Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-28SymantecKarthikeyan C Kasiviswanathan, Vishal Kamble
@online{kasiviswanathan:20220428:ransomware:95feafb, author = {Karthikeyan C Kasiviswanathan and Vishal Kamble}, title = {{Ransomware: How Attackers are Breaching Corporate Networks}}, date = {2022-04-28}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ransomware-hive-conti-avoslocker}, language = {English}, urldate = {2022-05-04} } Ransomware: How Attackers are Breaching Corporate Networks
AvosLocker Conti Emotet Hive IcedID PhotoLoader QakBot TrickBot
2022-04-27SymantecThreat Hunter Team
@online{team:20220427:stonefly:15dabdd, author = {Threat Hunter Team}, title = {{Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets}}, date = {2022-04-27}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/stonefly-north-korea-espionage}, language = {English}, urldate = {2022-04-29} } Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets
2022-04-20SymantecThreat Hunter Team
@online{team:20220420:shuckworm:f7b5ef7, author = {Threat Hunter Team}, title = {{Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine}}, date = {2022-04-20}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-intense-campaign-ukraine}, language = {English}, urldate = {2022-04-25} } Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine
Pteranodon
2022-04-14SymantecThreat Hunter Team
@online{team:20220414:lazarus:8e13a88, author = {Threat Hunter Team}, title = {{Lazarus Targets Chemical Sector}}, date = {2022-04-14}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lazarus-dream-job-chemical}, language = {English}, urldate = {2022-04-15} } Lazarus Targets Chemical Sector
2022-04-05SymantecThreat Hunter Team
@online{team:20220405:cicada:67f6b8c, author = {Threat Hunter Team}, title = {{Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity}}, date = {2022-04-05}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-china-ngo-government-attacks}, language = {English}, urldate = {2022-04-07} } Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity
MimiKatz SodaMaster
2022-03-29SymantecThreat Hunter Team
@online{team:20220329:verblecon:0a3286b, author = {Threat Hunter Team}, title = {{Verblecon: Sophisticated New Loader Used in Low-level Attacks}}, date = {2022-03-29}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/verblecon-sophisticated-malware-cryptocurrency-mining-discord}, language = {English}, urldate = {2022-03-30} } Verblecon: Sophisticated New Loader Used in Low-level Attacks
Verblecon
2022-03-16SymantecSymantec Threat Hunter Team
@techreport{team:20220316:ransomware:1c2a72a, author = {Symantec Threat Hunter Team}, title = {{The Ransomware Threat Landscape: What to Expect in 2022}}, date = {2022-03-16}, institution = {Symantec}, url = {https://www.symantec.broadcom.com/hubfs/SED/SED_Threat_Hunter_Reports_Alerts/SED_FY22Q2_SES_Ransomware-Threat-Landscape_WP.pdf}, language = {English}, urldate = {2022-03-22} } The Ransomware Threat Landscape: What to Expect in 2022
AvosLocker BlackCat BlackMatter Conti DarkSide DoppelPaymer Emotet Hive Karma Mespinoza Nemty Squirrelwaffle VegaLocker WastedLocker Yanluowang Zeppelin
2022-03-09SymantecThreat Hunter Team
@online{team:20220309:daxin:18d9025, author = {Threat Hunter Team}, title = {{Daxin Backdoor: In-Depth Analysis, Part Two}}, date = {2022-03-09}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage-analysis}, language = {English}, urldate = {2022-03-10} } Daxin Backdoor: In-Depth Analysis, Part Two
Daxin
2022-03-08SymantecThreat Hunter Team
@online{team:20220308:daxin:04deb91, author = {Threat Hunter Team}, title = {{Daxin Backdoor: In-Depth Analysis, Part One}}, date = {2022-03-08}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-malware-espionage-analysis}, language = {English}, urldate = {2022-03-14} } Daxin Backdoor: In-Depth Analysis, Part One
Daxin
2022-02-28SymantecThreat Hunter Team
@online{team:20220228:daxin:164f01a, author = {Threat Hunter Team}, title = {{Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks}}, date = {2022-02-28}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage}, language = {English}, urldate = {2022-03-01} } Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
Daxin
2022-02-24SymantecSymantec Threat Hunter Team
@online{team:20220224:ukraine:da94adc, author = {Symantec Threat Hunter Team}, title = {{Ukraine: Disk-wiping Attacks Precede Russian Invasion}}, date = {2022-02-24}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia}, language = {English}, urldate = {2022-03-01} } Ukraine: Disk-wiping Attacks Precede Russian Invasion
HermeticWiper
2022-02-23Twitter (@threatintel)Symantec Threat Intelligence
@online{intelligence:20220223:new:7beccbc, author = {Symantec Threat Intelligence}, title = {{Tweet on new wiper malware being used in attacks on Ukraine}}, date = {2022-02-23}, organization = {Twitter (@threatintel)}, url = {https://twitter.com/threatintel/status/1496578746014437376}, language = {English}, urldate = {2022-03-01} } Tweet on new wiper malware being used in attacks on Ukraine
HermeticWiper
2022-02-03SymantecSymantec Threat Hunter Team
@online{team:20220203:antlion:f2f0600, author = {Symantec Threat Hunter Team}, title = {{Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan}}, date = {2022-02-03}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/china-apt-antlion-taiwan-financial-attacks}, language = {English}, urldate = {2022-02-04} } Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan
MimiKatz xPack Antlion
2022-01-31SymantecSymantec Threat Hunter Team
@online{team:20220131:shuckworm:e529180, author = {Symantec Threat Hunter Team}, title = {{Shuckworm Continues Cyber-Espionage Attacks Against Ukraine}}, date = {2022-01-31}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-gamaredon-espionage-ukraine}, language = {English}, urldate = {2022-02-02} } Shuckworm Continues Cyber-Espionage Attacks Against Ukraine
Pteranodon Gamaredon Group
2021-12-23SymantecSiddhesh Chandrayan
@online{chandrayan:20211223:log4j:58ea562, author = {Siddhesh Chandrayan}, title = {{Log4j Vulnerabilities: Attack Insights}}, date = {2021-12-23}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/log4j-vulnerabilities-attacks}, language = {English}, urldate = {2022-01-25} } Log4j Vulnerabilities: Attack Insights
Tsunami Conti Dridex Khonsari Orcus RAT TellYouThePass
2021-12-16SymantecThreat Hunter Team
@online{team:20211216:noberus:da3ac9d, author = {Threat Hunter Team}, title = {{Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware}}, date = {2021-12-16}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/noberus-blackcat-alphv-rust-ransomware}, language = {English}, urldate = {2022-02-07} } Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware
BlackCat
2021-12-14SymantecThreat Hunter Team
@online{team:20211214:espionage:5b6cf02, author = {Threat Hunter Team}, title = {{Espionage Campaign Targets Telecoms Organizations across Middle East and Asia}}, date = {2021-12-14}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-campaign-telecoms-asia-middle-east}, language = {English}, urldate = {2021-12-31} } Espionage Campaign Targets Telecoms Organizations across Middle East and Asia
MimiKatz
2021-12-11SymantecThreat Hunter Team
@online{team:20211211:apache:1350d42, author = {Threat Hunter Team}, title = {{Apache Log4j Zero-Day Being Exploited in the Wild}}, date = {2021-12-11}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/apache-log4j-zero-day}, language = {English}, urldate = {2021-12-31} } Apache Log4j Zero-Day Being Exploited in the Wild
Kaiten
2021-12SymantecSymantec Threat Hunter Team
@techreport{team:202112:threat:f2d2c47, author = {Symantec Threat Hunter Team}, title = {{The Threat Landscape in 2021}}, date = {2021-12}, institution = {Symantec}, url = {https://www.software.broadcom.com/hubfs/SED/SED%20PDF%20Reports/The_Threat_Landscape_2021_12.pdf}, language = {English}, urldate = {2022-02-01} } The Threat Landscape in 2021
2021-11-30BroadcomSymantec Threat Hunter Team
@online{team:20211130:yanluowang:538b90c, author = {Symantec Threat Hunter Team}, title = {{Yanluowang: Further Insights on New Ransomware Threat}}, date = {2021-11-30}, organization = {Broadcom}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-ransomware-attacks-continue}, language = {English}, urldate = {2021-11-30} } Yanluowang: Further Insights on New Ransomware Threat
BazarBackdoor Cobalt Strike FiveHands