Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-27ThreatConnectThreatConnect Research Team
@online{team:20210127:crimsonias:866281c, author = {ThreatConnect Research Team}, title = {{CrimsonIAS: Listening for an 3v1l User}}, date = {2021-01-27}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/crimsonias-listening-for-an-3v1l-user/}, language = {English}, urldate = {2021-02-02} } CrimsonIAS: Listening for an 3v1l User
CrimsonIAS
2020-12-18ThreatConnectThreatConnect
@online{threatconnect:20201218:tracking:765f272, author = {ThreatConnect}, title = {{Tracking Sunburst-Related Activity with ThreatConnect Dashboards}}, date = {2020-12-18}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/tracking-sunburst-related-activity-with-threatconnect-dashboards}, language = {English}, urldate = {2020-12-19} } Tracking Sunburst-Related Activity with ThreatConnect Dashboards
SUNBURST
2020-12-15ThreatConnectThreatConnect Research Team
@online{team:20201215:infrastructure:9014a28, author = {ThreatConnect Research Team}, title = {{Infrastructure Research and Hunting: Boiling the Domain Ocean}}, date = {2020-12-15}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/infrastructure-research-hunting/}, language = {English}, urldate = {2020-12-17} } Infrastructure Research and Hunting: Boiling the Domain Ocean
2020-10-30Github (ThreatConnect-Inc)ThreatConnect
@online{threatconnect:20201030:unc:b3ae3d0, author = {ThreatConnect}, title = {{UNC 1878 Indicators from Threatconnect}}, date = {2020-10-30}, organization = {Github (ThreatConnect-Inc)}, url = {https://github.com/ThreatConnect-Inc/research-team/blob/master/IOCs/WizardSpider-UNC1878-Ryuk.csv}, language = {English}, urldate = {2020-11-06} } UNC 1878 Indicators from Threatconnect
BazarBackdoor Cobalt Strike Ryuk
2020-10-26ThreatConnectThreatConnect Research Team
@online{team:20201026:threatconnect:0e90cc3, author = {ThreatConnect Research Team}, title = {{ThreatConnect Research Roundup: Ryuk and Domains Spoofing ESET and Microsoft}}, date = {2020-10-26}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/threatconnect-research-roundup-ryuk-and-domains-spoofing-eset-and-microsoft/}, language = {English}, urldate = {2020-10-29} } ThreatConnect Research Roundup: Ryuk and Domains Spoofing ESET and Microsoft
Ryuk
2020-10-16ThreatConnectThreatConnect Research Team
@online{team:20201016:threatconnect:2010d70, author = {ThreatConnect Research Team}, title = {{ThreatConnect Research Roundup: Possible Ryuk Infrastructure}}, date = {2020-10-16}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/threatconnect-research-roundup-possible-ryuk-infrastructure/}, language = {English}, urldate = {2020-10-23} } ThreatConnect Research Roundup: Possible Ryuk Infrastructure
Ryuk
2020-09-28ThreatConnectThreatConnect Research Team
@online{team:20200928:kimsuky:c4509b0, author = {ThreatConnect Research Team}, title = {{Kimsuky Phishing Operations Putting In Work}}, date = {2020-09-28}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/kimsuky-phishing-operations-putting-in-work/}, language = {English}, urldate = {2020-10-04} } Kimsuky Phishing Operations Putting In Work
2020-09-11ThreatConnectThreatConnect Research Team
@online{team:20200911:research:edfb074, author = {ThreatConnect Research Team}, title = {{Research Roundup: Activity on Previously Identified APT33 Domains}}, date = {2020-09-11}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/research-roundup-activity-on-previously-identified-apt33-domains/}, language = {English}, urldate = {2020-09-15} } Research Roundup: Activity on Previously Identified APT33 Domains
Emotet PlugX APT33
2020-08-20ThreatConnectKyle Ehmke
@online{ehmke:20200820:webinar:cad7a98, author = {Kyle Ehmke}, title = {{[webinar] Proactive Infrastructure Hunting with ThreatConnect & DomainTools}}, date = {2020-08-20}, organization = {ThreatConnect}, url = {https://threatconnect.com/resource/proactive-infrastructure-hunting-with-threatconnect-domaintools/}, language = {English}, urldate = {2020-09-06} } [webinar] Proactive Infrastructure Hunting with ThreatConnect & DomainTools
2020-06-12ThreatConnectThreatConnect Research Team
@online{team:20200612:probable:89a5bed, author = {ThreatConnect Research Team}, title = {{Probable Sandworm Infrastructure}}, date = {2020-06-12}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/threatconnect-research-roundup-probable-sandworm-infrastructure}, language = {English}, urldate = {2020-06-16} } Probable Sandworm Infrastructure
Avaddon Emotet Kimsuky
2020-05-22ThreatConnectThreatConnect Research Team
@online{team:20200522:threatconnect:38cf5f1, author = {ThreatConnect Research Team}, title = {{ThreatConnect Research Roundup: Possible APT33 Infrastructure}}, date = {2020-05-22}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/threatconnect-research-roundup-possible-apt33-infrastructure/}, language = {English}, urldate = {2020-05-23} } ThreatConnect Research Roundup: Possible APT33 Infrastructure
2017-09-18ThreatConnectPaul Vann
@online{vann:20170918:casting:87b63a9, author = {Paul Vann}, title = {{Casting a Light on BlackEnergy}}, date = {2017-09-18}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/casting-a-light-on-blackenergy/}, language = {English}, urldate = {2020-01-13} } Casting a Light on BlackEnergy
BlackEnergy
2017-06-14ThreatConnectThreatConnect Research Team
@online{team:20170614:phantom:0078e23, author = {ThreatConnect Research Team}, title = {{Phantom of the Opaera: New KASPERAGENT Malware Campaign}}, date = {2017-06-14}, organization = {ThreatConnect}, url = {https://www.threatconnect.com/blog/kasperagent-malware-campaign/}, language = {English}, urldate = {2019-10-14} } Phantom of the Opaera: New KASPERAGENT Malware Campaign
KasperAgent AridViper
2016-10-17ThreatConnectThreatConnect
@online{threatconnect:20161017:tale:b318dae, author = {ThreatConnect}, title = {{A Tale of Two Targets}}, date = {2016-10-17}, organization = {ThreatConnect}, url = {https://www.threatconnect.com/blog/threatconnect-discovers-chinese-apt-activity-in-europe/}, language = {English}, urldate = {2019-12-02} } A Tale of Two Targets
HttpBrowser APT27
2016-09-28ThreatConnectThreatConnect Research Team
@online{team:20160928:belling:69cc9ec, author = {ThreatConnect Research Team}, title = {{Belling the BEAR}}, date = {2016-09-28}, organization = {ThreatConnect}, url = {https://www.threatconnect.com/blog/russia-hacks-bellingcat-mh17-investigation/#.V-wnrubaeEU.twitter}, language = {English}, urldate = {2020-01-08} } Belling the BEAR
Cyber Berkut
2015-02-27ThreatConnectThreatConnect Research Team
@online{team:20150227:anthem:ac7d814, author = {ThreatConnect Research Team}, title = {{The Anthem Hack: All Roads Lead to China}}, date = {2015-02-27}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/the-anthem-hack-all-roads-lead-to-china/}, language = {English}, urldate = {2020-04-06} } The Anthem Hack: All Roads Lead to China
HttpBrowser
2015-02-27ThreatConnectThreatConnect Research Team
@online{team:20150227:anthem:3576532, author = {ThreatConnect Research Team}, title = {{The Anthem Hack: All Roads Lead to China}}, date = {2015-02-27}, organization = {ThreatConnect}, url = {https://www.threatconnect.com/the-anthem-hack-all-roads-lead-to-china/}, language = {English}, urldate = {2020-01-09} } The Anthem Hack: All Roads Lead to China
Derusbi
2015ThreatConnectThreatConnect
@online{threatconnect:2015:naikon:59ceced, author = {ThreatConnect}, title = {{Naikon Tag in ThreatConnect Blogs}}, date = {2015}, organization = {ThreatConnect}, url = {https://threatconnect.com/blog/tag/naikon/}, language = {English}, urldate = {2020-04-06} } Naikon Tag in ThreatConnect Blogs
APT30 Naikon