Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-10RiskIQMicrosoft Threat Intelligence Center (MSTIC)
@online{mstic:20221010:dev0832:07768a3, author = {Microsoft Threat Intelligence Center (MSTIC)}, title = {{DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns}}, date = {2022-10-10}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/47766fbd}, language = {English}, urldate = {2022-10-19} } DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns
BlackCat Mount Locker SystemBC Zeppelin
2022-07-29RiskIQJordan Herman
@online{herman:20220729:falling:12d2d82, author = {Jordan Herman}, title = {{Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief)}}, date = {2022-07-29}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f3179571}, language = {English}, urldate = {2022-09-19} } Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief)
2022-07-27MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC), RiskIQ
@online{mstic:20220727:untangling:27dd5d0, author = {Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) and RiskIQ}, title = {{Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits}}, date = {2022-07-27}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/07/27/untangling-knotweed-european-private-sector-offensive-actor-using-0-day-exploits/}, language = {English}, urldate = {2022-08-15} } Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero
2022-07-01RiskIQRiskIQ
@online{riskiq:20220701:toddycat:485d554, author = {RiskIQ}, title = {{ToddyCat: A Guided Journey through the Attacker's Infrastructure}}, date = {2022-07-01}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/d8b749f2}, language = {English}, urldate = {2022-07-15} } ToddyCat: A Guided Journey through the Attacker's Infrastructure
ShadowPad ToddyCat
2022-06-16RiskIQJennifer Grob
@online{grob:20220616:riskiq:319bce7, author = {Jennifer Grob}, title = {{RiskIQ: New ManaTools Panel Identified}}, date = {2022-06-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/69dfdba2}, language = {English}, urldate = {2022-07-01} } RiskIQ: New ManaTools Panel Identified
2022-06-14RiskIQJordan Herman
@online{herman:20220614:riskiq:2007c54, author = {Jordan Herman}, title = {{RiskIQ: Identifying BumbleBee Command and Control Servers}}, date = {2022-06-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/0b211905/description}, language = {English}, urldate = {2023-04-06} } RiskIQ: Identifying BumbleBee Command and Control Servers
BumbleBee
2022-05-16RiskIQRiskIQ
@online{riskiq:20220516:riskiq:84b9ddd, author = {RiskIQ}, title = {{RiskIQ: Storm Clauds - New C2 Over DNS Mimics CloudFront}}, date = {2022-05-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/d8a78daf}, language = {English}, urldate = {2022-05-25} } RiskIQ: Storm Clauds - New C2 Over DNS Mimics CloudFront
Mirai
2022-05-10RiskIQKelsey Clapp
@online{clapp:20220510:commodity:7703042, author = {Kelsey Clapp}, title = {{Commodity Skimming & Magecart Trends in First Quarter of 2022}}, date = {2022-05-10}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/017cf2e6}, language = {English}, urldate = {2022-05-17} } Commodity Skimming & Magecart Trends in First Quarter of 2022
magecart
2022-05-10RiskIQRiskIQ
@online{riskiq:20220510:riskiq:0de1fcf, author = {RiskIQ}, title = {{RiskIQ: Identifying Dridex C2 via SSL Certificate Patterns}}, date = {2022-05-10}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/e4fb7245}, language = {English}, urldate = {2022-05-17} } RiskIQ: Identifying Dridex C2 via SSL Certificate Patterns
Dridex
2022-05-10RiskIQJennifer Grob
@online{grob:20220510:riskiq:e6dc6a0, author = {Jennifer Grob}, title = {{RiskIQ: VBScript Hosted on BlogSpot URL Deploys Malware Associated with NyanCat}}, date = {2022-05-10}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/0a8a0248}, language = {English}, urldate = {2022-05-17} } RiskIQ: VBScript Hosted on BlogSpot URL Deploys Malware Associated with NyanCat
2022-04-19RiskIQJennifer Grob
@online{grob:20220419:riskiq:7156e3c, author = {Jennifer Grob}, title = {{RiskIQ: Legitimate WordPress Site Hosts Malicious Content}}, date = {2022-04-19}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/3929ede0/description}, language = {English}, urldate = {2022-04-25} } RiskIQ: Legitimate WordPress Site Hosts Malicious Content
AsyncRAT
2022-04-18RiskIQJennifer Grob
@online{grob:20220418:riskiq:d5109f2, author = {Jennifer Grob}, title = {{RiskIQ: Trickbot Rickroll}}, date = {2022-04-18}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/04ec92f4}, language = {English}, urldate = {2022-04-20} } RiskIQ: Trickbot Rickroll
TrickBot
2022-03-18RiskIQJennifer Grob, RiskIQ
@online{grob:20220318:riskiq:3c630e5, author = {Jennifer Grob and RiskIQ}, title = {{RiskIQ: Fraudulent Website Attempts to Collect Donations in Support of Ukraine Humanitarian Fund (UHF)}}, date = {2022-03-18}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/c9a9e8a6}, language = {English}, urldate = {2022-03-22} } RiskIQ: Fraudulent Website Attempts to Collect Donations in Support of Ukraine Humanitarian Fund (UHF)
2022-03-16RiskIQJennifer Grob, RiskIQ
@online{grob:20220316:riskiq:be037c6, author = {Jennifer Grob and RiskIQ}, title = {{RiskIQ: Suspicious Domain Claiming Support for Ukraine Associated with Malware File}}, date = {2022-03-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/8f476ce5/indicators}, language = {English}, urldate = {2022-03-22} } RiskIQ: Suspicious Domain Claiming Support for Ukraine Associated with Malware File
2022-03-16RiskIQJennifer Grob, RiskIQ
@online{grob:20220316:riskiq:6615264, author = {Jennifer Grob and RiskIQ}, title = {{RiskIQ: Website Spoofed Ukrainian "Official site of the PrivatBank Charitable Foundation" to Skim Credit Card Data}}, date = {2022-03-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/57a3509b}, language = {English}, urldate = {2022-03-22} } RiskIQ: Website Spoofed Ukrainian "Official site of the PrivatBank Charitable Foundation" to Skim Credit Card Data
2022-03-15RiskIQRiskIQ
@online{riskiq:20220315:riskiq:da0e578, author = {RiskIQ}, title = {{RiskIQ: Trickbot Abuse of Compromised MikroTik Routers for Command and Control}}, date = {2022-03-15}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/111d6005/description}, language = {English}, urldate = {2022-03-17} } RiskIQ: Trickbot Abuse of Compromised MikroTik Routers for Command and Control
TrickBot
2022-03-02RiskIQJennifer Grob
@online{grob:20220302:riskiq:38b8181, author = {Jennifer Grob}, title = {{RiskIQ: Malware Linked to Upwork Post Seeking Content Writer for a "Newly Developed Application" Deploys DCRat}}, date = {2022-03-02}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/50c77491}, language = {English}, urldate = {2022-03-07} } RiskIQ: Malware Linked to Upwork Post Seeking Content Writer for a "Newly Developed Application" Deploys DCRat
DCRat
2022-03-01RiskIQJennifer Grob
@online{grob:20220301:riskiq:660957b, author = {Jennifer Grob}, title = {{RiskIQ: Fraudulent Website Spoofing UNHCR for Ukrainian Refugees Seeks Bitcoin Donations}}, date = {2022-03-01}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/1531a4e2}, language = {English}, urldate = {2022-03-07} } RiskIQ: Fraudulent Website Spoofing UNHCR for Ukrainian Refugees Seeks Bitcoin Donations
2022-02-25RiskIQRiskIQ
@online{riskiq:20220225:riskiq:07f3da6, author = {RiskIQ}, title = {{RiskIQ: UNC1151/GhostWriter Phishing Attacks Target Ukrainian Soldiers}}, date = {2022-02-25}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/e3a7ceea}, language = {English}, urldate = {2022-03-02} } RiskIQ: UNC1151/GhostWriter Phishing Attacks Target Ukrainian Soldiers
2022-02-24RiskIQRiskIQ
@online{riskiq:20220224:riskiq:c480135, author = {RiskIQ}, title = {{RiskIQ: WatchGuard Devices Targeted by Cyclops Blink Malware}}, date = {2022-02-24}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/9f863fcc}, language = {English}, urldate = {2022-03-02} } RiskIQ: WatchGuard Devices Targeted by Cyclops Blink Malware