Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-27ZscalerSudeep Singh, Sahil Antil
@online{singh:20220627:return:a09268a, author = {Sudeep Singh and Sahil Antil}, title = {{Return of the Evilnum APT with updated TTPs and new targets}}, date = {2022-06-27}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-evilnum-apt-updated-ttps-and-new-targets}, language = {English}, urldate = {2022-06-29} } Return of the Evilnum APT with updated TTPs and new targets
EVILNUM EVILNUM
2022-06-17ZscalerSudeep Singh, Kaivalya Khursale
@online{singh:20220617:resurgence:736636f, author = {Sudeep Singh and Kaivalya Khursale}, title = {{Resurgence of Voicemail-themed phishing attacks targeting key industry verticals in the US}}, date = {2022-06-17}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/resurgence-voicemail-themed-phishing-attacks-targeting-key-industry}, language = {English}, urldate = {2022-07-01} } Resurgence of Voicemail-themed phishing attacks targeting key industry verticals in the US
2022-05-19ZscalerSudeep Singh, Santiago Vicente, Brett Stone-Gross
@online{singh:20220519:vidar:1c68f0e, author = {Sudeep Singh and Santiago Vicente and Brett Stone-Gross}, title = {{Vidar distributed through backdoored Windows 11 downloads and abusing Telegram}}, date = {2022-05-19}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/vidar-distributed-through-backdoored-windows-11-downloads-and-abusing}, language = {English}, urldate = {2022-05-25} } Vidar distributed through backdoored Windows 11 downloads and abusing Telegram
Vidar
2022-04-26ZscalerSudeep Singh, Sahil Antil
@online{singh:20220426:naverending:3f4449c, author = {Sudeep Singh and Sahil Antil}, title = {{A "Naver"-ending game of Lazarus APT}}, date = {2022-04-26}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/naver-ending-game-lazarus-apt}, language = {English}, urldate = {2022-07-01} } A "Naver"-ending game of Lazarus APT
2022-01-20ZscalerSahil Antil, Sudeep Singh
@online{antil:20220120:new:2bc6613, author = {Sahil Antil and Sudeep Singh}, title = {{New espionage attack by Molerats APT targeting users in the Middle East}}, date = {2022-01-20}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/new-espionage-attack-molerats-apt-targeting-users-middle-east}, language = {English}, urldate = {2022-01-24} } New espionage attack by Molerats APT targeting users in the Middle East
Spark
2021-09-09ZscalerSudeep Singh, Sahil Antil
@online{singh:20210909:cloudfall:ee21616, author = {Sudeep Singh and Sahil Antil}, title = {{CloudFall Targets Researchers and Scientists Invited to International Military Conferences in Central Asia and Eastern Europe}}, date = {2021-09-09}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/cloudfall-targets-researchers-and-scientists-invited-international-military}, language = {English}, urldate = {2021-09-12} } CloudFall Targets Researchers and Scientists Invited to International Military Conferences in Central Asia and Eastern Europe
2021-06-24ZscalerSudeep Singh, Sahil Antil
@online{singh:20210624:demystifying:e2c5464, author = {Sudeep Singh and Sahil Antil}, title = {{Demystifying the full attack chain of MineBridge RAT}}, date = {2021-06-24}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/demystifying-full-attack-chain-minebridge-rat}, language = {English}, urldate = {2021-06-29} } Demystifying the full attack chain of MineBridge RAT
MINEBRIDGE
2021-03-23ZscalerSudeep Singh, Sahil Antil
@online{singh:20210323:lowvolume:8162a16, author = {Sudeep Singh and Sahil Antil}, title = {{Low-volume multi-stage attack leveraging AzureEdge and Shopify CDNs}}, date = {2021-03-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/low-volume-multi-stage-attack-leveraging-azureedge-and-shopify-cdns}, language = {English}, urldate = {2021-03-30} } Low-volume multi-stage attack leveraging AzureEdge and Shopify CDNs
2021-02-23ZscalerSudeep Singh, Sahil Antil
@online{singh:20210223:return:fed533a, author = {Sudeep Singh and Sahil Antil}, title = {{Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures}}, date = {2021-02-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-minebridge-rat-new-ttps-and-social-engineering-lures}, language = {English}, urldate = {2021-02-25} } Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures
MINEBRIDGE
2020-10-27ZscalerSudeep Singh, Sahil Antil
@online{singh:20201027:apt31:6a72298, author = {Sudeep Singh and Sahil Antil}, title = {{APT-31 leverages COVID-19 vaccine theme and abuses legitimate online services}}, date = {2020-10-27}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/apt-31-leverages-covid-19-vaccine-theme-and-abuses-legitimate-online-services}, language = {English}, urldate = {2020-10-28} } APT-31 leverages COVID-19 vaccine theme and abuses legitimate online services
2020-09-29ZscalerSudeep Singh, Sahil Antil
@online{singh:20200929:targeted:136d828, author = {Sudeep Singh and Sahil Antil}, title = {{Targeted Attacks on Oil and Gas Supply Chain Industries in the Middle East}}, date = {2020-09-29}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/targeted-attacks-oil-and-gas-supply-chain-industries-middle-east}, language = {English}, urldate = {2020-10-04} } Targeted Attacks on Oil and Gas Supply Chain Industries in the Middle East
Azorult
2020-07-17ZscalerSudeep Singh, Kaivalya Khursale
@online{singh:20200717:new:2f385f2, author = {Sudeep Singh and Kaivalya Khursale}, title = {{New Voicemail-Themed Phishing Attacks Use Evasion Techniques and Steal Credentials}}, date = {2020-07-17}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/new-voicemail-themed-phishing-attacks-use-evasion-techniques-and-steal-credentials}, language = {English}, urldate = {2022-07-01} } New Voicemail-Themed Phishing Attacks Use Evasion Techniques and Steal Credentials
2020-06-11ZscalerSudeep Singh, Atinderpal Singh
@online{singh:20200611:return:3a58e44, author = {Sudeep Singh and Atinderpal Singh}, title = {{The Return of the Higaisa APT}}, date = {2020-06-11}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/return-higaisa-apt}, language = {English}, urldate = {2020-06-12} } The Return of the Higaisa APT
Unidentified 076 (Higaisa LNK to Shellcode)
2020-05-29ZscalerSudeep Singh
@online{singh:20200529:shellreset:e80d2c8, author = {Sudeep Singh}, title = {{ShellReset RAT Spread Through Macro-Based Documents Using AppLocker Bypass}}, date = {2020-05-29}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/shellreset-rat-spread-through-macro-based-documents-using-applocker-bypass}, language = {English}, urldate = {2020-06-05} } ShellReset RAT Spread Through Macro-Based Documents Using AppLocker Bypass
Quasar RAT
2020-05-11ZscalerSudeep Singh
@online{singh:20200511:targeted:cf94e5a, author = {Sudeep Singh}, title = {{Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT}}, date = {2020-05-11}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/targeted-attacks-indian-government-and-financial-institutions-using-jsoutprox-rat}, language = {English}, urldate = {2020-05-23} } Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT
JSOutProx
2020-05-11Sudeep Singh
@online{singh:20200511:targeted:9ea90fd, author = {Sudeep Singh}, title = {{Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT}}, date = {2020-05-11}, url = {https://www.zscaler.com/blogs/security-research/targeted-attacks-indian-government-and-financial-institutions-using-jsoutprox-rat}, language = {English}, urldate = {2021-06-01} } Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT
EpicSplit RAT
2020-04-29ZscalerSudeep Singh
@online{singh:20200429:compromised:79b3a7d, author = {Sudeep Singh}, title = {{Compromised Wordpress sites used to distribute Adwind RAT}}, date = {2020-04-29}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/compromised-wordpress-sites-used-distribute-adwind-rat}, language = {English}, urldate = {2020-06-08} } Compromised Wordpress sites used to distribute Adwind RAT
AdWind
2020-04-15ZscalerSudeep Singh
@online{singh:20200415:multistage:c0330fa, author = {Sudeep Singh}, title = {{Multistage FreeDom loader used in Aggah Campaign to spread Nanocore and AZORult}}, date = {2020-04-15}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/multistage-freedom-loader-used-spread-azorult-and-nanocore-rat}, language = {English}, urldate = {2020-06-08} } Multistage FreeDom loader used in Aggah Campaign to spread Nanocore and AZORult
Azorult Nanocore RAT
2018-03-23FireEyeSudeep Singh, Yijie Sui
@online{singh:20180323:sanny:fa60075, author = {Sudeep Singh and Yijie Sui}, title = {{Sanny malware delivery method updated in recently observed attacks.}}, date = {2018-03-23}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/03/sanny-malware-delivery-method-updated-in-recently-observed-attacks.html}, language = {English}, urldate = {2020-06-08} } Sanny malware delivery method updated in recently observed attacks.
Sanny
2018-03-13FireEyeSudeep Singh, Dileep Kumar Jallepalli, Yogesh Londhe, Ben Read
@online{singh:20180313:iranian:3542dc9, author = {Sudeep Singh and Dileep Kumar Jallepalli and Yogesh Londhe and Ben Read}, title = {{Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign}}, date = {2018-03-13}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html}, language = {English}, urldate = {2019-12-20} } Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign
POWERSTATS MuddyWater