210505:viruses:aab7c1a, author = {Kelsey Clapp}, title = {{Viruses to Violations - TrickBot's Shift in Tactics During the Pandemic}}, date = {2021-05-05}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/298c9fc9}, language = {English}, urldate = {2021-05-26} } Viruses to Violations - TrickBot's Shift in Tactics During the Pandemic
TrickBot
2021-04-22RiskIQRiskIQ
@online{riskiq:20210422:solarwinds:83581ea, author = {RiskIQ}, title = {{SolarWinds: Advancing the Story}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/9a515637}, language = {English}, urldate = {2021-04-28} } SolarWinds: Advancing the Story
SUNBURST
2021-04-22RiskIQAdam Castleman, Jordan Herman
@online{castleman:20210422:stealing:d799b15, author = {Adam Castleman and Jordan Herman}, title = {{Stealing All Your Information For Years With Shadow Z118 PayPal Phish Kits}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/50bcba95}, language = {English}, urldate = {2021-04-28} } Stealing All Your Information For Years With Shadow Z118 PayPal Phish Kits
2021-04-07RiskIQAdam Castleman, Jordan Herman
@online{castleman:20210407:yanbian:dcf9de9, author = {Adam Castleman and Jordan Herman}, title = {{Yanbian Gang Malware Continues with Wide-Scale Distribution and C2}}, date = {2021-04-07}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f88ed16f/description}, language = {English}, urldate = {2021-04-09} } Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
2021-04-07RiskIQTeam RiskIQ
@online{riskiq:20210407:yanbian:43530e8, author = {Team RiskIQ}, title = {{Yanbian Gang Malware Continues with Wide-Scale Distribution and C2}}, date = {2021-04-07}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/external-threat-management/yanbian-gang-malware-distribution/}, language = {English}, urldate = {2021-04-19} } Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
Yanbian Gang
2021-02-24RiskIQJordan Herman
@online{herman:20210224:turkey:2d3f340, author = {Jordan Herman}, title = {{Turkey Dog: Cerberus and Anubis Banking Trojans Target Turkish Speakers}}, date = {2021-02-24}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/85b3db8c}, language = {English}, urldate = {2021-02-25} } Turkey Dog: Cerberus and Anubis Banking Trojans Target Turkish Speakers
Anubis Cerberus
2021-01-27RiskIQAdam Castleman
@online{castleman:20210127:logokit:7322a8b, author = {Adam Castleman}, title = {{LogoKit: Simple, Effective, and Deceptive}}, date = {2021-01-27}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/a068810a}, language = {English}, urldate = {2021-01-29} } LogoKit: Simple, Effective, and Deceptive
2021-01-14RiskIQJordan Herman
@online{herman:20210114:medialand:3f603bd, author = {Jordan Herman}, title = {{MediaLand: Magecart and Bulletproof Hosting}}, date = {2021-01-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/5bea32aa}, language = {English}, urldate = {2021-01-21} } MediaLand: Magecart and Bulletproof Hosting
magecart
2021-01-14RiskIQTeam RiskIQ
@online{riskiq:20210114:new:29f2c96, author = {Team RiskIQ}, title = {{New Analysis Puts Magecart Interconnectivity into Focus}}, date = {2021-01-14}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-medialand/}, language = {English}, urldate = {2021-01-18} } New Analysis Puts Magecart Interconnectivity into Focus
grelos magecart Raccoon