Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-20Cado SecurityMatt Muir
@online{muir:20230920:cado:0769cd6, author = {Matt Muir}, title = {{Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic}}, date = {2023-09-20}, organization = {Cado Security}, url = {https://www.cadosecurity.com/cado-security-labs-researchers-witness-a-600x-increase-in-p2pinfect-traffic/}, language = {English}, urldate = {2023-09-25} } Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic
2023-09-18Alpine SecurityBorja Merino
@online{merino:20230918:hijackloader:e047216, author = {Borja Merino}, title = {{HijackLoader Targets Hotels: A Technical Analysis}}, date = {2023-09-18}, organization = {Alpine Security}, url = {https://alpine-sec.medium.com/hijackloader-targets-hotels-a-technical-analysis-c2795fc4f3a3}, language = {English}, urldate = {2023-09-29} } HijackLoader Targets Hotels: A Technical Analysis
HijackLoader
2023-09-18KrebsOnSecurityBrian Krebs
@online{krebs:20230918:whos:a141b00, author = {Brian Krebs}, title = {{Who's Behind the 8Base Ransomware Website?}}, date = {2023-09-18}, organization = {KrebsOnSecurity}, url = {https://krebsonsecurity.com/2023/09/whos-behind-the-8base-ransomware-website/}, language = {English}, urldate = {2023-09-22} } Who's Behind the 8Base Ransomware Website?
8Base
2023-09-13SecurityScorecardVlad Pasca
@online{pasca:20230913:detailed:e8e910b, author = {Vlad Pasca}, title = {{A detailed analysis of the Money Message Ransomware}}, date = {2023-09-13}, organization = {SecurityScorecard}, url = {https://resources.securityscorecard.com/research/analysis-money-message-ransomware}, language = {English}, urldate = {2023-09-20} } A detailed analysis of the Money Message Ransomware
Money Message
2023-09-12Security IntelligenceOle Villadsen, Golo Mühr, Kat Metrick
@online{villadsen:20230912:email:21d359c, author = {Ole Villadsen and Golo Mühr and Kat Metrick}, title = {{Email campaigns leverage updated DBatLoader to deliver RATs, stealers}}, date = {2023-09-12}, organization = {Security Intelligence}, url = {https://securityintelligence.com/posts/email-campaigns-leverage-updated-dbatloader-deliver-rats-stealers/}, language = {English}, urldate = {2023-09-25} } Email campaigns leverage updated DBatLoader to deliver RATs, stealers
DBatLoader
2023-09-08K7 SecuritySudeep Waingankar
@online{waingankar:20230908:romcom:2c93c76, author = {Sudeep Waingankar}, title = {{RomCom RAT: Not Your Typical Love Story}}, date = {2023-09-08}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/romcom-rat-not-your-typical-love-story/}, language = {English}, urldate = {2023-09-13} } RomCom RAT: Not Your Typical Love Story
ROMCOM RAT
2023-09-07GoogleClement Lecigne, Maddie Stone, Google Threat Analysis Group
@online{lecigne:20230907:active:d42dacb, author = {Clement Lecigne and Maddie Stone and Google Threat Analysis Group}, title = {{Active North Korean campaign targeting security researchers}}, date = {2023-09-07}, organization = {Google}, url = {https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/}, language = {English}, urldate = {2023-09-08} } Active North Korean campaign targeting security researchers
2023-09-06MicrosoftMicrosoft Security Response Center (MSRC)
@online{msrc:20230906:results:7ed992f, author = {Microsoft Security Response Center (MSRC)}, title = {{Results of Major Technical Investigations for Storm-0558 Key Acquisition}}, date = {2023-09-06}, organization = {Microsoft}, url = {https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition}, language = {English}, urldate = {2023-09-11} } Results of Major Technical Investigations for Storm-0558 Key Acquisition
2023-08-29KrebsOnSecurityBrian Krebs
@online{krebs:20230829:us:bd6f194, author = {Brian Krebs}, title = {{U.S. Hacks QakBot, Quietly Removes Botnet Infections}}, date = {2023-08-29}, organization = {KrebsOnSecurity}, url = {https://krebsonsecurity.com/2023/08/u-s-hacks-qakbot-quietly-removes-botnet-infections/}, language = {English}, urldate = {2023-08-31} } U.S. Hacks QakBot, Quietly Removes Botnet Infections
QakBot
2023-08-28National Coordination Center for Cyber Security
@techreport{security:20230828:gamaredon:6365aee, author = {National Coordination Center for Cyber Security}, title = {{Gamaredon Activity amid Ukraine's Counteroffensive}}, date = {2023-08-28}, institution = {}, url = {https://www.rnbo.gov.ua/files/2023_YEAR/CYBERCENTER/Gamaredon_activity.pdf}, language = {English}, urldate = {2023-09-06} } Gamaredon Activity amid Ukraine's Counteroffensive
Pteranodon
2023-08-25Github (telekom-security)Fabian Marquardt
@online{marquardt:20230825:darkgate:e063af0, author = {Fabian Marquardt}, title = {{DarkGate configuration extractor}}, date = {2023-08-25}, organization = {Github (telekom-security)}, url = {https://github.com/telekom-security/malware_analysis/blob/main/darkgate/extractor.py}, language = {English}, urldate = {2023-08-25} } DarkGate configuration extractor
DarkGate
2023-08-08Security Service of UkraineSecurity Service of Ukraine
@techreport{ukraine:20230808:cyber:8bbe546, author = {Security Service of Ukraine}, title = {{Cyber Operation of Russian Intelligence Services as a Component of Confrontation on the Battlefield}}, date = {2023-08-08}, institution = {Security Service of Ukraine}, url = {https://ssu.gov.ua/uploads/files/DKIB/technical-report.pdf}, language = {English}, urldate = {2023-08-09} } Cyber Operation of Russian Intelligence Services as a Component of Confrontation on the Battlefield
2023-08-08Security Service of UkraineSecurity Service of Ukraine
@online{ukraine:20230808:sbu:3a0ed3b, author = {Security Service of Ukraine}, title = {{SBU exposes russian intelligence attempts to penetrate Armed Forces' planning operations system}}, date = {2023-08-08}, organization = {Security Service of Ukraine}, url = {https://ssu.gov.ua/en/novyny/sbu-exposes-russian-intelligence-attempts-to-penetrate-armed-forces-planning-operations-system}, language = {English}, urldate = {2023-08-09} } SBU exposes russian intelligence attempts to penetrate Armed Forces' planning operations system
2023-07-31Cado SecurityNate Bill, Matt Muir
@online{bill:20230731:cado:d8b3831, author = {Nate Bill and Matt Muir}, title = {{Cado Security Labs Encounter Novel Malware, Redis P2Pinfect}}, date = {2023-07-31}, organization = {Cado Security}, url = {https://www.cadosecurity.com/redis-p2pinfect/}, language = {English}, urldate = {2023-09-18} } Cado Security Labs Encounter Novel Malware, Redis P2Pinfect
2023-07-29GoogleGoogle Cybersecurity Action Team
@techreport{team:20230729:threat:11709ae, author = {Google Cybersecurity Action Team}, title = {{Threat Horizons August 2023 Threat Horizons Report}}, date = {2023-07-29}, institution = {Google}, url = {https://services.google.com/fh/files/blogs/gcat_threathorizons_full_jul2023.pdf}, language = {English}, urldate = {2023-08-03} } Threat Horizons August 2023 Threat Horizons Report
SharkBot Cobalt Strike
2023-07-25K7 SecurityVigneshwaran P
@online{p:20230725:akiras:71513eb, author = {Vigneshwaran P}, title = {{Akira’s Play with Linux}}, date = {2023-07-25}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/akiras-play-with-linux/}, language = {English}, urldate = {2023-08-21} } Akira’s Play with Linux
Akira
2023-07-25KrebsOnSecurityBrian Krebs
@online{krebs:20230725:who:55175fa, author = {Brian Krebs}, title = {{Who and What is Behind the Malware Proxy Service SocksEscort?}}, date = {2023-07-25}, organization = {KrebsOnSecurity}, url = {https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/}, language = {English}, urldate = {2023-07-31} } Who and What is Behind the Malware Proxy Service SocksEscort?
AVrecon
2023-07-18Positive TechnologiesPTSecurity
@online{ptsecurity:20230718:space:762049d, author = {PTSecurity}, title = {{Space Pirates: a look into the group's unconventional techniques, new attack vectors, and tools}}, date = {2023-07-18}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/space-pirates-a-look-into-the-group-s-unconventional-techniques-new-attack-vectors-and-tools/#id4}, language = {English}, urldate = {2023-07-19} } Space Pirates: a look into the group's unconventional techniques, new attack vectors, and tools
Voidoor
2023-07-18GitHubAlexis Wales
@online{wales:20230718:security:2a06895, author = {Alexis Wales}, title = {{Security alert: social engineering campaign targets technology industry employees (Jade Sleet/Storm-0954)}}, date = {2023-07-18}, organization = {GitHub}, url = {https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees}, language = {English}, urldate = {2023-07-25} } Security alert: social engineering campaign targets technology industry employees (Jade Sleet/Storm-0954)
2023-07-17AcronisAcronis Security
@online{security:20230717:8base:e99c087, author = {Acronis Security}, title = {{8Base ransomware stays unseen for a year}}, date = {2023-07-17}, organization = {Acronis}, url = {https://www.acronis.com/en-sg/cyber-protection-center/posts/8base-ransomware-stays-unseen-for-a-year/}, language = {English}, urldate = {2023-08-09} } 8Base ransomware stays unseen for a year
8Base Phobos SmokeLoader