Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-06SentinelOneNiranjan Jayanand
@online{jayanand:20220606:from:0fa017a, author = {Niranjan Jayanand}, title = {{From the Front Lines | Another Rebrand? Mindware and SFile Ransomware Technical Breakdown}}, date = {2022-06-06}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/from-the-front-lines-another-rebrand-mindware-and-sfile-ransomware-technical-breakdown/}, language = {English}, urldate = {2022-06-09} } From the Front Lines | Another Rebrand? Mindware and SFile Ransomware Technical Breakdown
Mindware Sfile
2022-05-19SentinelOneJuan Andrés Guerrero-Saade
@online{guerrerosaade:20220519:cratedepression:7453bfd, author = {Juan Andrés Guerrero-Saade}, title = {{CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware}}, date = {2022-05-19}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/cratedepression-rust-supply-chain-attack-infects-cloud-ci-pipelines-with-go-malware/}, language = {English}, urldate = {2022-05-24} } CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
2022-05-09SentinelOneDinesh Devadoss, Phil Stokes
@online{devadoss:20220509:from:658ed35, author = {Dinesh Devadoss and Phil Stokes}, title = {{From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win}}, date = {2022-05-09}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/from-the-front-lines-unsigned-macos-orat-malware-gambles-for-the-win}, language = {English}, urldate = {2022-05-11} } From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win
2022-04-18SentinelOneJames Haughom
@online{haughom:20220418:from:b73f12b, author = {James Haughom}, title = {{From the Front Lines | Peering into A PYSA Ransomware Attack}}, date = {2022-04-18}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/from-the-front-lines-peering-into-a-pysa-ransomware-attack/}, language = {English}, urldate = {2022-04-20} } From the Front Lines | Peering into A PYSA Ransomware Attack
Chisel Chisel Cobalt Strike Mespinoza
2022-03-29SentinelOneJames Haughom, Antonis Terefos, Jim Walter, Jeff Cavanaugh, Nick Fox, Shai Tilias
@online{haughom:20220329:from:5e4b8cc, author = {James Haughom and Antonis Terefos and Jim Walter and Jeff Cavanaugh and Nick Fox and Shai Tilias}, title = {{From the Front Lines | Hive Ransomware Deploys Novel IPfuscation Technique To Avoid Detection}}, date = {2022-03-29}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/hive-ransomware-deploys-novel-ipfuscation-technique/}, language = {English}, urldate = {2022-03-31} } From the Front Lines | Hive Ransomware Deploys Novel IPfuscation Technique To Avoid Detection
Cobalt Strike Hive
2022-03-24SentinelOneAntonio Cocomazzi
@techreport{cocomazzi:20220324:ransomware:be706fa, author = {Antonio Cocomazzi}, title = {{Ransomware Encryption Internals: A Behavioral Characterization}}, date = {2022-03-24}, institution = {SentinelOne}, url = {https://raw.githubusercontent.com/antonioCoco/infosec-talks/main/InsomniHack_2022_Ransomware_Encryption_Internals.pdf}, language = {English}, urldate = {2022-03-25} } Ransomware Encryption Internals: A Behavioral Characterization
Babuk Babuk BlackMatter
2022-03-21SentinelOnePhil Stokes
@online{stokes:20220321:art:6f00b56, author = {Phil Stokes}, title = {{The Art and Science of macOS Malware Hunting with radare2 | Leveraging Xrefs, YARA and Zignatures}}, date = {2022-03-21}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/the-art-and-science-of-macos-malware-hunting-with-radare2-leveraging-xrefs-yara-and-zignatures/}, language = {English}, urldate = {2022-03-25} } The Art and Science of macOS Malware Hunting with radare2 | Leveraging Xrefs, YARA and Zignatures
AbstractEmu Vigram
2022-03-15SentinelOneAmitai Ben Shushan Ehrlich
@online{ehrlich:20220315:threat:7f64477, author = {Amitai Ben Shushan Ehrlich}, title = {{Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software}}, date = {2022-03-15}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/threat-actor-uac-0056-targeting-ukraine-with-fake-translation-software/}, language = {English}, urldate = {2022-03-17} } Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software
Cobalt Strike GraphSteel GrimPlant SaintBear
2022-02-17SentinelOneAmitai Ben, Shushan Ehrlich
@online{ben:20220217:log4j2:aa3e992, author = {Amitai Ben and Shushan Ehrlich}, title = {{Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon}}, date = {2022-02-17}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/log4j2-in-the-wild-iranian-aligned-threat-actor-tunnelvision-actively-exploiting-vmware-horizon/}, language = {English}, urldate = {2022-02-19} } Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
2022-02-09SentinelOneTom Hegel, Juan Andrés Guerrero-Saade
@techreport{hegel:20220209:modified:3c039c6, author = {Tom Hegel and Juan Andrés Guerrero-Saade}, title = {{Modified Elephant APT and a Decade of Fabricating Evidence}}, date = {2022-02-09}, institution = {SentinelOne}, url = {https://www.sentinelone.com/wp-content/uploads/2022/02/Modified-Elephant-APT-and-a-Decade-of-Fabricating-Evidence-SentinelLabs.pdf}, language = {English}, urldate = {2022-02-14} } Modified Elephant APT and a Decade of Fabricating Evidence
DarkComet Incubator NetWire RC
2022-02-01SentinelOnePhil Stokes
@online{stokes:20220201:sneaky:9162ee7, author = {Phil Stokes}, title = {{Sneaky Spies and Backdoor RATs | SysJoker and DazzleSpy Malware Target macOS}}, date = {2022-02-01}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/sneaky-spies-and-backdoor-rats-sysjoker-and-dazzlespy-malware-target-macos/}, language = {English}, urldate = {2022-02-07} } Sneaky Spies and Backdoor RATs | SysJoker and DazzleSpy Malware Target macOS
DazzleSpy SysJoker
2022-01-18SentinelOneJim Walter
@online{walter:20220118:blackcat:39c437d, author = {Jim Walter}, title = {{BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims}}, date = {2022-01-18}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/blackcat-ransomware-highly-configurable-rust-driven-raas-on-the-prowl-for-victims/}, language = {English}, urldate = {2022-01-19} } BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims
BlackCat
2021-12-23SentinelOneJim Walter
@online{walter:20211223:new:1768cb6, author = {Jim Walter}, title = {{New Rook Ransomware Feeds Off the Code of Babuk}}, date = {2021-12-23}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/new-rook-ransomware-feeds-off-the-code-of-babuk/}, language = {English}, urldate = {2021-12-31} } New Rook Ransomware Feeds Off the Code of Babuk
Rook
2021-11-15SentinelOnePhil Stokes
@online{stokes:20211115:infect:a1d440c, author = {Phil Stokes}, title = {{Infect If Needed | A Deeper Dive Into Targeted Backdoor macOS.Macma}}, date = {2021-11-15}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/infect-if-needed-a-deeper-dive-into-targeted-backdoor-macos-macma/}, language = {English}, urldate = {2021-11-17} } Infect If Needed | A Deeper Dive Into Targeted Backdoor macOS.Macma
CDDS
2021-11-11SentinelOneNiranjan Jayanand
@online{jayanand:20211111:is:b8f1a8b, author = {Niranjan Jayanand}, title = {{Is SquirrelWaffle the New Emotet? How to Detect the Latest MalSpam Loader}}, date = {2021-11-11}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/is-squirrelwaffle-the-new-emotet-how-to-detect-the-latest-malspam-loader/}, language = {English}, urldate = {2021-11-12} } Is SquirrelWaffle the New Emotet? How to Detect the Latest MalSpam Loader
Squirrelwaffle
2021-10-18SentinelOneAntonis Terefos
@online{terefos:20211018:karma:04248e2, author = {Antonis Terefos}, title = {{Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree}}, date = {2021-10-18}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/karma-ransomware-an-emerging-threat-with-a-hint-of-nemty-pedigree/}, language = {English}, urldate = {2021-10-24} } Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree
Karma Nemty
2021-09-30SentinelOneAmitai Ben Shushan Ehrlich
@online{ehrlich:20210930:new:c3f26e0, author = {Amitai Ben Shushan Ehrlich}, title = {{New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education}}, date = {2021-09-30}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/new-version-of-apostle-ransomware-reemerges-in-targeted-attack-on-higher-education/}, language = {English}, urldate = {2021-10-11} } New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Apostle
2021-09-20SentinelOnePhil Stokes
@online{stokes:20210920:defeating:452749e, author = {Phil Stokes}, title = {{Defeating macOS Malware Anti-Analysis Tricks with Radare2}}, date = {2021-09-20}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/defeating-macos-malware-anti-analysis-tricks-with-radare2/}, language = {English}, urldate = {2021-10-11} } Defeating macOS Malware Anti-Analysis Tricks with Radare2
EvilQuest
2021-09-13SentinelOneAntonio Pirozzi, Antonio Cocomazzi
@online{pirozzi:20210913:hide:345ced5, author = {Antonio Pirozzi and Antonio Cocomazzi}, title = {{Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms}}, date = {2021-09-13}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/hide-and-seek-new-zloader-infection-chain-comes-with-improved-stealth-and-evasion-mechanisms/}, language = {English}, urldate = {2021-09-14} } Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms
Zloader
2021-09-08SentinelOneJuan Andrés Guerrero-Saade, Igor Tsemakhovich
@techreport{guerrerosaade:20210908:egomaniac:9397249, author = {Juan Andrés Guerrero-Saade and Igor Tsemakhovich}, title = {{Egomaniac: An Unscrupulous Turkish-Nexus Threat Actor}}, date = {2021-09-08}, institution = {SentinelOne}, url = {https://www.sentinelone.com/wp-content/uploads/2021/09/SentinelOne_-SentinelLabs_EGoManiac_WP_V4.pdf}, language = {English}, urldate = {2021-10-24} } Egomaniac: An Unscrupulous Turkish-Nexus Threat Actor
Ahtapot Rad Turkojan