Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-25Github (telekom-security)Fabian Marquardt
@online{marquardt:20230825:darkgate:e063af0, author = {Fabian Marquardt}, title = {{DarkGate configuration extractor}}, date = {2023-08-25}, organization = {Github (telekom-security)}, url = {https://github.com/telekom-security/malware_analysis/blob/main/darkgate/extractor.py}, language = {English}, urldate = {2023-08-25} } DarkGate configuration extractor
DarkGate
2023-08-25TelekomFabian Marquardt
@online{marquardt:20230825:shining:967cdac, author = {Fabian Marquardt}, title = {{Shining some light on the DarkGate loader}}, date = {2023-08-25}, organization = {Telekom}, url = {https://github.security.telekom.com/2023/08/darkgate-loader.html}, language = {English}, urldate = {2023-08-25} } Shining some light on the DarkGate loader
DarkGate
2023-03-31TelekomTR4xx
@online{tr4xx:20230331:moqhao:f4ea395, author = {TR4xx}, title = {{Moqhao masters new tricks}}, date = {2023-03-31}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/moqhao-masters-new-tricks-1031484}, language = {English}, urldate = {2023-04-02} } Moqhao masters new tricks
MoqHao
2021-09-14TelekomThomas Barabosch
@online{barabosch:20210914:flubots:a0b25c3, author = {Thomas Barabosch}, title = {{Flubot’s Smishing Campaigns under the Microscope}}, date = {2021-09-14}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368}, language = {English}, urldate = {2021-09-22} } Flubot’s Smishing Campaigns under the Microscope
Anatsa FluBot
2021-07-14TelekomNils Stünkel
@online{stnkel:20210714:lockdata:b2e5f34, author = {Nils Stünkel}, title = {{LOCKDATA Auction – Another leak marketplace showing the recent shift of ransomware operators}}, date = {2021-07-14}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/lockdata-auction-631300}, language = {English}, urldate = {2021-07-20} } LOCKDATA Auction – Another leak marketplace showing the recent shift of ransomware operators
Cryakl
2021-05-17TelekomThomas Barabosch
@online{barabosch:20210517:lets:04a8b63, author = {Thomas Barabosch}, title = {{Let’s set ice on fire: Hunting and detecting IcedID infections}}, date = {2021-05-17}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/let-s-set-ice-on-fire-hunting-and-detecting-icedid-infections-627240}, language = {English}, urldate = {2021-05-17} } Let’s set ice on fire: Hunting and detecting IcedID infections
IcedID
2021-05-17Github (telekom-security)Deutsche Telekom Security GmbH
@online{gmbh:20210517:icedidanalysis:e985983, author = {Deutsche Telekom Security GmbH}, title = {{icedid_analysis}}, date = {2021-05-17}, organization = {Github (telekom-security)}, url = {https://github.com/telekom-security/icedid_analysis}, language = {English}, urldate = {2021-05-17} } icedid_analysis
IcedID
2020-12-17TelekomThomas Barabosch
@online{barabosch:20201217:smokeloader:937c780, author = {Thomas Barabosch}, title = {{Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs}}, date = {2020-12-17}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/a-new-way-to-encrypt-cc-server-urls-614886}, language = {English}, urldate = {2020-12-18} } Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs
SmokeLoader
2020-10-06TelekomThomas Barabosch
@online{barabosch:20201006:eager:54da318, author = {Thomas Barabosch}, title = {{Eager Beaver: A Short Overview of the Restless Threat Actor TA505}}, date = {2020-10-06}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/eager-beaver-a-short-overview-of-the-restless-threat-actor-ta505-609546}, language = {English}, urldate = {2020-10-08} } Eager Beaver: A Short Overview of the Restless Threat Actor TA505
Clop Get2 SDBbot TA505
2020-06-16TelekomThomas Barabosch
@online{barabosch:20200616:ta505:619f2c6, author = {Thomas Barabosch}, title = {{TA505 returns with a new bag of tricks}}, date = {2020-06-16}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/cybersecurity-ta505-returns-with-a-new-bag-of-tricks-602104}, language = {English}, urldate = {2020-06-18} } TA505 returns with a new bag of tricks
Clop Get2 SDBbot TA505
2020-06-08Christian Haschek's BlogChristian Haschek
@online{haschek:20200608:a1:b166c86, author = {Christian Haschek}, title = {{The A1 Telekom Austria Hack}}, date = {2020-06-08}, organization = {Christian Haschek's Blog}, url = {https://blog.haschek.at/2020/the-a1-telekom-hack.html}, language = {English}, urldate = {2020-06-11} } The A1 Telekom Austria Hack
2020-05-14TelekomThomas Barabosch
@online{barabosch:20200514:lolsnif:c7a2736, author = {Thomas Barabosch}, title = {{LOLSnif – Tracking Another Ursnif-Based Targeted Campaign}}, date = {2020-05-14}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/lolsnif-tracking-another-ursnif-based-targeted-campaign-600062}, language = {English}, urldate = {2020-05-14} } LOLSnif – Tracking Another Ursnif-Based Targeted Campaign
LOLSnif
2020-03-26TelekomThomas Barabosch
@online{barabosch:20200326:ta505s:24d9805, author = {Thomas Barabosch}, title = {{TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer}}, date = {2020-03-26}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/cybersecurity-ta505-s-box-of-chocolate-597672}, language = {English}, urldate = {2020-03-27} } TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer
Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505
2020-03-06TelekomThomas Barabosch
@online{barabosch:20200306:dissecting:809bc54, author = {Thomas Barabosch}, title = {{Dissecting Emotet - Part 2}}, date = {2020-03-06}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/cybersecurity-dissecting-emotet-part-two-596128}, language = {English}, urldate = {2020-03-09} } Dissecting Emotet - Part 2
Emotet
2020-02-03TelekomThomas Barabosch
@online{barabosch:20200203:dissecting:c1a6bca, author = {Thomas Barabosch}, title = {{Dissecting Emotet – Part 1}}, date = {2020-02-03}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/cybersecurity-dissecting-emotet-part-one-592612}, language = {English}, urldate = {2020-02-07} } Dissecting Emotet – Part 1
Emotet
2020-01-14TelekomThomas Barabosch
@online{barabosch:20200114:inside:2187ad3, author = {Thomas Barabosch}, title = {{Inside of CL0P’s ransomware operation}}, date = {2020-01-14}, organization = {Telekom}, url = {https://www.telekom.com/en/blog/group/article/inside-of-cl0p-s-ransomware-operation-615824}, language = {English}, urldate = {2021-01-14} } Inside of CL0P’s ransomware operation
Clop Get2 SDBbot