Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-29SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20230829:law:6b1fa22, author = {Counter Threat Unit ResearchTeam}, title = {{Law Enforcement Takes Down QakBot}}, date = {2023-08-29}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/law-enforcement-takes-down-qakbot}, language = {English}, urldate = {2023-08-30} } Law Enforcement Takes Down QakBot
QakBot
2023-05-24SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20230524:chinese:2075fee, author = {Counter Threat Unit ResearchTeam}, title = {{Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations}}, date = {2023-05-24}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/chinese-cyberespionage-group-bronze-silhouette-targets-us-government-and-defense-organizations}, language = {English}, urldate = {2023-05-26} } Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations
Volt Typhoon
2023-05-16SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20230516:growing:c703021, author = {Counter Threat Unit ResearchTeam}, title = {{The Growing Threat from Infostealers}}, date = {2023-05-16}, organization = {Secureworks}, url = {https://www.secureworks.com/research/the-growing-threat-from-infostealers}, language = {English}, urldate = {2023-07-31} } The Growing Threat from Infostealers
Graphiron GraphSteel Raccoon RedLine Stealer Rhadamanthys Taurus Stealer Vidar
2023-04-20SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20230420:bumblebee:c69430d, author = {Counter Threat Unit ResearchTeam}, title = {{Bumblebee Malware Distributed Via Trojanized Installer Downloads}}, date = {2023-04-20}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/bumblebee-malware-distributed-via-trojanized-installer-downloads}, language = {English}, urldate = {2023-04-22} } Bumblebee Malware Distributed Via Trojanized Installer Downloads
BumbleBee Cobalt Strike
2023-03-09SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20230309:cobalt:0b8f330, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{COBALT ILLUSION Masquerades as Atlantic Council Employee}}, date = {2023-03-09}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/cobalt-illusion-masquerades-as-atlantic-council-employee}, language = {English}, urldate = {2023-03-29} } COBALT ILLUSION Masquerades as Atlantic Council Employee
2023-01-26SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20230126:abrahams:8f8b2e6, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{Abraham's Ax Likely Linked to Moses Staff}}, date = {2023-01-26}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/abrahams-ax-likely-linked-to-moses-staff}, language = {English}, urldate = {2023-03-29} } Abraham's Ax Likely Linked to Moses Staff
StrifeWater RAT
2022-12-09SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20221209:drokbk:0f8a8ad, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{Drokbk Malware Uses GitHub as Dead Drop Resolver}}, date = {2022-12-09}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver}, language = {English}, urldate = {2023-01-03} } Drokbk Malware Uses GitHub as Dead Drop Resolver
Drokbk
2022-09-14SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220914:opsec:b493562, author = {Counter Threat Unit ResearchTeam}, title = {{Opsec Mistakes Reveal COBALT MIRAGE Threat Actors}}, date = {2022-09-14}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/opsec-mistakes-reveal-cobalt-mirage-threat-actors}, language = {English}, urldate = {2022-09-19} } Opsec Mistakes Reveal COBALT MIRAGE Threat Actors
TUNNELFISH
2022-09-08SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220908:bronze:1975ebf, author = {Counter Threat Unit ResearchTeam}, title = {{BRONZE PRESIDENT Targets Government Officials}}, date = {2022-09-08}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/bronze-president-targets-government-officials}, language = {English}, urldate = {2022-09-13} } BRONZE PRESIDENT Targets Government Officials
PlugX
2022-08-17SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220817:darktortilla:9a00612, author = {Counter Threat Unit ResearchTeam}, title = {{DarkTortilla Malware Analysis}}, date = {2022-08-17}, organization = {Secureworks}, url = {https://www.secureworks.com/research/darktortilla-malware-analysis}, language = {English}, urldate = {2023-01-05} } DarkTortilla Malware Analysis
Agent Tesla AsyncRAT Cobalt Strike DarkTortilla Nanocore RAT RedLine Stealer
2022-06-23SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220623:bronze:8bccd74, author = {Counter Threat Unit ResearchTeam}, title = {{BRONZE STARLIGHT Ransomware Operations Use HUI Loader}}, date = {2022-06-23}, organization = {Secureworks}, url = {https://www.secureworks.com/research/bronze-starlight-ransomware-operations-use-hui-loader}, language = {English}, urldate = {2022-09-20} } BRONZE STARLIGHT Ransomware Operations Use HUI Loader
ATOMSILO Cobalt Strike HUI Loader LockFile NightSky Pandora PlugX Quasar RAT Rook SodaMaster
2022-05-12SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220512:cobalt:6d50163, author = {Counter Threat Unit ResearchTeam}, title = {{COBALT MIRAGE Conducts Ransomware Operations in U.S.}}, date = {2022-05-12}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/cobalt-mirage-conducts-ransomware-operations-in-us}, language = {English}, urldate = {2022-05-13} } COBALT MIRAGE Conducts Ransomware Operations in U.S.
CobaltMirage FRP
2022-05-09SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220509:revil:53c819e, author = {Counter Threat Unit ResearchTeam}, title = {{REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence}}, date = {2022-05-09}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/revil-development-adds-confidence-about-gold-southfield-reemergence?linkId=164334801}, language = {English}, urldate = {2022-05-11} } REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence
REvil
2022-04-27SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220427:bronze:34ac36a, author = {Counter Threat Unit ResearchTeam}, title = {{BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX}}, date = {2022-04-27}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/bronze-president-targets-russian-speakers-with-updated-plugx}, language = {English}, urldate = {2022-04-29} } BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX
PlugX
2022-04-21SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220421:gold:5d6ad6d, author = {Counter Threat Unit ResearchTeam}, title = {{GOLD ULRICK Continues Conti Operations Despite Public Disclosures}}, date = {2022-04-21}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/gold-ulrick-continues-conti-operations-despite-public-disclosures}, language = {English}, urldate = {2022-04-29} } GOLD ULRICK Continues Conti Operations Despite Public Disclosures
Conti Conti
2022-04-05SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220405:azure:818fbe9, author = {Counter Threat Unit ResearchTeam}, title = {{Azure Active Directory Exposes Internal Information}}, date = {2022-04-05}, organization = {Secureworks}, url = {https://www.secureworks.com/research/azure-active-directory-exposes-internal-information}, language = {English}, urldate = {2022-04-07} } Azure Active Directory Exposes Internal Information
2022-03-23SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220323:gold:0f3da90, author = {Counter Threat Unit ResearchTeam}, title = {{GOLD ULRICK Leaks Reveal Organizational Structure and Relationships}}, date = {2022-03-23}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/gold-ulrick-leaks-reveal-organizational-structure-and-relationships}, language = {English}, urldate = {2022-03-25} } GOLD ULRICK Leaks Reveal Organizational Structure and Relationships
Conti Emotet IcedID TrickBot
2022-03-23SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220323:threat:84ad46c, author = {Counter Threat Unit ResearchTeam}, title = {{Threat Intelligence Executive Report Volume 2022, Number 2}}, date = {2022-03-23}, organization = {Secureworks}, url = {https://content.secureworks.com/-/media/Files/US/Reports/Monthly%20Threat%20Intelligence/Secureworks_ECO1_ThreatIntelligenceExecutiveReport2022Vol2.ashx}, language = {English}, urldate = {2022-03-25} } Threat Intelligence Executive Report Volume 2022, Number 2
Conti Emotet IcedID TrickBot
2022-03-08SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220308:excel:0f4e5c9, author = {Counter Threat Unit ResearchTeam}, title = {{Excel Add-ins Deliver JSSLoader Malware}}, date = {2022-03-08}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/excel-add-ins-deliver-jssloader-malware}, language = {English}, urldate = {2022-03-22} } Excel Add-ins Deliver JSSLoader Malware
JSSLoader
2022-03-02SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220302:domains:ae50314, author = {Counter Threat Unit ResearchTeam}, title = {{Domains Linked to Phishing Attacks Targeting Ukraine}}, date = {2022-03-02}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/domains-linked-to-phishing-attacks-targeting-ukraine}, language = {English}, urldate = {2022-03-22} } Domains Linked to Phishing Attacks Targeting Ukraine