Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-22RiskIQRiskIQ
@online{riskiq:20210422:solarwinds:83581ea, author = {RiskIQ}, title = {{SolarWinds: Advancing the Story}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/9a515637}, language = {English}, urldate = {2021-04-28} } SolarWinds: Advancing the Story
SUNBURST
2021-04-22RiskIQAdam Castleman, Jordan Herman
@online{castleman:20210422:stealing:d799b15, author = {Adam Castleman and Jordan Herman}, title = {{Stealing All Your Information For Years With Shadow Z118 PayPal Phish Kits}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/50bcba95}, language = {English}, urldate = {2021-04-28} } Stealing All Your Information For Years With Shadow Z118 PayPal Phish Kits
2021-04-07RiskIQAdam Castleman, Jordan Herman
@online{castleman:20210407:yanbian:dcf9de9, author = {Adam Castleman and Jordan Herman}, title = {{Yanbian Gang Malware Continues with Wide-Scale Distribution and C2}}, date = {2021-04-07}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f88ed16f/description}, language = {English}, urldate = {2021-04-09} } Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
2021-04-07RiskIQTeam RiskIQ
@online{riskiq:20210407:yanbian:43530e8, author = {Team RiskIQ}, title = {{Yanbian Gang Malware Continues with Wide-Scale Distribution and C2}}, date = {2021-04-07}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/external-threat-management/yanbian-gang-malware-distribution/}, language = {English}, urldate = {2021-04-19} } Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
Yanbian Gang
2021-02-24RiskIQJordan Herman
@online{herman:20210224:turkey:2d3f340, author = {Jordan Herman}, title = {{Turkey Dog: Cerberus and Anubis Banking Trojans Target Turkish Speakers}}, date = {2021-02-24}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/85b3db8c}, language = {English}, urldate = {2021-02-25} } Turkey Dog: Cerberus and Anubis Banking Trojans Target Turkish Speakers
Anubis Cerberus
2021-01-27RiskIQAdam Castleman
@online{castleman:20210127:logokit:7322a8b, author = {Adam Castleman}, title = {{LogoKit: Simple, Effective, and Deceptive}}, date = {2021-01-27}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/a068810a}, language = {English}, urldate = {2021-01-29} } LogoKit: Simple, Effective, and Deceptive
2021-01-14RiskIQTeam RiskIQ
@online{riskiq:20210114:new:29f2c96, author = {Team RiskIQ}, title = {{New Analysis Puts Magecart Interconnectivity into Focus}}, date = {2021-01-14}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-medialand/}, language = {English}, urldate = {2021-01-18} } New Analysis Puts Magecart Interconnectivity into Focus
grelos magecart Raccoon
2021-01-14RiskIQJordan Herman
@online{herman:20210114:medialand:3f603bd, author = {Jordan Herman}, title = {{MediaLand: Magecart and Bulletproof Hosting}}, date = {2021-01-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/5bea32aa}, language = {English}, urldate = {2021-01-21} } MediaLand: Magecart and Bulletproof Hosting
magecart
2020-12-16RiskIQMia Ihm, Cory Kennedy, Jordan Herman
@online{ihm:20201216:skimming:608e648, author = {Mia Ihm and Cory Kennedy and Jordan Herman}, title = {{Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists}}, date = {2020-12-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/14924d61}, language = {English}, urldate = {2020-12-17} } Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists
magecart
2020-12-02RiskIQCorian Kennedy
@online{kennedy:20201202:shadow:76686c6, author = {Corian Kennedy}, title = {{Shadow Academy: Hiding in the shadows of Mabna Institute}}, date = {2020-12-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/44eb0802}, language = {English}, urldate = {2020-12-10} } Shadow Academy: Hiding in the shadows of Mabna Institute
Silent Librarian
2020-12-02RiskIQTeam RiskIQ
@online{riskiq:20201202:shadow:b331bd4, author = {Team RiskIQ}, title = {{‘Shadow Academy’ Targets 20 Universities Worldwide}}, date = {2020-12-02}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/external-threat-management/shadow-academy/}, language = {English}, urldate = {2020-12-08} } ‘Shadow Academy’ Targets 20 Universities Worldwide
2020-11-18RiskIQJordan Herman
@online{herman:20201118:grelos:7b6e4d2, author = {Jordan Herman}, title = {{The Grelos Skimmer: A New Variant}}, date = {2020-11-18}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/8c4b4a7a}, language = {English}, urldate = {2020-11-23} } The Grelos Skimmer: A New Variant
grelos
2020-11-11RiskIQJordan Herman
@online{herman:20201111:magecart:8137a1f, author = {Jordan Herman}, title = {{Magecart Group 12: End of Life Magento Sites Infested with Ants and Cockroaches}}, date = {2020-11-11}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/fda1f967}, language = {English}, urldate = {2020-11-18} } Magecart Group 12: End of Life Magento Sites Infested with Ants and Cockroaches
magecart
2020-10-29RiskIQRiskIQ
@online{riskiq:20201029:ryuk:0643968, author = {RiskIQ}, title = {{Ryuk Ransomware: Extensive Attack Infrastructure Revealed}}, date = {2020-10-29}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/0bcefe76}, language = {English}, urldate = {2020-11-02} } Ryuk Ransomware: Extensive Attack Infrastructure Revealed
Cobalt Strike Ryuk
2020-10-28RiskIQSteve Ginty
@online{ginty:20201028:domain:a285cb1, author = {Steve Ginty}, title = {{Domain Impersonation Targets Saudi Arabian Government Ministries}}, date = {2020-10-28}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/4fff4b0f}, language = {English}, urldate = {2020-11-02} } Domain Impersonation Targets Saudi Arabian Government Ministries
2020-10-14RiskIQSteve Ginty, Jon Gross
@online{ginty:20201014:wellmarked:9176303, author = {Steve Ginty and Jon Gross}, title = {{A Well-Marked Trail: Journeying through OceanLotus's Infrastructure}}, date = {2020-10-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f0320980}, language = {English}, urldate = {2020-10-23} } A Well-Marked Trail: Journeying through OceanLotus's Infrastructure
Cobalt Strike
2020-09-30RiskIQJon Gross
@online{gross:20200930:diving:8e26441, author = {Jon Gross}, title = {{Diving Into DONOT's Mobile Rabbit Hole}}, date = {2020-09-30}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/6f60db72}, language = {English}, urldate = {2020-10-04} } Diving Into DONOT's Mobile Rabbit Hole
Unidentified APK 005
2020-09-16RiskIQJon Gross
@online{gross:20200916:riskiq:da4b864, author = {Jon Gross}, title = {{RiskIQ: Adventures in Cookie Land - Part 2}}, date = {2020-09-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/56fa1b2f}, language = {English}, urldate = {2020-09-23} } RiskIQ: Adventures in Cookie Land - Part 2
8.t Dropper Chinoxy Poison Ivy
2020-09-02RiskIQJordan Herman
@online{herman:20200902:inter:93b8c50, author = {Jordan Herman}, title = {{The Inter Skimmer Kit}}, date = {2020-09-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/30f22a00}, language = {English}, urldate = {2020-09-04} } The Inter Skimmer Kit
magecart DreamBot TeslaCrypt
2020-08-21RiskIQSteve Ginty
@online{ginty:20200821:pinchy:24fe21a, author = {Steve Ginty}, title = {{Pinchy Spider: Ransomware Infrastructure Connected to Dark Web Marketplace}}, date = {2020-08-21}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/3315064b}, language = {English}, urldate = {2020-09-01} } Pinchy Spider: Ransomware Infrastructure Connected to Dark Web Marketplace
REvil