Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-07SekoiaJamila B.
@online{b:20230907:my:de66f96, author = {Jamila B.}, title = {{My Tea’s not cold. An overview of China’s cyber threat}}, date = {2023-09-07}, organization = {Sekoia}, url = {https://blog.sekoia.io/my-teas-not-cold-an-overview-of-china-cyber-threat/}, language = {English}, urldate = {2023-09-08} } My Tea’s not cold. An overview of China’s cyber threat
Melofee PingPull SoWaT Sword2033 MgBot MQsTTang PlugX TONESHELL
2023-07-12sekoia
@online{sekoia:20230712:customerloader:56338e3, author = {sekoia}, title = {{CustomerLoader: a new malware distributing a wide variety of payloads}}, date = {2023-07-12}, url = {https://blog.sekoia.io/customerloader-a-new-malware-distributing-a-wide-variety-of-payloads/#h-c2-servers}, language = {English}, urldate = {2023-07-13} } CustomerLoader: a new malware distributing a wide variety of payloads
CustomerLoader
2023-06-29Sekoiasekoia
@online{sekoia:20230629:following:248a859, author = {sekoia}, title = {{Following NoName057(16) DDoSia Project’s Targets}}, date = {2023-06-29}, organization = {Sekoia}, url = {https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/}, language = {English}, urldate = {2023-07-05} } Following NoName057(16) DDoSia Project’s Targets
Dosia
2023-05-22SekoiaJamila B., Kilian Seznec, Charles M.
@online{b:20230522:bluenoroffs:4fd8a5c, author = {Jamila B. and Kilian Seznec and Charles M.}, title = {{Bluenoroff’s RustBucket campaign}}, date = {2023-05-22}, organization = {Sekoia}, url = {https://blog.sekoia.io/bluenoroffs-rustbucket-campaign/}, language = {English}, urldate = {2023-05-30} } Bluenoroff’s RustBucket campaign
RustBucket WebbyTea
2023-05-17SekoiaFélix Aime
@online{aime:20230517:apt28:4906010, author = {Félix Aime}, title = {{APT28 leverages multiple phishing techniques to target Ukrainian civil society}}, date = {2023-05-17}, organization = {Sekoia}, url = {https://blog.sekoia.io/apt28-leverages-multiple-phishing-techniques-to-target-ukrainian-civil-society/}, language = {English}, urldate = {2023-05-25} } APT28 leverages multiple phishing techniques to target Ukrainian civil society
2023-03-16SekoiaThreat & Detection Research Team
@online{team:20230316:peeking:347803a, author = {Threat & Detection Research Team}, title = {{Peeking at Reaper’s surveillance operations}}, date = {2023-03-16}, organization = {Sekoia}, url = {https://blog.sekoia.io/peeking-at-reaper-surveillance-operations-against-north-korea-defectors/}, language = {English}, urldate = {2023-03-20} } Peeking at Reaper’s surveillance operations
Chinotto
2023-02-27SekoiaThreat & Detection Research Team
@online{team:20230227:stealc:ab91413, author = {Threat & Detection Research Team}, title = {{Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 2}}, date = {2023-02-27}, organization = {Sekoia}, url = {https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-2/}, language = {English}, urldate = {2023-03-28} } Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 2
Stealc
2023-02-20SekoiaThreat & Detection Research Team
@online{team:20230220:stealc:e74aaa7, author = {Threat & Detection Research Team}, title = {{Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1}}, date = {2023-02-20}, organization = {Sekoia}, url = {https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-1/}, language = {English}, urldate = {2023-02-21} } Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1
Stealc
2022-12-22Sekoiasekoia
@online{sekoia:20221222:new:0f06190, author = {sekoia}, title = {{New RisePro Stealer distributed by the prominent PrivateLoader}}, date = {2022-12-22}, organization = {Sekoia}, url = {https://blog.sekoia.io/new-risepro-stealer-distributed-by-the-prominent-privateloader/}, language = {English}, urldate = {2022-12-24} } New RisePro Stealer distributed by the prominent PrivateLoader
RisePro
2022-12-16SekoiaThreat & Detection Research Team, Jamila B.
@online{team:20221216:dprk:4abe047, author = {Threat & Detection Research Team and Jamila B.}, title = {{The DPRK delicate sound of cyber}}, date = {2022-12-16}, organization = {Sekoia}, url = {https://blog.sekoia.io/the-dprk-delicate-sound-of-cyber/}, language = {English}, urldate = {2023-09-18} } The DPRK delicate sound of cyber
AppleJeus AppleJeus SnatchCrypto
2022-12-05Sekoiasekoia, Threat & Detection Research Team
@online{sekoia:20221205:calisto:cef50e0, author = {sekoia and Threat & Detection Research Team}, title = {{Calisto show interests into entities involved in Ukraine war support}}, date = {2022-12-05}, organization = {Sekoia}, url = {https://blog.sekoia.io/calisto-show-interests-into-entities-involved-in-ukraine-war-support/}, language = {English}, urldate = {2022-12-06} } Calisto show interests into entities involved in Ukraine war support
2022-11-21Sekoiasekoia, Threat & Detection Research Team
@online{sekoia:20221121:aurora:243140b, author = {sekoia and Threat & Detection Research Team}, title = {{Aurora: a rising stealer flying under the radar}}, date = {2022-11-21}, organization = {Sekoia}, url = {https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/}, language = {English}, urldate = {2022-12-05} } Aurora: a rising stealer flying under the radar
Aurora Stealer
2022-11-02SekoiaThreat & Detection Research Team, sekoia
@online{team:20221102:bluefox:142012b, author = {Threat & Detection Research Team and sekoia}, title = {{BlueFox Stealer: a newcomer designed for traffers teams}}, date = {2022-11-02}, organization = {Sekoia}, url = {https://blog.sekoia.io/bluefox-information-stealer-traffer-maas/}, language = {English}, urldate = {2022-12-05} } BlueFox Stealer: a newcomer designed for traffers teams
Aurora Stealer BlueFox
2022-10-04Twitter (@sekoia_io)sekoia
@online{sekoia:20221004:tweets:49c9f1d, author = {sekoia}, title = {{Tweets detailing operation of Erbium stealer}}, date = {2022-10-04}, organization = {Twitter (@sekoia_io)}, url = {https://twitter.com/sekoia_io/status/1577222282929311744}, language = {English}, urldate = {2022-12-05} } Tweets detailing operation of Erbium stealer
Erbium Stealer
2022-09-22Twitter (@sekoia_io)sekoia
@online{sekoia:20220922:tweets:b2e9079, author = {sekoia}, title = {{Tweets on Lumma stealer}}, date = {2022-09-22}, organization = {Twitter (@sekoia_io)}, url = {https://twitter.com/sekoia_io/status/1572889505497223169}, language = {English}, urldate = {2022-10-14} } Tweets on Lumma stealer
Lumma Stealer
2022-09-15SekoiaThreat & Detection Research Team
@online{team:20220915:privateloader:d88c7b2, author = {Threat & Detection Research Team}, title = {{PrivateLoader: the loader of the prevalent ruzki PPI service}}, date = {2022-09-15}, organization = {Sekoia}, url = {https://blog.sekoia.io/privateloader-the-loader-of-the-prevalent-ruzki-ppi-service/}, language = {English}, urldate = {2022-09-19} } PrivateLoader: the loader of the prevalent ruzki PPI service
Agent Tesla Coinminer DanaBot DCRat Eternity Stealer Glupteba Mars Stealer NetSupportManager RAT Nymaim Nymaim2 Phoenix Keylogger PrivateLoader Raccoon RedLine Stealer SmokeLoader Socelars STOP Vidar YTStealer
2022-08-29SekoiaThreat & Detection Research Team
@online{team:20220829:traffers:8b7930b, author = {Threat & Detection Research Team}, title = {{Traffers: a deep dive into the information stealer ecosystem}}, date = {2022-08-29}, organization = {Sekoia}, url = {https://blog.sekoia.io/traffers-a-deep-dive-into-the-information-stealer-ecosystem}, language = {English}, urldate = {2022-08-31} } Traffers: a deep dive into the information stealer ecosystem
MetaStealer PrivateLoader Raccoon RedLine Stealer Vidar
2022-08-12SekoiaThreat & Detection Research Team
@online{team:20220812:luckymouse:2667f45, author = {Threat & Detection Research Team}, title = {{LuckyMouse uses a backdoored Electron app to target MacOS}}, date = {2022-08-12}, organization = {Sekoia}, url = {https://blog.sekoia.io/luckymouse-uses-a-backdoored-electron-app-to-target-macos/}, language = {English}, urldate = {2022-08-18} } LuckyMouse uses a backdoored Electron app to target MacOS
HyperBro
2022-08-01Twitter (@sekoia_io)sekoia
@online{sekoia:20220801:turlas:ec60a74, author = {sekoia}, title = {{Tweet on Turla's CyberAzov activity}}, date = {2022-08-01}, organization = {Twitter (@sekoia_io)}, url = {https://twitter.com/sekoia_io/status/1554086468104196096}, language = {English}, urldate = {2022-08-02} } Tweet on Turla's CyberAzov activity
CyberAzov
2022-07-28SekoiaThreat & Detection Research Team
@techreport{team:20220728:sekoiaio:2aa9d7b, author = {Threat & Detection Research Team}, title = {{SEKOIA.IO Mid-2022 Ransomware Threat Landscape}}, date = {2022-07-28}, institution = {Sekoia}, url = {https://blog.sekoia.io/wp-content/uploads/2022/07/FLINT_2022_039___Mid_2022_Ransomware_Overview__TLP_WHITE.pdf}, language = {English}, urldate = {2022-08-18} } SEKOIA.IO Mid-2022 Ransomware Threat Landscape