Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-12-27KasperskySeongsu Park
@online{park:20221227:bluenoroff:383c86f, author = {Seongsu Park}, title = {{BlueNoroff introduces new methods bypassing MoTW}}, date = {2022-12-27}, organization = {Kaspersky}, url = {https://securelist.com/bluenoroff-methods-bypass-motw/108383/}, language = {English}, urldate = {2022-12-29} } BlueNoroff introduces new methods bypassing MoTW
LazarLoader
2022-08-25KasperskySeongsu Park
@online{park:20220825:kimsukys:8ae4c1f, author = {Seongsu Park}, title = {{Kimsuky’s GoldDragon cluster and its C2 operations}}, date = {2022-08-25}, organization = {Kaspersky}, url = {https://securelist.com/kimsukys-golddragon-cluster-and-its-c2-operations/107258/}, language = {English}, urldate = {2022-08-28} } Kimsuky’s GoldDragon cluster and its C2 operations
2022-08-13YoutTube (Blue Team Village)Seongsu Park
@online{park:20220813:attribution:a689611, author = {Seongsu Park}, title = {{Attribution and Bias: My terrible mistakes in threat intelligence attribution}}, date = {2022-08-13}, organization = {YoutTube (Blue Team Village)}, url = {https://www.youtube.com/watch?v=rjA0Vf75cYk}, language = {English}, urldate = {2022-09-19} } Attribution and Bias: My terrible mistakes in threat intelligence attribution
AppleJeus Olympic Destroyer
2022-08-09KasperskyKurt Baumgartner, Seongsu Park
@online{baumgartner:20220809:andariel:89d6b24, author = {Kurt Baumgartner and Seongsu Park}, title = {{Andariel deploys DTrack and Maui ransomware}}, date = {2022-08-09}, organization = {Kaspersky}, url = {https://securelist.com/andariel-deploys-dtrack-and-maui-ransomware/107063/}, language = {English}, urldate = {2022-08-11} } Andariel deploys DTrack and Maui ransomware
Dtrack Maui Ransomware
2022-01-13Kaspersky LabsSeongsu Park, Vitaly Kamluk
@online{park:20220113:bluenoroff:a3ce5e4, author = {Seongsu Park and Vitaly Kamluk}, title = {{The BlueNoroff cryptocurrency hunt is still on}}, date = {2022-01-13}, organization = {Kaspersky Labs}, url = {https://securelist.com/the-bluenoroff-cryptocurrency-hunt-is-still-on/105488/}, language = {English}, urldate = {2022-01-17} } The BlueNoroff cryptocurrency hunt is still on
SnatchCrypto
2021-06-15KasperskySeongsu Park
@online{park:20210615:andariel:1e000a0, author = {Seongsu Park}, title = {{Andariel evolves to target South Korea with ransomware}}, date = {2021-06-15}, organization = {Kaspersky}, url = {https://securelist.com/andariel-evolves-to-target-south-korea-with-ransomware/102811/}, language = {English}, urldate = {2021-11-03} } Andariel evolves to target South Korea with ransomware
BISTROMATH PEBBLEDASH Tiger RAT Unidentified 081 (Andariel Ransomware)
2021-02-25Kaspersky LabsVyacheslav Kopeytsev, Seongsu Park
@online{kopeytsev:20210225:lazarus:c887c21, author = {Vyacheslav Kopeytsev and Seongsu Park}, title = {{Lazarus targets defense industry with ThreatNeedle}}, date = {2021-02-25}, organization = {Kaspersky Labs}, url = {https://securelist.com/lazarus-threatneedle/100803/}, language = {English}, urldate = {2021-02-25} } Lazarus targets defense industry with ThreatNeedle
Volgmer
2020-12-23Kaspersky LabsSeongsu Park
@online{park:20201223:lazarus:a1413a8, author = {Seongsu Park}, title = {{Lazarus covets COVID-19-related intelligence}}, date = {2020-12-23}, organization = {Kaspersky Labs}, url = {https://securelist.com/lazarus-covets-covid-19-related-intelligence/99906/}, language = {English}, urldate = {2021-01-04} } Lazarus covets COVID-19-related intelligence
2020-03-30Kaspersky SASSeongsu Park
@techreport{park:20200330:behind:7c5548e, author = {Seongsu Park}, title = {{Behind the Mask of ScarCruft}}, date = {2020-03-30}, institution = {Kaspersky SAS}, url = {https://github.com/ssp4rk/slides/blob/master/2019SAS_Behind_of_the_Mask_of_ScarCruft.pdf}, language = {English}, urldate = {2020-03-31} } Behind the Mask of ScarCruft
RokRAT