Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-19ProofpointJoe Wise, Konstantin Klinger, Selena Larson, Proofpoint Threat Research Team
@online{wise:20210719:new:cb02a85, author = {Joe Wise and Konstantin Klinger and Selena Larson and Proofpoint Threat Research Team}, title = {{New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware}}, date = {2021-07-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-threat-actor-uses-spanish-language-lures-distribute-seldom-observed-bandook}, language = {English}, urldate = {2021-07-26} } New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook
2021-07-01ProofpointSelena Larson, Bryan Campbell
@online{larson:20210701:malware:6c6fb99, author = {Selena Larson and Bryan Campbell}, title = {{Malware Masquerades as Privacy Tool}}, date = {2021-07-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/malware-masquerades-privacy-tool}, language = {English}, urldate = {2021-07-11} } Malware Masquerades as Privacy Tool
2021-06-29ProofpointSelena Larson, Daniel Blackford
@online{larson:20210629:cobalt:99ad5a0, author = {Selena Larson and Daniel Blackford}, title = {{Cobalt Strike: Favorite Tool from APT to Crimeware}}, date = {2021-06-29}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/cobalt-strike-favorite-tool-apt-crimeware}, language = {English}, urldate = {2021-06-29} } Cobalt Strike: Favorite Tool from APT to Crimeware
Cobalt Strike
2021-06-17ProofpointKonstantin Klinger, Dennis Schwarz, Selena Larson
@online{klinger:20210617:new:2641c84, author = {Konstantin Klinger and Dennis Schwarz and Selena Larson}, title = {{New TA402 Molerats Malware Targets Governments in the Middle East}}, date = {2021-06-17}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-ta402-molerats-malware-targets-governments-middle-east}, language = {English}, urldate = {2021-06-21} } New TA402 Molerats Malware Targets Governments in the Middle East
Molerat Loader
2021-06-16ProofpointSelena Larson, Daniel Blackford, Garrett M. Graff
@online{larson:20210616:first:2e436a0, author = {Selena Larson and Daniel Blackford and Garrett M. Graff}, title = {{The First Step: Initial Access Leads to Ransomware}}, date = {2021-06-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/first-step-initial-access-leads-ransomware}, language = {English}, urldate = {2021-06-21} } The First Step: Initial Access Leads to Ransomware
BazarBackdoor Egregor IcedID Maze QakBot REvil Ryuk TrickBot WastedLocker
2021-05-03ProofpointKelsey Merriman, Bryan Campbell, Selena Larson, Proofpoint Threat Research Team
@online{merriman:20210503:new:cd4d275, author = {Kelsey Merriman and Bryan Campbell and Selena Larson and Proofpoint Threat Research Team}, title = {{New Variant of Buer Loader Written in Rust}}, date = {2021-05-03}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust}, language = {English}, urldate = {2021-05-03} } New Variant of Buer Loader Written in Rust
Buer
2021-04-15ProofpointSelena Larson
@online{larson:20210415:threat:cdfef32, author = {Selena Larson}, title = {{Threat Actors Pair Tax-Themed Lures With COVID-19, Healthcare Themes}}, date = {2021-04-15}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/security-briefs/threat-actors-pair-tax-themed-lures-covid-19-healthcare-themes}, language = {English}, urldate = {2021-08-23} } Threat Actors Pair Tax-Themed Lures With COVID-19, Healthcare Themes
Dridex TrickBot
2020-12-16DragosSelena Larson, Camille Singleton, IBM SECURITY X-FORCE
@techreport{larson:20201216:assessing:9a5adb8, author = {Selena Larson and Camille Singleton and IBM SECURITY X-FORCE}, title = {{Assessing Ransomware and Extortion Activities Impacting Industrial Organizations: Ransomware in ICS Environments}}, date = {2020-12-16}, institution = {Dragos}, url = {https://f.hubspotusercontent10.net/hubfs/5943619/Whitepaper-Downloads/Ransomware_in_ICS_Environments_Whitepaper_10_12_20.pdf}, language = {English}, urldate = {2020-12-17} } Assessing Ransomware and Extortion Activities Impacting Industrial Organizations: Ransomware in ICS Environments
REvil
2020-12-10DragosCasey Brooks, Selena Larson
@techreport{brooks:20201210:open:5c64c56, author = {Casey Brooks and Selena Larson}, title = {{Open Source Intelligence}}, date = {2020-12-10}, institution = {Dragos}, url = {https://f.hubspotusercontent10.net/hubfs/5943619/Whitepaper-Downloads/Dragos-OSINT-Framework.pdf}, language = {English}, urldate = {2021-01-01} } Open Source Intelligence