Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-09Area 1Threat Research Team
@online{team:20201109:phishing:a25a567, author = {Threat Research Team}, title = {{Phishing Campaign Threatens Job Security, Drops Bazar and Buer Malware}}, date = {2020-11-09}, organization = {Area 1}, url = {https://www.area1security.com/blog/trickbot-spear-phishing-drops-bazar-buer-malware/}, language = {English}, urldate = {2020-11-18} } Phishing Campaign Threatens Job Security, Drops Bazar and Buer Malware
BazarBackdoor Buer
2020-11-04ProofpointProofpoint Threat Research Team
@online{team:20201104:persistent:3090cff, author = {Proofpoint Threat Research Team}, title = {{Persistent Actor Targets Ledger Cryptocurrency Wallets}}, date = {2020-11-04}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/persistent-actor-targets-ledger-cryptocurrency-wallets}, language = {English}, urldate = {2020-11-09} } Persistent Actor Targets Ledger Cryptocurrency Wallets
2020-10-21ProofpointCory Altheide, DAnon, Sam S., Proofpoint Threat Research Team
@online{altheide:20201021:media:fce4b18, author = {Cory Altheide and DAnon and Sam S. and Proofpoint Threat Research Team}, title = {{Media Coverage Doesn’t Deter Actor From Threatening Democratic Voters}}, date = {2020-10-21}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/media-coverage-doesnt-deter-actor-threatening-democratic-voters}, language = {English}, urldate = {2020-10-26} } Media Coverage Doesn’t Deter Actor From Threatening Democratic Voters
2020-10-16ProofpointCassandra A., Proofpoint Threat Research Team
@online{a:20201016:geofenced:8c31198, author = {Cassandra A. and Proofpoint Threat Research Team}, title = {{Geofenced Amazon Japan Credential Phishing Volumes Rival Emotet}}, date = {2020-10-16}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/geofenced-amazon-japan-credential-phishing-volumes-rival-emotet}, language = {English}, urldate = {2020-10-23} } Geofenced Amazon Japan Credential Phishing Volumes Rival Emotet
Emotet
2020-10-01ProofpointAxel F, Proofpoint Threat Research Team
@online{f:20201001:emotet:59780d9, author = {Axel F and Proofpoint Threat Research Team}, title = {{Emotet Makes Timely Adoption of Political and Elections Lures}}, date = {2020-10-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/emotet-makes-timely-adoption-political-and-elections-lures}, language = {English}, urldate = {2020-10-05} } Emotet Makes Timely Adoption of Political and Elections Lures
Emotet
2020-09-29ProofpointProofpoint Threat Research Team
@online{team:20200929:ta2552:09290fc, author = {Proofpoint Threat Research Team}, title = {{TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks}}, date = {2020-09-29}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta2552-uses-oauth-access-token-phishing-exploit-read-only-risks}, language = {English}, urldate = {2020-10-05} } TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks
2020-08-28ProofpointAxel F, Proofpoint Threat Research Team
@online{f:20200828:comprehensive:df5ff9b, author = {Axel F and Proofpoint Threat Research Team}, title = {{A Comprehensive Look at Emotet’s Summer 2020 Return}}, date = {2020-08-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/comprehensive-look-emotets-summer-2020-return}, language = {English}, urldate = {2020-08-30} } A Comprehensive Look at Emotet’s Summer 2020 Return
Emotet MUMMY SPIDER
2020-08-26ProofpointProofpoint Threat Research Team
@online{team:20200826:threat:e6d1646, author = {Proofpoint Threat Research Team}, title = {{Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages}}, date = {2020-08-26}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/threat-actor-profile-ta2719-uses-colorful-lures-deliver-rats-local-languages}, language = {English}, urldate = {2020-09-01} } Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages
AsyncRAT Nanocore RAT
2020-07-08Trend MicroTrend Micro Threat Research Team
@online{team:20200708:ransomware:90c8636, author = {Trend Micro Threat Research Team}, title = {{Ransomware Report: Avaddon and New Techniques Emerge, Industrial Sector Targeted}}, date = {2020-07-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-report-avaddon-and-new-techniques-emerge-industrial-sector-targeted}, language = {English}, urldate = {2020-07-30} } Ransomware Report: Avaddon and New Techniques Emerge, Industrial Sector Targeted
Avaddon Ransomware
2020-07-06SansecSansec Threat Research Team
@online{team:20200706:north:1fb54b4, author = {Sansec Threat Research Team}, title = {{North Korean hackers implicated in stealing from US and European shoppers}}, date = {2020-07-06}, organization = {Sansec}, url = {https://sansec.io/research/north-korea-magecart}, language = {English}, urldate = {2020-07-06} } North Korean hackers implicated in stealing from US and European shoppers
magecart
2020-06-22ProofpointSherrod DeGrippo, Proofpoint Threat Research Team
@online{degrippo:20200622:hakbit:4d8be82, author = {Sherrod DeGrippo and Proofpoint Threat Research Team}, title = {{Hakbit Ransomware Campaign Against Germany, Austria, Switzerland}}, date = {2020-06-22}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/hakbit-ransomware-campaign-against-germany-austria-switzerland}, language = {English}, urldate = {2020-06-23} } Hakbit Ransomware Campaign Against Germany, Austria, Switzerland
CloudEyE Hakbit
2020-06-15SansecSansec Threat Research Team
@online{team:20200615:magecart:09274cd, author = {Sansec Threat Research Team}, title = {{Magecart strikes amid Corona lockdown}}, date = {2020-06-15}, organization = {Sansec}, url = {https://sansec.io/research/magecart-corona-lockdown}, language = {English}, urldate = {2020-06-16} } Magecart strikes amid Corona lockdown
magecart
2020-06-08ProofpointMichael Raggi, Dennis Schwarz, Georgi Mladenov, Proofpoint Threat Research Team
@online{raggi:20200608:ta410:f838522, author = {Michael Raggi and Dennis Schwarz and Georgi Mladenov and Proofpoint Threat Research Team}, title = {{TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware}}, date = {2020-06-08}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta410-group-behind-lookback-attacks-against-us-utilities-sector-returns-new}, language = {English}, urldate = {2020-06-09} } TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware
FlowCloud Lookback TA410
2020-05-20ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
@online{schwarz:20200520:zloader:e3c523e, author = {Dennis Schwarz and Matthew Mesa and Proofpoint Threat Research Team}, title = {{ZLoader Loads Again: New ZLoader Variant Returns}}, date = {2020-05-20}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/zloader-loads-again-new-zloader-variant-returns}, language = {English}, urldate = {2020-05-23} } ZLoader Loads Again: New ZLoader Variant Returns
Zloader
2020-04-23ProofpointProofpoint Threat Research Team
@online{team:20200423:threat:af989e1, author = {Proofpoint Threat Research Team}, title = {{Threat Actors Repurpose Hupigon in Adult Dating Attacks Targeting US Universities}}, date = {2020-04-23}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/threat-actors-repurpose-hupigon-adult-dating-attacks-targeting-us-universities}, language = {English}, urldate = {2020-05-02} } Threat Actors Repurpose Hupigon in Adult Dating Attacks Targeting US Universities
Hupigon
2020-03-05ProofpointProofpoint Threat Research Team
@online{team:20200305:guloader:9972f51, author = {Proofpoint Threat Research Team}, title = {{GuLoader: A Popular New VB6 Downloader that Abuses Cloud Services}}, date = {2020-03-05}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/guloader-popular-new-vb6-downloader-abuses-cloud-services}, language = {English}, urldate = {2020-03-05} } GuLoader: A Popular New VB6 Downloader that Abuses Cloud Services
2019-12-11Threat VectorCylance Threat Research Team
@online{team:20191211:zeppelin:dea0202, author = {Cylance Threat Research Team}, title = {{Zeppelin: Russian Ransomware Targets High Profile Users in the U.S. and Europe}}, date = {2019-12-11}, organization = {Threat Vector}, url = {https://threatvector.cylance.com/en_us/home/zeppelin-russian-ransomware-targets-high-profile-users-in-the-us-and-europe.html}, language = {English}, urldate = {2019-12-15} } Zeppelin: Russian Ransomware Targets High Profile Users in the U.S. and Europe
Zeppelin Ransomware
2019-08-28CylanceCylance Threat Research Team
@online{team:20190828:inside:c3051c2, author = {Cylance Threat Research Team}, title = {{Inside the APT28 DLL Backdoor Blitz}}, date = {2019-08-28}, organization = {Cylance}, url = {https://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html}, language = {English}, urldate = {2020-01-06} } Inside the APT28 DLL Backdoor Blitz
PocoDown
2019-07-10CylanceCylance Threat Research Team
@online{team:20190710:flirting:dbf23d3, author = {Cylance Threat Research Team}, title = {{Flirting With IDA and APT28}}, date = {2019-07-10}, organization = {Cylance}, url = {https://threatvector.cylance.com/en_us/home/flirting-with-ida-and-apt28.html}, language = {English}, urldate = {2020-01-06} } Flirting With IDA and APT28
PocoDown
2019-07-10AnomaliThreat Research Team
@online{team:20190710:ech0raix:b334de7, author = {Threat Research Team}, title = {{The eCh0raix Ransomware}}, date = {2019-07-10}, organization = {Anomali}, url = {https://www.anomali.com/blog/the-ech0raix-ransomware}, language = {English}, urldate = {2020-01-10} } The eCh0raix Ransomware
QNAPCrypt