Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-09SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20230309:cobalt:0b8f330, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{COBALT ILLUSION Masquerades as Atlantic Council Employee}}, date = {2023-03-09}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/cobalt-illusion-masquerades-as-atlantic-council-employee}, language = {English}, urldate = {2023-03-29} } COBALT ILLUSION Masquerades as Atlantic Council Employee
2023-01-26SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20230126:abrahams:8f8b2e6, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{Abraham's Ax Likely Linked to Moses Staff}}, date = {2023-01-26}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/abrahams-ax-likely-linked-to-moses-staff}, language = {English}, urldate = {2023-03-29} } Abraham's Ax Likely Linked to Moses Staff
StrifeWater RAT
2022-12-09SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20221209:drokbk:0f8a8ad, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{Drokbk Malware Uses GitHub as Dead Drop Resolver}}, date = {2022-12-09}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver}, language = {English}, urldate = {2023-01-03} } Drokbk Malware Uses GitHub as Dead Drop Resolver
Drokbk
2022-09-14SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220914:opsec:b493562, author = {Counter Threat Unit ResearchTeam}, title = {{Opsec Mistakes Reveal COBALT MIRAGE Threat Actors}}, date = {2022-09-14}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/opsec-mistakes-reveal-cobalt-mirage-threat-actors}, language = {English}, urldate = {2022-09-19} } Opsec Mistakes Reveal COBALT MIRAGE Threat Actors
TUNNELFISH
2022-09-08SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220908:bronze:1975ebf, author = {Counter Threat Unit ResearchTeam}, title = {{BRONZE PRESIDENT Targets Government Officials}}, date = {2022-09-08}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/bronze-president-targets-government-officials}, language = {English}, urldate = {2022-09-13} } BRONZE PRESIDENT Targets Government Officials
PlugX
2022-08-17SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220817:darktortilla:9a00612, author = {Counter Threat Unit ResearchTeam}, title = {{DarkTortilla Malware Analysis}}, date = {2022-08-17}, organization = {Secureworks}, url = {https://www.secureworks.com/research/darktortilla-malware-analysis}, language = {English}, urldate = {2023-01-05} } DarkTortilla Malware Analysis
Agent Tesla AsyncRAT Cobalt Strike DarkTortilla Nanocore RAT RedLine Stealer
2022-06-23SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220623:bronze:8bccd74, author = {Counter Threat Unit ResearchTeam}, title = {{BRONZE STARLIGHT Ransomware Operations Use HUI Loader}}, date = {2022-06-23}, organization = {Secureworks}, url = {https://www.secureworks.com/research/bronze-starlight-ransomware-operations-use-hui-loader}, language = {English}, urldate = {2022-09-20} } BRONZE STARLIGHT Ransomware Operations Use HUI Loader
ATOMSILO Cobalt Strike HUI Loader LockFile NightSky Pandora PlugX Quasar RAT Rook SodaMaster
2022-05-12SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220512:cobalt:6d50163, author = {Counter Threat Unit ResearchTeam}, title = {{COBALT MIRAGE Conducts Ransomware Operations in U.S.}}, date = {2022-05-12}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/cobalt-mirage-conducts-ransomware-operations-in-us}, language = {English}, urldate = {2022-05-13} } COBALT MIRAGE Conducts Ransomware Operations in U.S.
CobaltMirage FRP
2022-05-09SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220509:revil:53c819e, author = {Counter Threat Unit ResearchTeam}, title = {{REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence}}, date = {2022-05-09}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/revil-development-adds-confidence-about-gold-southfield-reemergence?linkId=164334801}, language = {English}, urldate = {2022-05-11} } REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence
REvil
2022-04-27SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220427:bronze:34ac36a, author = {Counter Threat Unit ResearchTeam}, title = {{BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX}}, date = {2022-04-27}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/bronze-president-targets-russian-speakers-with-updated-plugx}, language = {English}, urldate = {2022-04-29} } BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX
PlugX
2022-04-21SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220421:gold:5d6ad6d, author = {Counter Threat Unit ResearchTeam}, title = {{GOLD ULRICK Continues Conti Operations Despite Public Disclosures}}, date = {2022-04-21}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/gold-ulrick-continues-conti-operations-despite-public-disclosures}, language = {English}, urldate = {2022-04-29} } GOLD ULRICK Continues Conti Operations Despite Public Disclosures
Conti Conti
2022-04-05SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220405:azure:818fbe9, author = {Counter Threat Unit ResearchTeam}, title = {{Azure Active Directory Exposes Internal Information}}, date = {2022-04-05}, organization = {Secureworks}, url = {https://www.secureworks.com/research/azure-active-directory-exposes-internal-information}, language = {English}, urldate = {2022-04-07} } Azure Active Directory Exposes Internal Information
2022-03-23SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220323:gold:0f3da90, author = {Counter Threat Unit ResearchTeam}, title = {{GOLD ULRICK Leaks Reveal Organizational Structure and Relationships}}, date = {2022-03-23}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/gold-ulrick-leaks-reveal-organizational-structure-and-relationships}, language = {English}, urldate = {2022-03-25} } GOLD ULRICK Leaks Reveal Organizational Structure and Relationships
Conti Emotet IcedID TrickBot
2022-03-23SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220323:threat:84ad46c, author = {Counter Threat Unit ResearchTeam}, title = {{Threat Intelligence Executive Report Volume 2022, Number 2}}, date = {2022-03-23}, organization = {Secureworks}, url = {https://content.secureworks.com/-/media/Files/US/Reports/Monthly%20Threat%20Intelligence/Secureworks_ECO1_ThreatIntelligenceExecutiveReport2022Vol2.ashx}, language = {English}, urldate = {2022-03-25} } Threat Intelligence Executive Report Volume 2022, Number 2
Conti Emotet IcedID TrickBot
2022-03-08SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220308:excel:0f4e5c9, author = {Counter Threat Unit ResearchTeam}, title = {{Excel Add-ins Deliver JSSLoader Malware}}, date = {2022-03-08}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/excel-add-ins-deliver-jssloader-malware}, language = {English}, urldate = {2022-03-22} } Excel Add-ins Deliver JSSLoader Malware
JSSLoader
2022-03-02SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220302:domains:ae50314, author = {Counter Threat Unit ResearchTeam}, title = {{Domains Linked to Phishing Attacks Targeting Ukraine}}, date = {2022-03-02}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/domains-linked-to-phishing-attacks-targeting-ukraine}, language = {English}, urldate = {2022-03-22} } Domains Linked to Phishing Attacks Targeting Ukraine
2022-02-25SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220225:disruptive:d6c7b5d, author = {Counter Threat Unit ResearchTeam}, title = {{Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations}}, date = {2022-02-25}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/disruptive-hermeticwiper-attacks-targeting-ukrainian-organizations}, language = {English}, urldate = {2022-03-01} } Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations
HermeticWiper
2022-02-15SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220215:shadowpad:cd3fa10, author = {Counter Threat Unit ResearchTeam}, title = {{ShadowPad Malware Analysis}}, date = {2022-02-15}, organization = {Secureworks}, url = {https://www.secureworks.com/research/shadowpad-malware-analysis}, language = {English}, urldate = {2022-02-17} } ShadowPad Malware Analysis
ShadowPad
2022-01-25SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220125:ransoms:5ec60a6, author = {Counter Threat Unit ResearchTeam}, title = {{Ransoms Demanded for Hijacked Instagram Accounts}}, date = {2022-01-25}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ransoms-demanded-for-hijacked-instagram-accounts}, language = {English}, urldate = {2022-01-28} } Ransoms Demanded for Hijacked Instagram Accounts
2022-01-21SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220121:whispergate:bcdbf9d, author = {Counter Threat Unit ResearchTeam}, title = {{WhisperGate: Not NotPetya}}, date = {2022-01-21}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/whispergate-not-notpetya}, language = {English}, urldate = {2022-01-25} } WhisperGate: Not NotPetya
WhisperGate