Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-21splunkSplunk Threat Research Team
@online{team:20210721:detecting:ceb179f, author = {Splunk Threat Research Team}, title = {{Detecting Trickbot with Splunk}}, date = {2021-07-21}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-trickbots.html}, language = {English}, urldate = {2021-07-22} } Detecting Trickbot with Splunk
TrickBot
2021-07-20Advanced threat research team
@online{team:20210720:lazarus:fca9f17, author = {Advanced threat research team}, title = {{Lazarus organizes social engineering attacks on the cryptocurrency industry}}, date = {2021-07-20}, url = {https://mp.weixin.qq.com/s/y-SHoh9f5qwAwqml3uf8vw}, language = {Chinese}, urldate = {2021-07-26} } Lazarus organizes social engineering attacks on the cryptocurrency industry
2021-07-19ProofpointJoe Wise, Konstantin Klinger, Selena Larson, Proofpoint Threat Research Team
@online{wise:20210719:new:cb02a85, author = {Joe Wise and Konstantin Klinger and Selena Larson and Proofpoint Threat Research Team}, title = {{New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware}}, date = {2021-07-19}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-threat-actor-uses-spanish-language-lures-distribute-seldom-observed-bandook}, language = {English}, urldate = {2021-07-26} } New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook
2021-07-12ProofpointJoshua Miller, Crista Giering, Threat Research Team
@online{miller:20210712:operation:c819876, author = {Joshua Miller and Crista Giering and Threat Research Team}, title = {{Operation SpoofedScholars: A Conversation with TA453}}, date = {2021-07-12}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/operation-spoofedscholars-conversation-ta453}, language = {English}, urldate = {2021-07-20} } Operation SpoofedScholars: A Conversation with TA453
2021-07-06splunkSplunk Threat Research Team
@online{team:20210706:revil:2420164, author = {Splunk Threat Research Team}, title = {{REvil Ransomware Threat Research Update and Detections}}, date = {2021-07-06}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/revil-ransomware-threat-research-update-and-detections.html}, language = {English}, urldate = {2021-07-26} } REvil Ransomware Threat Research Update and Detections
REvil
2021-06-10splunkSplunk Threat Research Team
@online{team:20210610:detecting:30a8985, author = {Splunk Threat Research Team}, title = {{Detecting Password Spraying Attacks: Threat Research Release May 2021}}, date = {2021-06-10}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-password-spraying-attacks-threat-research-release-may-2021.html}, language = {English}, urldate = {2021-06-21} } Detecting Password Spraying Attacks: Threat Research Release May 2021
2021-05-17splunkSplunk Threat Research Team
@online{team:20210517:darkside:e7a3747, author = {Splunk Threat Research Team}, title = {{DarkSide Ransomware: Splunk Threat Update and Detections}}, date = {2021-05-17}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/darkside-ransomware-splunk-threat-update-and-detections.html}, language = {English}, urldate = {2021-05-19} } DarkSide Ransomware: Splunk Threat Update and Detections
DarkSide
2021-05-03splunkSplunk Threat Research Team
@online{team:20210503:clop:1d24527, author = {Splunk Threat Research Team}, title = {{Clop Ransomware Detection: Threat Research Release, April 2021}}, date = {2021-05-03}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/clop-ransomware-detection-threat-research-release-april-2021.html}, language = {English}, urldate = {2021-05-07} } Clop Ransomware Detection: Threat Research Release, April 2021
Clop
2021-05-03ProofpointKelsey Merriman, Bryan Campbell, Selena Larson, Proofpoint Threat Research Team
@online{merriman:20210503:new:cd4d275, author = {Kelsey Merriman and Bryan Campbell and Selena Larson and Proofpoint Threat Research Team}, title = {{New Variant of Buer Loader Written in Rust}}, date = {2021-05-03}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust}, language = {English}, urldate = {2021-05-03} } New Variant of Buer Loader Written in Rust
Buer
2021-04-13splunkSplunk Threat Research Team
@online{team:20210413:detecting:83655d0, author = {Splunk Threat Research Team}, title = {{Detecting Clop Ransomware}}, date = {2021-04-13}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-clop-ransomware.html}, language = {English}, urldate = {2021-04-14} } Detecting Clop Ransomware
Clop
2021-03-30ProofpointJoshua Miller, Proofpoint Threat Research Team
@online{miller:20210330:badblood:3cab448, author = {Joshua Miller and Proofpoint Threat Research Team}, title = {{BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns}}, date = {2021-03-30}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453-targets-us-and-israeli-medical-research-personnel-credential}, language = {English}, urldate = {2021-03-31} } BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns
2021-03-18ProofpointBrandon Murphy, Dennis Schwarz, Jack Mott, Proofpoint Threat Research Team
@online{murphy:20210318:now:d4bd40e, author = {Brandon Murphy and Dennis Schwarz and Jack Mott and Proofpoint Threat Research Team}, title = {{Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft}}, date = {2021-03-18}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/now-you-see-it-now-you-dont-copperstealer-performs-widespread-theft}, language = {English}, urldate = {2021-03-19} } Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft
CopperStealer SmokeLoader
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
@online{schwarz:20210310:nimzaloader:f6960d4, author = {Dennis Schwarz and Matthew Mesa and Proofpoint Threat Research Team}, title = {{NimzaLoader: TA800’s New Initial Access Malware}}, date = {2021-03-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/nimzaloader-ta800s-new-initial-access-malware}, language = {English}, urldate = {2021-03-12} } NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-02-25ProofpointMichael Raggi, Proofpoint Threat Research Team
@online{raggi:20210225:ta413:400254c, author = {Michael Raggi and Proofpoint Threat Research Team}, title = {{TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations}}, date = {2021-02-25}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta413-leverages-new-friarfox-browser-extension-target-gmail-accounts-global}, language = {English}, urldate = {2021-02-25} } TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations
scanbox Sepulcher
2021-02-16ProofpointProofpoint Threat Research Team
@online{team:20210216:q4:4a82474, author = {Proofpoint Threat Research Team}, title = {{Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes}}, date = {2021-02-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/q4-2020-threat-report-quarterly-analysis-cybersecurity-trends-tactics-and-themes}, language = {English}, urldate = {2021-05-31} } Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes
Emotet Ryuk NARWHAL SPIDER
2021-02-11ProofpointProofpoint Threat Research Team
@online{team:20210211:baza:41ddf2c, author = {Proofpoint Threat Research Team}, title = {{A Baza Valentine’s Day}}, date = {2021-02-11}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/baza-valentines-day}, language = {English}, urldate = {2021-02-25} } A Baza Valentine’s Day
BazarBackdoor
2021-02-06Clairvoyance Security LabAdvanced threat research team
@online{team:20210206:mo:c85d4df, author = {Advanced threat research team}, title = {{Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises}}, date = {2021-02-06}, organization = {Clairvoyance Security Lab}, url = {https://mp.weixin.qq.com/s/fsesosMnKIfAi_I9I0wKSA}, language = {Chinese}, urldate = {2021-02-09} } Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises
Ave Maria
2020-12-07ProofpointProofpoint Threat Research Team
@online{team:20201207:commodity:027b864, author = {Proofpoint Threat Research Team}, title = {{Commodity .NET Packers use Embedded Images to Hide Payloads}}, date = {2020-12-07}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/commodity-net-packers-use-embedded-images-hide-payloads}, language = {English}, urldate = {2020-12-10} } Commodity .NET Packers use Embedded Images to Hide Payloads
Agent Tesla Loki Password Stealer (PWS) Remcos
2020-12-02SansecSansec Threat Research Team
@online{team:20201202:persistent:4f26f93, author = {Sansec Threat Research Team}, title = {{Persistent parasite in EOL Magento 2 stores wakes at Black Friday}}, date = {2020-12-02}, organization = {Sansec}, url = {https://sansec.io/research/magento-2-persistent-parasite}, language = {English}, urldate = {2020-12-14} } Persistent parasite in EOL Magento 2 stores wakes at Black Friday
magecart
2020-11-26SansecSansec Threat Research Team
@online{team:20201126:payment:0a8e1d5, author = {Sansec Threat Research Team}, title = {{Payment skimmer hides in social media buttons}}, date = {2020-11-26}, organization = {Sansec}, url = {https://sansec.io/research/svg-malware}, language = {English}, urldate = {2020-12-08} } Payment skimmer hides in social media buttons