Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-16Team CymruJoshua Picolet
@online{picolet:20210416:transparent:645e443, author = {Joshua Picolet}, title = {{Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021}}, date = {2021-04-16}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/04/16/transparent-tribe-apt-infrastructure-mapping/}, language = {English}, urldate = {2021-04-19} } Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT
2021-03-15Team CymruJosh Hopkins
@online{hopkins:20210315:fin8:838cdc2, author = {Josh Hopkins}, title = {{FIN8: BADHATCH Threat Indicator Enrichmen}}, date = {2021-03-15}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/03/15/fin8-badhatch-threat-indicator-enrichment/}, language = {English}, urldate = {2021-03-18} } FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-02-05Team CymruDavid Monnier
@online{monnier:20210205:kobalos:e8f562f, author = {David Monnier}, title = {{Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping}}, date = {2021-02-05}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/02/05/kobalos-malware-mapping/}, language = {English}, urldate = {2021-02-06} } Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos
2021-01-27Team CymruJames Shank
@online{shank:20210127:taking:fa40609, author = {James Shank}, title = {{Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts}}, date = {2021-01-27}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/01/27/taking-down-emotet/}, language = {English}, urldate = {2021-01-29} } Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts
Emotet
2021-01-26Team CymruJosh Hopkins, Manabu Niseki, CERT-BR
@online{hopkins:20210126:ghostdnsbusters:d295f93, author = {Josh Hopkins and Manabu Niseki and CERT-BR}, title = {{GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure}}, date = {2021-01-26}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2021/01/26/illuminating-ghostdns-infrastructure-part-3/}, language = {English}, urldate = {2021-01-29} } GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure
2021-01-18Twitter (@teamcymru)Team Cymru
@online{cymru:20210118:apt36:e2e83ce, author = {Team Cymru}, title = {{Tweet on APT36 CrimsonRAT C2}}, date = {2021-01-18}, organization = {Twitter (@teamcymru)}, url = {https://twitter.com/teamcymru/status/1351228309632385027}, language = {English}, urldate = {2021-01-21} } Tweet on APT36 CrimsonRAT C2
Crimson RAT
2020-10-07Team CymruBrian Eckman
@online{eckman:20201007:ghostdnsbusters:9a32391, author = {Brian Eckman}, title = {{GhostDNSbusters (Part 2)}}, date = {2020-10-07}, organization = {Team Cymru}, url = {https://team-cymru.com/blog/2020/10/07/ghostdnsbusters-part-2/}, language = {English}, urldate = {2020-10-12} } GhostDNSbusters (Part 2)
2020-09-30Team CymruJames Shank, Jacomo Piccolini
@techreport{shank:20200930:pandamic:f210107, author = {James Shank and Jacomo Piccolini}, title = {{Pandamic: Emissary Pandas in the Middle East}}, date = {2020-09-30}, institution = {Team Cymru}, url = {https://vblocalhost.com/uploads/VB2020-Shank-Piccolini.pdf}, language = {English}, urldate = {2021-04-16} } Pandamic: Emissary Pandas in the Middle East
HyperBro HyperSSL
2020-09-08Team CymruNick Byers, Manabu Niseki, CERT-BR
@online{byers:20200908:ghostdnsbusters:9531dcd, author = {Nick Byers and Manabu Niseki and CERT-BR}, title = {{GhostDNSbusters: Illuminating GhostDNS Infrastructure}}, date = {2020-09-08}, organization = {Team Cymru}, url = {https://team-cymru.com/2020/09/08/ghostdnsbusters/}, language = {English}, urldate = {2020-09-15} } GhostDNSbusters: Illuminating GhostDNS Infrastructure
2020-03-25Team CymruTeam Cymru
@online{cymru:20200325:how:b1d8c31, author = {Team Cymru}, title = {{How the Iranian Cyber Security Agency Detects Emissary Panda Malware}}, date = {2020-03-25}, organization = {Team Cymru}, url = {https://team-cymru.com/2020/03/25/how-the-iranian-cyber-security-agency-detects-emissary-panda-malware/}, language = {English}, urldate = {2020-07-13} } How the Iranian Cyber Security Agency Detects Emissary Panda Malware
HyperBro
2020-02-19Team CymruTeam Cymru
@online{cymru:20200219:azorult:de72301, author = {Team Cymru}, title = {{Azorult – what we see using our own tools}}, date = {2020-02-19}, organization = {Team Cymru}, url = {https://blog.team-cymru.com/2020/02/19/azorult-what-we-see-using-our-own-tools/}, language = {English}, urldate = {2020-02-26} } Azorult – what we see using our own tools
Azorult
2019-07-25Team CymruTeam Cymru
@online{cymru:20190725:unmasking:91638f6, author = {Team Cymru}, title = {{Unmasking AVE_MARIA}}, date = {2019-07-25}, organization = {Team Cymru}, url = {https://blog.team-cymru.com/2019/07/25/unmasking-ave_maria/}, language = {English}, urldate = {2020-01-08} } Unmasking AVE_MARIA
Ave Maria