Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-14Deep instinctMark Vaitzman, Ron Ben Yizhak, Simon Kenin
@online{vaitzman:20230914:operation:0b13a33, author = {Mark Vaitzman and Ron Ben Yizhak and Simon Kenin}, title = {{Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets}}, date = {2023-09-14}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/operation-rusty-flag-a-malicious-campaign-against-azerbaijanian-targets}, language = {English}, urldate = {2023-09-19} } Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets
Unidentified 110 (RustyFlag)
2023-06-29DeepInstinctSimon Kenin, Deep Instinct Threat Lab
@online{kenin:20230629:phonyc2:fd380e4, author = {Simon Kenin and Deep Instinct Threat Lab}, title = {{PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater}}, date = {2023-06-29}, organization = {DeepInstinct}, url = {https://www.deepinstinct.com/blog/phonyc2-revealing-a-new-malicious-command-control-framework-by-muddywater}, language = {English}, urldate = {2023-07-02} } PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
PhonyC2 POWERSTATS
2023-03-09DeepInstinctSimon Kenin
@online{kenin:20230309:ducktail:1f4fcc3, author = {Simon Kenin}, title = {{DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection}}, date = {2023-03-09}, organization = {DeepInstinct}, url = {https://www.deepinstinct.com/blog/ducktail-threat-operation-re-emerges-with-new-lnk-powershell-and-other-custom-tactics-to-avoid-detection}, language = {English}, urldate = {2023-03-24} } DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL
2022-12-08DeepInstinctSimon Kenin, Deep Instinct Threat Lab
@online{kenin:20221208:new:d8e2d7f, author = {Simon Kenin and Deep Instinct Threat Lab}, title = {{New MuddyWater Threat: Old Kitten; New Tricks}}, date = {2022-12-08}, organization = {DeepInstinct}, url = {https://www.deepinstinct.com/blog/new-muddywater-threat-old-kitten-new-tricks}, language = {English}, urldate = {2022-12-10} } New MuddyWater Threat: Old Kitten; New Tricks
2022-06-01Deep instinctSimon Kenin
@online{kenin:20220601:iranian:c17b320, author = {Simon Kenin}, title = {{Iranian Threat Actor Continues to Develop Mass Exploitation Tools}}, date = {2022-06-01}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/iranian-threat-actor-continues-to-develop-mass-exploitation-tools}, language = {English}, urldate = {2022-07-13} } Iranian Threat Actor Continues to Develop Mass Exploitation Tools
CobaltMirage FRP
2022-03-21DeepInstinctSimon Kenin, Asaf Gilboa
@online{kenin:20220321:what:8802a1d, author = {Simon Kenin and Asaf Gilboa}, title = {{What is Arid Gopher? An Analysis of a New, Never-Before-Seen Malware Variant}}, date = {2022-03-21}, organization = {DeepInstinct}, url = {https://www.deepinstinct.com/blog/arid-gopher-the-newest-micropsia-malware-variant}, language = {English}, urldate = {2022-03-25} } What is Arid Gopher? An Analysis of a New, Never-Before-Seen Malware Variant
Arid Gopher AridHelper
2019-03-14TrustwaveSimon Kenin
@online{kenin:20190314:attacker:807e3e6, author = {Simon Kenin}, title = {{Attacker Tracking Users Seeking Pakistani Passport}}, date = {2019-03-14}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/attacker-tracking-users-seeking-pakistani-passport/}, language = {English}, urldate = {2020-10-02} } Attacker Tracking Users Seeking Pakistani Passport
scanbox
2017-12-19TrustwaveSimon Kenin
@online{kenin:20171219:brickerbot:4cbdce8, author = {Simon Kenin}, title = {{BrickerBot mod_plaintext Analysis}}, date = {2017-12-19}, organization = {Trustwave}, url = {https://www.trustwave.com/Resources/SpiderLabs-Blog/BrickerBot-mod_plaintext-Analysis/}, language = {English}, urldate = {2020-01-08} } BrickerBot mod_plaintext Analysis
BrickerBot