Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-23SecuronixDen Iyzvyk, Tim Peck, T. Peck, O. Kolesnikov, D. Iuzvyk
@online{iyzvyk:20230623:detecting:bdc70ce, author = {Den Iyzvyk and Tim Peck and T. Peck and O. Kolesnikov and D. Iuzvyk}, title = {{Detecting New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities to Drop Multiple RAT Payloads With Security Analytics}}, date = {2023-06-23}, organization = {Securonix}, url = {https://www.securonix.com/securonix-threat-labs-security-advisory-multistorm-leverages-python-based-loader-as-onedrive-utilities-to-drop-rat-payloads/}, language = {English}, urldate = {2023-07-02} } Detecting New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities to Drop Multiple RAT Payloads With Security Analytics
Ave Maria
2023-05-12SecuronixDen Iyzvyk, Tim Peck, Oleg Kolesnikov
@online{iyzvyk:20230512:ongoing:2bad7b3, author = {Den Iyzvyk and Tim Peck and Oleg Kolesnikov}, title = {{Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads}}, date = {2023-05-12}, organization = {Securonix}, url = {https://www.securonix.com/blog/securonix-threat-labs-security-meme4chan-advisory/}, language = {English}, urldate = {2023-05-16} } Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads
XWorm
2023-04-20SecuronixDen Iyzvyk, Oleg Kolesnikov, Tim Peck
@online{iyzvyk:20230420:new:a864a61, author = {Den Iyzvyk and Oleg Kolesnikov and Tim Peck}, title = {{New OCX#HARVESTER Attack Campaign Leverages a Modernized More_eggs Suite to Target Victims}}, date = {2023-04-20}, organization = {Securonix}, url = {https://www.securonix.com/blog/threat-labs-security-advisory-new-ocxharvester-attack-campaign-leverages-modernized-more_eggs-suite/}, language = {English}, urldate = {2023-04-25} } New OCX#HARVESTER Attack Campaign Leverages a Modernized More_eggs Suite to Target Victims
More_eggs
2023-01-25SecuronixD. Iuzvyk, T. Peck, O. Kolesnikov
@online{iuzvyk:20230125:securonix:866c376, author = {D. Iuzvyk and T. Peck and O. Kolesnikov}, title = {{Securonix Security Advisory: Python-Based PY#RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection}}, date = {2023-01-25}, organization = {Securonix}, url = {https://www.securonix.com/blog/security-advisory-python-based-pyration-attack-campaign/}, language = {English}, urldate = {2023-01-26} } Securonix Security Advisory: Python-Based PY#RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection
PY#RATION
2022-09-28SecuronixD. Iuzvyk, T. Peck, O. Kolesnikov
@online{iuzvyk:20220928:securonix:7e14e6e, author = {D. Iuzvyk and T. Peck and O. Kolesnikov}, title = {{Securonix Threat Labs Security Advisory: Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors}}, date = {2022-09-28}, organization = {Securonix}, url = {https://www.securonix.com/blog/detecting-steepmaverick-new-covert-attack-campaign-targeting-military-contractors/}, language = {English}, urldate = {2022-09-30} } Securonix Threat Labs Security Advisory: Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors
2022-08-29SecuronixD. Iuzvyk, T. Peck, O. Kolesnikov
@online{iuzvyk:20220829:securonix:a15320a, author = {D. Iuzvyk and T. Peck and O. Kolesnikov}, title = {{Securonix Threat Labs Security Advisory: New Golang Attack Campaign GO#WEBBFUSCATOR Leverages Office Macros and James Webb Images to Infect Systems}}, date = {2022-08-29}, organization = {Securonix}, url = {https://www.securonix.com/blog/golang-attack-campaign-gowebbfuscator-leverages-office-macros-and-james-webb-images-to-infect-systems/}, language = {English}, urldate = {2022-09-01} } Securonix Threat Labs Security Advisory: New Golang Attack Campaign GO#WEBBFUSCATOR Leverages Office Macros and James Webb Images to Infect Systems
2022-07-20Securonix Threat LabsD. Iuzvyk, T. Peck, O. Kolesnikov
@online{iuzvyk:20220720:stiffbizon:ae896da, author = {D. Iuzvyk and T. Peck and O. Kolesnikov}, title = {{STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni/APT37 (North Korea) - Securonix}}, date = {2022-07-20}, organization = {Securonix Threat Labs}, url = {https://www.securonix.com/blog/stiffbizon-detection-new-attack-campaign-observed/}, language = {English}, urldate = {2022-07-25} } STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni/APT37 (North Korea) - Securonix
Konni
2022-03-30SecuronixTim Peck, Den Iyzvyk, O. Kolesnikov, T. Peck, D. Iuzvyk, Oleg Kolesnikov
@online{peck:20220330:new:1908f30, author = {Tim Peck and Den Iyzvyk and O. Kolesnikov and T. Peck and D. Iuzvyk and Oleg Kolesnikov}, title = {{New TACTICAL#OCTOPUS Attack Campaign Targets US Entities with Malware Bundled in Tax-Themed Documents}}, date = {2022-03-30}, organization = {Securonix}, url = {https://www.securonix.com/blog/new-tacticaloctopus-attack-campaign-targets-us-entities-with-malware-bundled-in-tax-themed-documents/}, language = {English}, urldate = {2023-04-06} } New TACTICAL#OCTOPUS Attack Campaign Targets US Entities with Malware Bundled in Tax-Themed Documents
2022-03-15SecuronixT. Peck, Oleg Kolesnikov, Den Iyzvyk, Tim Peck
@online{peck:20220315:detecting:b507962, author = {T. Peck and Oleg Kolesnikov and Den Iyzvyk and Tim Peck}, title = {{Detecting EnemyBot – Securonix Initial Coverage Advisory}}, date = {2022-03-15}, organization = {Securonix}, url = {https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/}, language = {English}, urldate = {2023-01-31} } Detecting EnemyBot – Securonix Initial Coverage Advisory
EnemyBot
2022-03SecuronixSecuronix Threat Labs
@online{labs:202203:detecting:6136462, author = {Securonix Threat Labs}, title = {{Detecting the EnemyBot Botnet – Securonix Initial Coverage Advisory}}, date = {2022-03}, organization = {Securonix}, url = {https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory}, language = {English}, urldate = {2022-04-07} } Detecting the EnemyBot Botnet – Securonix Initial Coverage Advisory
EnemyBot
2020-12-08SecuronixOleg Kolesnikov, Den Iyzvyk
@techreport{kolesnikov:20201208:detecting:ba06a76, author = {Oleg Kolesnikov and Den Iyzvyk}, title = {{Detecting SolarWinds/SUNBURST/ECLIPSER Supply Chain Attacks}}, date = {2020-12-08}, institution = {Securonix}, url = {https://www.securonix.com/web/wp-content/uploads/2020/12/threat_research_solarwinds_sunburst_eclipser_supply_chain.pdf}, language = {English}, urldate = {2021-01-10} } Detecting SolarWinds/SUNBURST/ECLIPSER Supply Chain Attacks
SUNBURST
2020-07-28SecuronixOleg Kolesnikov
@techreport{kolesnikov:20200728:detecting:f743725, author = {Oleg Kolesnikov}, title = {{Detecting WastedLocker Ransomware Using Security Analytics}}, date = {2020-07-28}, institution = {Securonix}, url = {https://www.securonix.com/web/wp-content/uploads/2020/08/Securonix_Threat_Research_WastedLocker_Ransomware.pdf}, language = {English}, urldate = {2020-11-04} } Detecting WastedLocker Ransomware Using Security Analytics
WastedLocker
2018-09-11SecuronixOleg Kolesnikov, Harshvardhan Parashar
@online{kolesnikov:20180911:kronososiris:ab69b91, author = {Oleg Kolesnikov and Harshvardhan Parashar}, title = {{KRONOS/Osiris Banking Trojan Attack}}, date = {2018-09-11}, organization = {Securonix}, url = {https://www.securonix.com/securonix-threat-research-kronos-osiris-banking-trojan-attack}, language = {English}, urldate = {2020-01-09} } KRONOS/Osiris Banking Trojan Attack