Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-21TrellixErnesto Fernández Provecho, Pham Duy Phuc, Ciana Driscoll, Vinoo Thomas
@online{provecho:20231121:continued:8a0bc28, author = {Ernesto Fernández Provecho and Pham Duy Phuc and Ciana Driscoll and Vinoo Thomas}, title = {{The Continued Evolution of the DarkGate Malware-as-a-Service}}, date = {2023-11-21}, organization = {Trellix}, url = {https://www.trellix.com/about/newsroom/stories/research/the-continued-evolution-of-the-darkgate-malware-as-a-service/}, language = {English}, urldate = {2023-11-27} } The Continued Evolution of the DarkGate Malware-as-a-Service
DarkGate
2023-08-17TrellixPhelix Oluoch
@online{oluoch:20230817:scattered:4586155, author = {Phelix Oluoch}, title = {{Scattered Spider: The Modus Operandi}}, date = {2023-08-17}, organization = {Trellix}, url = {https://www.trellix.com/about/newsroom/stories/research/scattered-spider-the-modus-operandi/}, language = {English}, urldate = {2023-11-17} } Scattered Spider: The Modus Operandi
BlackCat POORTRY
2023-08-10TrellixJonell Baltazar, Antonio Ribeiro
@online{baltazar:20230810:exploring:44f8ef6, author = {Jonell Baltazar and Antonio Ribeiro}, title = {{Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT}}, date = {2023-08-10}, organization = {Trellix}, url = {https://www.trellix.com/about/newsroom/stories/research/new-techniques-of-fake-browser-updates/}, language = {English}, urldate = {2023-11-14} } Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT
NetSupportManager RAT
2023-04-13TrellixMax Kersten
@online{kersten:20230413:read:013379f, author = {Max Kersten}, title = {{Read The Manual Locker: A Private RaaS Provider}}, date = {2023-04-13}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/read-the-manual-locker-a-private-raas-provider.html}, language = {English}, urldate = {2023-04-18} } Read The Manual Locker: A Private RaaS Provider
RTM Locker
2023-04-03TrellixAlexandre Mundo, Max Kersten
@online{mundo:20230403:royal:43c339b, author = {Alexandre Mundo and Max Kersten}, title = {{A Royal Analysis of Royal Ransom}}, date = {2023-04-03}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/a-royal-analysis-of-royal-ransom.html}, language = {English}, urldate = {2023-04-06} } A Royal Analysis of Royal Ransom
Royal Ransom
2023-03-07TrellixPham Duy Phuc, Raghav Kapoor, John Fokker, Alejandro Houspanossian, Mathanraj Thangaraju
@online{phuc:20230307:qakbot:a1aef8e, author = {Pham Duy Phuc and Raghav Kapoor and John Fokker and Alejandro Houspanossian and Mathanraj Thangaraju}, title = {{Qakbot Evolves to OneNote Malware Distribution}}, date = {2023-03-07}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/qakbot-evolves-to-onenote-malware-distribution.html}, language = {English}, urldate = {2023-03-13} } Qakbot Evolves to OneNote Malware Distribution
QakBot
2023-01-24TrellixDaksh Kapur, Tomer Shloman, Robert Venal, John Fokker
@online{kapur:20230124:cyberattacks:0a05372, author = {Daksh Kapur and Tomer Shloman and Robert Venal and John Fokker}, title = {{Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity}}, date = {2023-01-24}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/cyberattacks-targeting-ukraine-increase.html}, language = {English}, urldate = {2023-01-25} } Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity
Andromeda Formbook Houdini Remcos
2022-11-17TrellixTrelix
@online{trelix:20221117:trellix:8d385ac, author = {Trelix}, title = {{Trellix Insights: SmokeLoader Exploits Old Vulnerabilities to Drop zgRAT}}, date = {2022-11-17}, organization = {Trellix}, url = {https://kcm.trellix.com/corporate/index?page=content&id=KB96190&locale=en_US}, language = {English}, urldate = {2023-09-18} } Trellix Insights: SmokeLoader Exploits Old Vulnerabilities to Drop zgRAT
SmokeLoader zgRAT
2022-11-15TrellixMax Kersten
@online{kersten:20221115:wipermania:b44cf18, author = {Max Kersten}, title = {{Wipermania: An All You Can Wipe Buffet}}, date = {2022-11-15}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/wipermania-an-all-you-can-wipe-buffet.html}, language = {English}, urldate = {2022-11-21} } Wipermania: An All You Can Wipe Buffet
dnWipe NominatusToxicBattery
2022-10-06TrellixDaksh Kapur
@online{kapur:20221006:evolution:788af5e, author = {Daksh Kapur}, title = {{Evolution of BazarCall Social Engineering Tactics}}, date = {2022-10-06}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/evolution-of-bazarcall-social-engineering-tactics.html}, language = {English}, urldate = {2023-01-03} } Evolution of BazarCall Social Engineering Tactics
BazarBackdoor BazarCall
2022-08-24TrellixAdithya Chandra, Sushant Kumar Arya
@online{chandra:20220824:demystifying:77609b2, author = {Adithya Chandra and Sushant Kumar Arya}, title = {{Demystifying Qbot Malware}}, date = {2022-08-24}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/demystifying-qbot-malware.html}, language = {English}, urldate = {2022-08-28} } Demystifying Qbot Malware
QakBot
2022-07-13TrellixSushant Kumar Arya, Mohsin Dalla
@online{arya:20220713:targeted:82e3d8c, author = {Sushant Kumar Arya and Mohsin Dalla}, title = {{Targeted Attack on Government Agencies}}, date = {2022-07-13}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/targeted-attack-on-government-agencies.html}, language = {English}, urldate = {2022-07-14} } Targeted Attack on Government Agencies
AsyncRAT LimeRAT
2022-06-23TrellixChristiaan Beek
@online{beek:20220623:sound:31e77bd, author = {Christiaan Beek}, title = {{The Sound of Malware}}, date = {2022-06-23}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/the-sound-of-malware.html}, language = {English}, urldate = {2022-06-27} } The Sound of Malware
Conti VHD Ransomware
2022-06-06TrellixTrelix
@online{trelix:20220606:growling:14f9f75, author = {Trelix}, title = {{Growling Bears Make Thunderous Noise}}, date = {2022-06-06}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/growling-bears-make-thunderous-noise.html}, language = {English}, urldate = {2022-06-08} } Growling Bears Make Thunderous Noise
Cobalt Strike HermeticWiper WhisperGate NB65
2022-05-03TrellixChristiaan Beek
@online{beek:20220503:hermit:70ec592, author = {Christiaan Beek}, title = {{The Hermit Kingdom’s Ransomware play}}, date = {2022-05-03}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/the-hermit-kingdoms-ransomware-play.html}, language = {English}, urldate = {2022-05-04} } The Hermit Kingdom’s Ransomware play
VHD Ransomware
2022-04-18TrellixMarc Elias, Jambul Tologonov, Alexandre Mundo
@online{elias:20220418:conti:b15356d, author = {Marc Elias and Jambul Tologonov and Alexandre Mundo}, title = {{Conti Group Targets ESXi Hypervisors With its Linux Variant}}, date = {2022-04-18}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-group-targets-esxi-hypervisors-with-its-linux-variant.html}, language = {English}, urldate = {2022-04-20} } Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Conti
2022-03-31TrellixJohn Fokker, Jambul Tologonov
@online{fokker:20220331:conti:3bc2974, author = {John Fokker and Jambul Tologonov}, title = {{Conti Leaks: Examining the Panama Papers of Ransomware}}, date = {2022-03-31}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-papers-of-ransomware.html}, language = {English}, urldate = {2022-04-07} } Conti Leaks: Examining the Panama Papers of Ransomware
LockBit Amadey Buer Conti IcedID LockBit Mailto Maze PhotoLoader Ryuk TrickBot
2022-03-28TrellixMax Kersten, Marc Elias
@online{kersten:20220328:plugx:37256d5, author = {Max Kersten and Marc Elias}, title = {{PlugX: A Talisman to Behold}}, date = {2022-03-28}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/plugx-a-talisman-to-behold.html}, language = {English}, urldate = {2022-03-30} } PlugX: A Talisman to Behold
PlugX
2022-03-17TrellixThibault Seret, John Fokker
@online{seret:20220317:suspected:f30741a, author = {Thibault Seret and John Fokker}, title = {{Suspected DarkHotel APT activity update}}, date = {2022-03-17}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/suspected-darkhotel-apt-activity-update.html}, language = {English}, urldate = {2022-03-18} } Suspected DarkHotel APT activity update
RMOT
2022-03-02TrellixMax Kersten
@online{kersten:20220302:digging:42a2aaf, author = {Max Kersten}, title = {{Digging into HermeticWiper}}, date = {2022-03-02}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/digging-into-hermeticwiper.html}, language = {English}, urldate = {2022-03-04} } Digging into HermeticWiper
HermeticWiper