Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-17SymantecThreat Hunter Team
@online{team:20201117:japanlinked:42c6320, author = {Threat Hunter Team}, title = {{Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign}}, date = {2020-11-17}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-japan-espionage}, language = {English}, urldate = {2020-11-19} } Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign
Quasar RAT
2020-10-21SymantecThreat Hunter Team
@online{team:20201021:seedworm:7df9e09, author = {Threat Hunter Team}, title = {{Seedworm: Iran-Linked Group Continues to Target Organizations in the Middle East}}, date = {2020-10-21}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/seedworm-apt-iran-middle-east}, language = {English}, urldate = {2020-10-23} } Seedworm: Iran-Linked Group Continues to Target Organizations in the Middle East
PowGoop
2020-10-12SymantecThreat Hunter Team
@online{team:20201012:trickbot:5c1e5bf, author = {Threat Hunter Team}, title = {{Trickbot: U.S. Court Order Hits Botnet’s Infrastructure}}, date = {2020-10-12}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/trickbot-botnet-ransomware-disruption}, language = {English}, urldate = {2020-10-12} } Trickbot: U.S. Court Order Hits Botnet’s Infrastructure
Ryuk TrickBot
2020-09-29SymantecThreat Hunter Team
@online{team:20200929:palmerworm:4a96e3b, author = {Threat Hunter Team}, title = {{Palmerworm: Espionage Gang Targets the Media, Finance, and Other Sectors}}, date = {2020-09-29}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/palmerworm-blacktech-espionage-apt}, language = {English}, urldate = {2020-10-04} } Palmerworm: Espionage Gang Targets the Media, Finance, and Other Sectors
KIVARS PLEAD
2020-09-18SymantecThreat Hunter Team
@online{team:20200918:elfin:dff6499, author = {Threat Hunter Team}, title = {{Elfin: Latest U.S. Indictments Appear to Target Iranian Espionage Group}}, date = {2020-09-18}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/elfin-indictments-iran-espionage}, language = {English}, urldate = {2020-09-23} } Elfin: Latest U.S. Indictments Appear to Target Iranian Espionage Group
Nanocore RAT
2020-09-18SymantecThreat Hunter Team
@online{team:20200918:apt41:363daa8, author = {Threat Hunter Team}, title = {{APT41: Indictments Put Chinese Espionage Group in the Spotlight}}, date = {2020-09-18}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/apt41-indictments-china-espionage}, language = {English}, urldate = {2020-09-23} } APT41: Indictments Put Chinese Espionage Group in the Spotlight
CROSSWALK PlugX poisonplug ShadowPad Winnti
2020-08-31SymantecThreat Hunter Team
@techreport{team:20200831:sophisticated:7cf4dfe, author = {Threat Hunter Team}, title = {{Sophisticated Groups and Cyber Criminals Set Sights on Lucrative Financial Sector}}, date = {2020-08-31}, institution = {Symantec}, url = {https://symantec.broadcom.com/hubfs/SED-Threats-Financial-Sector.pdf}, language = {English}, urldate = {2020-09-23} } Sophisticated Groups and Cyber Criminals Set Sights on Lucrative Financial Sector
WastedLocker
2020-06-26SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200626:wastedlocker:0e9c75c, author = {Critical Attack Discovery and Intelligence Team}, title = {{WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations}}, date = {2020-06-26}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/wastedlocker-ransomware-us}, language = {English}, urldate = {2020-06-26} } WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations
WastedLocker
2020-06-23SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200623:sodinokibi:7eff193, author = {Critical Attack Discovery and Intelligence Team}, title = {{Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike}}, date = {2020-06-23}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/sodinokibi-ransomware-cobalt-strike-pos}, language = {English}, urldate = {2020-06-23} } Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike
Cobalt Strike REvil
2020-05-19SymantecCritical Attack Discovery and Intelligence Team
@online{team:20200519:sophisticated:023b1bd, author = {Critical Attack Discovery and Intelligence Team}, title = {{Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia}}, date = {2020-05-19}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/greenbug-espionage-telco-south-asia}, language = {English}, urldate = {2020-05-20} } Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia
ISMAgent ISMDoor
2020-05-14paloalto Networks Unit 42Ruchna Nigam
@online{nigam:20200514:mirai:65d9d83, author = {Ruchna Nigam}, title = {{Mirai and Hoaxcalls Botnets Target Legacy Symantec Web Gateways}}, date = {2020-05-14}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/hoaxcalls-mirai-target-legacy-symantec-web-gateways/}, language = {English}, urldate = {2020-05-18} } Mirai and Hoaxcalls Botnets Target Legacy Symantec Web Gateways
Bashlite Mirai
2020-03-30SymantecNguyen Hoang Giang, Mingwei Zhang
@online{giang:20200330:emotet:6034d14, author = {Nguyen Hoang Giang and Mingwei Zhang}, title = {{Emotet: Dangerous Malware Keeps on Evolving}}, date = {2020-03-30}, organization = {Symantec}, url = {https://medium.com/threat-intel/emotet-dangerous-malware-keeps-on-evolving-ac84aadbb8de}, language = {English}, urldate = {2020-04-01} } Emotet: Dangerous Malware Keeps on Evolving
Emotet
2019-11-04SymantecNguyen Hoang Giang, Eduardo Altares, Muhammad Hasib Latif
@online{giang:20191104:nemty:6f237c6, author = {Nguyen Hoang Giang and Eduardo Altares and Muhammad Hasib Latif}, title = {{Nemty Ransomware Expands Its Reach, Also Delivered by Trik Botnet}}, date = {2019-11-04}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/nemty-ransomware-trik-botnet}, language = {English}, urldate = {2020-06-02} } Nemty Ransomware Expands Its Reach, Also Delivered by Trik Botnet
Nemty Phorpiex
2019-09-18SymantecSecurity Response Attack Investigation Team
@online{team:20190918:tortoiseshell:4881fc1, author = {Security Response Attack Investigation Team}, title = {{Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks}}, date = {2019-09-18}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/tortoiseshell-apt-supply-chain}, language = {English}, urldate = {2020-01-13} } Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
SysKit Tortoiseshell
2019-06-24SymantecBenjamin Moench
@online{moench:20190624:backdoorpowerton:0fef32a, author = {Benjamin Moench}, title = {{Backdoor.Powerton}}, date = {2019-06-24}, organization = {Symantec}, url = {https://www.symantec.com/security-center/writeup/2019-062513-4935-99}, language = {English}, urldate = {2020-01-12} } Backdoor.Powerton
POWERTON
2019-06-20SymantecSymantec DeepSight Adversary Intelligence Team, Symantec Network Protection Security Labs
@online{team:20190620:waterbug:9c50dd1, author = {Symantec DeepSight Adversary Intelligence Team and Symantec Network Protection Security Labs}, title = {{Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments}}, date = {2019-06-20}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/waterbug-espionage-governments}, language = {English}, urldate = {2020-01-13} } Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments
LightNeuron
2019-05-07SymantecSecurity Response Attack Investigation Team
@online{team:20190507:buckeye:a4cf7d8, author = {Security Response Attack Investigation Team}, title = {{Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak}}, date = {2019-05-07}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit}, language = {English}, urldate = {2020-01-13} } Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak
DoublePulsar
2019-04-24SymantecSymantec Response Attack Investigation Team
@online{team:20190424:beapy:47836e9, author = {Symantec Response Attack Investigation Team}, title = {{Beapy: Cryptojacking Worm Hits Enterprises in China}}, date = {2019-04-24}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/beapy-cryptojacking-worm-china}, language = {English}, urldate = {2020-01-09} } Beapy: Cryptojacking Worm Hits Enterprises in China
Beapy
2019-03-27SymantecCritical Attack Discovery and Intelligence Team
@online{team:20190327:elfin:d90a330, author = {Critical Attack Discovery and Intelligence Team}, title = {{Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.}}, date = {2019-03-27}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/threat-intelligence/elfin-apt33-espionage}, language = {English}, urldate = {2020-04-21} } Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.
DarkComet MimiKatz Nanocore RAT NetWire RC pupy Quasar RAT Remcos StoneDrill TURNEDUP APT33
2019-03-27SymantecSecurity Response Attack Investigation Team
@online{team:20190327:elfin:836cc39, author = {Security Response Attack Investigation Team}, title = {{Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.}}, date = {2019-03-27}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/elfin-apt33-espionage}, language = {English}, urldate = {2020-01-06} } Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.
DarkComet Nanocore RAT pupy Quasar RAT Remcos TURNEDUP APT33