Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-02RiskIQJordan Herman
@online{herman:20200902:inter:93b8c50, author = {Jordan Herman}, title = {{The Inter Skimmer Kit}}, date = {2020-09-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/30f22a00}, language = {English}, urldate = {2020-09-04} } The Inter Skimmer Kit
magecart DreamBot TeslaCrypt
2020-08-21Vimeo (RiskIQ)Josh Burgess, Steve Ginty
@online{burgess:20200821:evolution:6d5c407, author = {Josh Burgess and Steve Ginty}, title = {{The Evolution of Ransomware & Pinchy Spider's Shot at the Title}}, date = {2020-08-21}, organization = {Vimeo (RiskIQ)}, url = {https://vimeo.com/449849549}, language = {English}, urldate = {2020-08-25} } The Evolution of Ransomware & Pinchy Spider's Shot at the Title
Gandcrab REvil
2020-08-21RiskIQSteve Ginty
@online{ginty:20200821:pinchy:24fe21a, author = {Steve Ginty}, title = {{Pinchy Spider: Ransomware Infrastructure Connected to Dark Web Marketplace}}, date = {2020-08-21}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/3315064b}, language = {English}, urldate = {2020-09-01} } Pinchy Spider: Ransomware Infrastructure Connected to Dark Web Marketplace
REvil
2020-06-09RiskIQJordan Herman
@online{herman:20200609:misconfigured:75c6908, author = {Jordan Herman}, title = {{Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code}}, date = {2020-06-09}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/misconfigured-s3-buckets/}, language = {English}, urldate = {2020-06-10} } Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code
magecart
2020-03-18RiskIQYonathan Klijnsma
@online{klijnsma:20200318:magecart:2ee4a78, author = {Yonathan Klijnsma}, title = {{Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims}}, date = {2020-03-18}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-nutribullet/}, language = {English}, urldate = {2020-03-19} } Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims
magecart
2020-02-07RiskIQJordan Herman
@online{herman:20200207:magecart:185b67b, author = {Jordan Herman}, title = {{Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign}}, date = {2020-02-07}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-group-12-olympics/}, language = {English}, urldate = {2020-02-09} } Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign
magecart
2019-10-16RiskIQJohn Omernik
@online{omernik:20191016:lnkr:5612e9a, author = {John Omernik}, title = {{LNKR: More than Just a Browser Extension}}, date = {2019-10-16}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/lnkr-browser-extension/}, language = {English}, urldate = {2020-03-04} } LNKR: More than Just a Browser Extension
LNKR
2019-02-28RiskIQYonathan Klijnsma
@online{klijnsma:20190228:magecart:e2b0173, author = {Yonathan Klijnsma}, title = {{Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime}}, date = {2019-02-28}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-group-4-always-advancing/}, language = {English}, urldate = {2020-01-06} } Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime
magecart
2018-07-09RiskIQYonathan Klijnsma, Jordan Herman
@online{klijnsma:20180709:inside:e92fff2, author = {Yonathan Klijnsma and Jordan Herman}, title = {{Inside and Beyond Ticketmaster: The Many Breaches of Magecart}}, date = {2018-07-09}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-ticketmaster-breach/}, language = {English}, urldate = {2020-01-12} } Inside and Beyond Ticketmaster: The Many Breaches of Magecart
magecart
2018-01-23RiskIQYonathan Klijnsma
@online{klijnsma:20180123:espionage:f3d28b0, author = {Yonathan Klijnsma}, title = {{Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors}}, date = {2018-01-23}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/spear-phishing-turkish-defense-contractors/}, language = {English}, urldate = {2019-12-24} } Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors
Remcos
2018-01-16RiskIQYonathan Klijnsma
@online{klijnsma:20180116:first:9184887, author = {Yonathan Klijnsma}, title = {{First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks}}, date = {2018-01-16}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-group-spear-phishing-russian-banks/}, language = {English}, urldate = {2019-11-26} } First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks
Cobalt
2017-12-20RiskIQYonathan Klijnsma
@online{klijnsma:20171220:mining:4b3dc11, author = {Yonathan Klijnsma}, title = {{Mining Insights: Infrastructure Analysis of Lazarus Group Cyber Attacks on the Cryptocurrency Industry}}, date = {2017-12-20}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/lazarus-group-cryptocurrency/}, language = {English}, urldate = {2020-01-13} } Mining Insights: Infrastructure Analysis of Lazarus Group Cyber Attacks on the Cryptocurrency Industry
PowerRatankba
2017-11-28RiskIQYonathan Klijnsma
@online{klijnsma:20171128:gaffe:7c5097a, author = {Yonathan Klijnsma}, title = {{Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions}}, date = {2017-11-28}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-strike/}, language = {English}, urldate = {2020-01-13} } Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions
Cobalt
2017-11-02RiskIQYonathan Klijnsma
@online{klijnsma:20171102:new:d98411c, author = {Yonathan Klijnsma}, title = {{New Insights into Energetic Bear’s Watering Hole Cyber Attacks on Turkish Critical Infrastructure}}, date = {2017-11-02}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/energetic-bear/}, language = {English}, urldate = {2020-01-13} } New Insights into Energetic Bear’s Watering Hole Cyber Attacks on Turkish Critical Infrastructure
Energetic Bear
2017-10-26RiskIQYonathan Klijnsma
@online{klijnsma:20171026:new:8298949, author = {Yonathan Klijnsma}, title = {{New htpRAT Gives Complete Remote Control Capabilities to Chinese Cyber Threat Actors}}, date = {2017-10-26}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/htprat/}, language = {English}, urldate = {2020-01-09} } New htpRAT Gives Complete Remote Control Capabilities to Chinese Cyber Threat Actors
htpRAT
2017-10-25RiskIQYonathan Klijnsma
@online{klijnsma:20171025:down:8d41ef5, author = {Yonathan Klijnsma}, title = {{Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection}}, date = {2017-10-25}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/badrabbit/}, language = {English}, urldate = {2020-01-10} } Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection
EternalPetya