Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-24ElasticSalim Bitam, Daniel Stepanic
@online{bitam:20230824:revisting:2a2c2e3, author = {Salim Bitam and Daniel Stepanic}, title = {{Revisting BLISTER: New development of the BLISTER loader}}, date = {2023-08-24}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/revisiting-blister-new-developments-of-the-blister-loader}, language = {English}, urldate = {2023-09-06} } Revisting BLISTER: New development of the BLISTER loader
Blister
2023-08-24ElasticSalim Bitam, Daniel Stepanic
@online{bitam:20230824:revisting:87dde30, author = {Salim Bitam and Daniel Stepanic}, title = {{Revisting BLISTER: New development of the BLISTER loader}}, date = {2023-08-24}, organization = {Elastic}, url = {https://security-labs.elastic.co/security-labs/revisiting-blister-new-developments-of-the-blister-loader}, language = {English}, urldate = {2023-08-28} } Revisting BLISTER: New development of the BLISTER loader
Blister
2023-06-29ElasticColson Wilhoit, Salim Bitam, Seth Goodwin, Andrew Pease, Ricardo Ungureanu
@online{wilhoit:20230629:dprk:e7dd437, author = {Colson Wilhoit and Salim Bitam and Seth Goodwin and Andrew Pease and Ricardo Ungureanu}, title = {{The DPRK strikes using a new variant of RUSTBUCKET}}, date = {2023-06-29}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/DPRK-strikes-using-a-new-variant-of-rustbucket}, language = {English}, urldate = {2023-07-02} } The DPRK strikes using a new variant of RUSTBUCKET
RustBucket
2023-06-21ElasticColson Wilhoit, Salim Bitam, Seth Goodwin, Andrew Pease, Ricardo Ungureanu
@online{wilhoit:20230621:initial:4eacdf5, author = {Colson Wilhoit and Salim Bitam and Seth Goodwin and Andrew Pease and Ricardo Ungureanu}, title = {{Initial research exposing JOKERSPY}}, date = {2023-06-21}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/inital-research-of-jokerspy}, language = {English}, urldate = {2023-07-11} } Initial research exposing JOKERSPY
JokerSpy
2023-04-07ElasticSalim Bitam
@online{bitam:20230407:attack:aed6a32, author = {Salim Bitam}, title = {{Attack chain leads to XWORM and AGENTTESLA}}, date = {2023-04-07}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/attack-chain-leads-to-xworm-and-agenttesla}, language = {English}, urldate = {2023-05-08} } Attack chain leads to XWORM and AGENTTESLA
Agent Tesla XWorm
2023-02-02ElasticSalim Bitam, Remco Sprooten, Cyril François, Andrew Pease, Devon Kerr, Seth Goodwin
@online{bitam:20230202:update:57ea3a2, author = {Salim Bitam and Remco Sprooten and Cyril François and Andrew Pease and Devon Kerr and Seth Goodwin}, title = {{Update to the REF2924 intrusion set and related campaigns}}, date = {2023-02-02}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/update-to-the-REF2924-intrusion-set-and-related-campaigns}, language = {English}, urldate = {2023-03-21} } Update to the REF2924 intrusion set and related campaigns
DoorMe ShadowPad SiestaGraph
2022-12-16ElasticSamir Bousseaden, Andrew Pease, Daniel Stepanic, Salim Bitam, Seth Goodwin, Devon Kerr
@online{bousseaden:20221216:siestagraph:bb73ce7, author = {Samir Bousseaden and Andrew Pease and Daniel Stepanic and Salim Bitam and Seth Goodwin and Devon Kerr}, title = {{SiestaGraph: New implant uncovered in ASEAN member foreign ministry}}, date = {2022-12-16}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/siestagraph-new-implant-uncovered-in-asean-member-foreign-ministry}, language = {English}, urldate = {2022-12-19} } SiestaGraph: New implant uncovered in ASEAN member foreign ministry
DoorMe SiestaGraph
2022-09-09ElasticSalim Bitam
@online{bitam:20220909:bughatch:438e7ac, author = {Salim Bitam}, title = {{BUGHATCH Malware Analysis}}, date = {2022-09-09}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/bughatch-malware-analysis}, language = {English}, urldate = {2022-09-13} } BUGHATCH Malware Analysis
BUGHATCH
2022-06-01ElasticSalim Bitam
@online{bitam:20220601:cuba:040c34a, author = {Salim Bitam}, title = {{CUBA Ransomware Malware Analysis}}, date = {2022-06-01}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/cuba-ransomware-malware-analysis}, language = {English}, urldate = {2022-06-09} } CUBA Ransomware Malware Analysis
Cuba
2022-06-01ElasticDaniel Stepanic, Derek Ditch, Seth Goodwin, Salim Bitam, Andrew Pease
@online{stepanic:20220601:cuba:333f7c1, author = {Daniel Stepanic and Derek Ditch and Seth Goodwin and Salim Bitam and Andrew Pease}, title = {{CUBA Ransomware Campaign Analysis}}, date = {2022-06-01}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/cuba-ransomware-campaign-analysis}, language = {English}, urldate = {2022-06-09} } CUBA Ransomware Campaign Analysis
Cobalt Strike Cuba Meterpreter MimiKatz SystemBC
2022-05-05ElasticCyril François, Daniel Stepanic, Salim Bitam
@online{franois:20220505:blister:9404a29, author = {Cyril François and Daniel Stepanic and Salim Bitam}, title = {{BLISTER Loader}}, date = {2022-05-05}, organization = {Elastic}, url = {https://elastic.github.io/security-research/malware/2022/05/02.blister/article/}, language = {English}, urldate = {2022-05-09} } BLISTER Loader
Blister