Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-10splunkSplunk Threat Research Team
@online{team:20220110:detecting:a46a6e5, author = {Splunk Threat Research Team}, title = {{Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021}}, date = {2022-01-10}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-malware-script-loaders-using-remcos-threat-research-release-december-2021.html}, language = {English}, urldate = {2022-01-25} } Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Remcos
2021-11-24SansecSansec Threat Research Team
@online{team:20211124:cronrat:c716236, author = {Sansec Threat Research Team}, title = {{CronRAT malware hides behind February 31st}}, date = {2021-11-24}, organization = {Sansec}, url = {https://sansec.io/research/cronrat}, language = {English}, urldate = {2021-11-29} } CronRAT malware hides behind February 31st
CronRAT
2021-11-18SansecSansec Threat Research Team
@online{team:20211118:linux:c11c884, author = {Sansec Threat Research Team}, title = {{Linux malware agent hits eCommerce sites}}, date = {2021-11-18}, organization = {Sansec}, url = {https://sansec.io/research/ecommerce-malware-linux-avp}, language = {English}, urldate = {2021-11-19} } Linux malware agent hits eCommerce sites
2021-11-11splunkSplunk Threat Research Team
@online{team:20211111:fin7:cd0d233, author = {Splunk Threat Research Team}, title = {{FIN7 Tools Resurface in the Field – Splinter or Copycat?}}, date = {2021-11-11}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/fin7-tools-resurface-in-the-field-splinter-or-copycat.html}, language = {English}, urldate = {2021-11-12} } FIN7 Tools Resurface in the Field – Splinter or Copycat?
JSSLoader Remcos
2021-11-04splunkSplunk Threat Research Team
@online{team:20211104:detecting:d8aba5b, author = {Splunk Threat Research Team}, title = {{Detecting IcedID... Could It Be A Trickbot Copycat?}}, date = {2021-11-04}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-icedid-could-it-be-a-trickbot-copycat.html}, language = {English}, urldate = {2021-11-08} } Detecting IcedID... Could It Be A Trickbot Copycat?
IcedID
2021-07-21splunkSplunk Threat Research Team
@online{team:20210721:detecting:ceb179f, author = {Splunk Threat Research Team}, title = {{Detecting Trickbot with Splunk}}, date = {2021-07-21}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-trickbots.html}, language = {English}, urldate = {2021-07-22} } Detecting Trickbot with Splunk
TrickBot
2021-07-20Advanced threat research team
@online{team:20210720:lazarus:fca9f17, author = {Advanced threat research team}, title = {{Lazarus organizes social engineering attacks on the cryptocurrency industry}}, date = {2021-07-20}, url = {https://mp.weixin.qq.com/s/y-SHoh9f5qwAwqml3uf8vw}, language = {Chinese}, urldate = {2021-07-26} } Lazarus organizes social engineering attacks on the cryptocurrency industry
2021-07-19ProofpointJoe Wise, Konstantin Klinger, Selena Larson, Proofpoint Threat Research Team
@online{wise:20210719:new:cb02a85, author = {Joe Wise and Konstantin Klinger and Selena Larson and Proofpoint Threat Research Team}, title = {{New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware}}, date = {2021-07-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-threat-actor-uses-spanish-language-lures-distribute-seldom-observed-bandook}, language = {English}, urldate = {2021-07-26} } New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook
2021-07-12ProofpointJoshua Miller, Crista Giering, Threat Research Team
@online{miller:20210712:operation:c819876, author = {Joshua Miller and Crista Giering and Threat Research Team}, title = {{Operation SpoofedScholars: A Conversation with TA453}}, date = {2021-07-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/operation-spoofedscholars-conversation-ta453}, language = {English}, urldate = {2021-07-20} } Operation SpoofedScholars: A Conversation with TA453
2021-07-06splunkSplunk Threat Research Team
@online{team:20210706:revil:2420164, author = {Splunk Threat Research Team}, title = {{REvil Ransomware Threat Research Update and Detections}}, date = {2021-07-06}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/revil-ransomware-threat-research-update-and-detections.html}, language = {English}, urldate = {2021-07-26} } REvil Ransomware Threat Research Update and Detections
REvil
2021-06-10splunkSplunk Threat Research Team
@online{team:20210610:detecting:30a8985, author = {Splunk Threat Research Team}, title = {{Detecting Password Spraying Attacks: Threat Research Release May 2021}}, date = {2021-06-10}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-password-spraying-attacks-threat-research-release-may-2021.html}, language = {English}, urldate = {2021-06-21} } Detecting Password Spraying Attacks: Threat Research Release May 2021
2021-05-17splunkSplunk Threat Research Team
@online{team:20210517:darkside:e7a3747, author = {Splunk Threat Research Team}, title = {{DarkSide Ransomware: Splunk Threat Update and Detections}}, date = {2021-05-17}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/darkside-ransomware-splunk-threat-update-and-detections.html}, language = {English}, urldate = {2021-05-19} } DarkSide Ransomware: Splunk Threat Update and Detections
DarkSide
2021-05-03splunkSplunk Threat Research Team
@online{team:20210503:clop:1d24527, author = {Splunk Threat Research Team}, title = {{Clop Ransomware Detection: Threat Research Release, April 2021}}, date = {2021-05-03}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/clop-ransomware-detection-threat-research-release-april-2021.html}, language = {English}, urldate = {2021-05-07} } Clop Ransomware Detection: Threat Research Release, April 2021
Clop
2021-05-03ProofpointKelsey Merriman, Bryan Campbell, Selena Larson, Proofpoint Threat Research Team
@online{merriman:20210503:new:cd4d275, author = {Kelsey Merriman and Bryan Campbell and Selena Larson and Proofpoint Threat Research Team}, title = {{New Variant of Buer Loader Written in Rust}}, date = {2021-05-03}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust}, language = {English}, urldate = {2021-05-03} } New Variant of Buer Loader Written in Rust
Buer
2021-04-13splunkSplunk Threat Research Team
@online{team:20210413:detecting:83655d0, author = {Splunk Threat Research Team}, title = {{Detecting Clop Ransomware}}, date = {2021-04-13}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-clop-ransomware.html}, language = {English}, urldate = {2021-04-14} } Detecting Clop Ransomware
Clop
2021-03-30ProofpointJoshua Miller, Proofpoint Threat Research Team
@online{miller:20210330:badblood:3cab448, author = {Joshua Miller and Proofpoint Threat Research Team}, title = {{BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns}}, date = {2021-03-30}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453-targets-us-and-israeli-medical-research-personnel-credential}, language = {English}, urldate = {2021-03-31} } BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns
2021-03-18ProofpointBrandon Murphy, Dennis Schwarz, Jack Mott, Proofpoint Threat Research Team
@online{murphy:20210318:now:d4bd40e, author = {Brandon Murphy and Dennis Schwarz and Jack Mott and Proofpoint Threat Research Team}, title = {{Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft}}, date = {2021-03-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/now-you-see-it-now-you-dont-copperstealer-performs-widespread-theft}, language = {English}, urldate = {2021-03-19} } Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft
CopperStealer SmokeLoader
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
@online{schwarz:20210310:nimzaloader:f6960d4, author = {Dennis Schwarz and Matthew Mesa and Proofpoint Threat Research Team}, title = {{NimzaLoader: TA800’s New Initial Access Malware}}, date = {2021-03-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/nimzaloader-ta800s-new-initial-access-malware}, language = {English}, urldate = {2021-03-12} } NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-02-25ProofpointMichael Raggi, Proofpoint Threat Research Team
@online{raggi:20210225:ta413:400254c, author = {Michael Raggi and Proofpoint Threat Research Team}, title = {{TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations}}, date = {2021-02-25}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta413-leverages-new-friarfox-browser-extension-target-gmail-accounts-global}, language = {English}, urldate = {2021-02-25} } TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations
scanbox Sepulcher
2021-02-16ProofpointProofpoint Threat Research Team
@online{team:20210216:q4:4a82474, author = {Proofpoint Threat Research Team}, title = {{Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes}}, date = {2021-02-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/q4-2020-threat-report-quarterly-analysis-cybersecurity-trends-tactics-and-themes}, language = {English}, urldate = {2021-05-31} } Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes
Emotet Ryuk NARWHAL SPIDER