Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-13TrellixMax Kersten
@online{kersten:20230413:read:013379f, author = {Max Kersten}, title = {{Read The Manual Locker: A Private RaaS Provider}}, date = {2023-04-13}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/read-the-manual-locker-a-private-raas-provider.html}, language = {English}, urldate = {2023-04-18} } Read The Manual Locker: A Private RaaS Provider
RTM Locker
2023-04-03TrellixAlexandre Mundo, Max Kersten
@online{mundo:20230403:royal:43c339b, author = {Alexandre Mundo and Max Kersten}, title = {{A Royal Analysis of Royal Ransom}}, date = {2023-04-03}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/a-royal-analysis-of-royal-ransom.html}, language = {English}, urldate = {2023-04-06} } A Royal Analysis of Royal Ransom
Royal Ransom
2023-03-07TrellixPham Duy Phuc, Raghav Kapoor, John Fokker, Alejandro Houspanossian, Mathanraj Thangaraju
@online{phuc:20230307:qakbot:a1aef8e, author = {Pham Duy Phuc and Raghav Kapoor and John Fokker and Alejandro Houspanossian and Mathanraj Thangaraju}, title = {{Qakbot Evolves to OneNote Malware Distribution}}, date = {2023-03-07}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/qakbot-evolves-to-onenote-malware-distribution.html}, language = {English}, urldate = {2023-03-13} } Qakbot Evolves to OneNote Malware Distribution
QakBot
2023-01-24TrellixDaksh Kapur, Tomer Shloman, Robert Venal, John Fokker
@online{kapur:20230124:cyberattacks:0a05372, author = {Daksh Kapur and Tomer Shloman and Robert Venal and John Fokker}, title = {{Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity}}, date = {2023-01-24}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/cyberattacks-targeting-ukraine-increase.html}, language = {English}, urldate = {2023-01-25} } Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity
Andromeda Formbook Houdini Remcos
2022-11-15TrellixMax Kersten
@online{kersten:20221115:wipermania:b44cf18, author = {Max Kersten}, title = {{Wipermania: An All You Can Wipe Buffet}}, date = {2022-11-15}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/wipermania-an-all-you-can-wipe-buffet.html}, language = {English}, urldate = {2022-11-21} } Wipermania: An All You Can Wipe Buffet
dnWipe NominatusToxicBattery
2022-10-06TrellixDaksh Kapur
@online{kapur:20221006:evolution:788af5e, author = {Daksh Kapur}, title = {{Evolution of BazarCall Social Engineering Tactics}}, date = {2022-10-06}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/research/evolution-of-bazarcall-social-engineering-tactics.html}, language = {English}, urldate = {2023-01-03} } Evolution of BazarCall Social Engineering Tactics
BazarBackdoor BazarCall
2022-08-24TrellixAdithya Chandra, Sushant Kumar Arya
@online{chandra:20220824:demystifying:77609b2, author = {Adithya Chandra and Sushant Kumar Arya}, title = {{Demystifying Qbot Malware}}, date = {2022-08-24}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/demystifying-qbot-malware.html}, language = {English}, urldate = {2022-08-28} } Demystifying Qbot Malware
QakBot
2022-07-13TrellixSushant Kumar Arya, Mohsin Dalla
@online{arya:20220713:targeted:82e3d8c, author = {Sushant Kumar Arya and Mohsin Dalla}, title = {{Targeted Attack on Government Agencies}}, date = {2022-07-13}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/targeted-attack-on-government-agencies.html}, language = {English}, urldate = {2022-07-14} } Targeted Attack on Government Agencies
AsyncRAT LimeRAT
2022-06-23TrellixChristiaan Beek
@online{beek:20220623:sound:31e77bd, author = {Christiaan Beek}, title = {{The Sound of Malware}}, date = {2022-06-23}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/the-sound-of-malware.html}, language = {English}, urldate = {2022-06-27} } The Sound of Malware
Conti VHD Ransomware
2022-06-06TrellixTrelix
@online{trelix:20220606:growling:14f9f75, author = {Trelix}, title = {{Growling Bears Make Thunderous Noise}}, date = {2022-06-06}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/growling-bears-make-thunderous-noise.html}, language = {English}, urldate = {2022-06-08} } Growling Bears Make Thunderous Noise
Cobalt Strike HermeticWiper WhisperGate
2022-05-03TrellixChristiaan Beek
@online{beek:20220503:hermit:70ec592, author = {Christiaan Beek}, title = {{The Hermit Kingdom’s Ransomware play}}, date = {2022-05-03}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/the-hermit-kingdoms-ransomware-play.html}, language = {English}, urldate = {2022-05-04} } The Hermit Kingdom’s Ransomware play
VHD Ransomware
2022-04-18TrellixMarc Elias, Jambul Tologonov, Alexandre Mundo
@online{elias:20220418:conti:b15356d, author = {Marc Elias and Jambul Tologonov and Alexandre Mundo}, title = {{Conti Group Targets ESXi Hypervisors With its Linux Variant}}, date = {2022-04-18}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-group-targets-esxi-hypervisors-with-its-linux-variant.html}, language = {English}, urldate = {2022-04-20} } Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Conti
2022-03-31TrellixJohn Fokker, Jambul Tologonov
@online{fokker:20220331:conti:3bc2974, author = {John Fokker and Jambul Tologonov}, title = {{Conti Leaks: Examining the Panama Papers of Ransomware}}, date = {2022-03-31}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-papers-of-ransomware.html}, language = {English}, urldate = {2022-04-07} } Conti Leaks: Examining the Panama Papers of Ransomware
LockBit Amadey Buer Conti IcedID LockBit Mailto Maze PhotoLoader Ryuk TrickBot
2022-03-28TrellixMax Kersten, Marc Elias
@online{kersten:20220328:plugx:37256d5, author = {Max Kersten and Marc Elias}, title = {{PlugX: A Talisman to Behold}}, date = {2022-03-28}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/plugx-a-talisman-to-behold.html}, language = {English}, urldate = {2022-03-30} } PlugX: A Talisman to Behold
PlugX
2022-03-17TrellixThibault Seret, John Fokker
@online{seret:20220317:suspected:f30741a, author = {Thibault Seret and John Fokker}, title = {{Suspected DarkHotel APT activity update}}, date = {2022-03-17}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/suspected-darkhotel-apt-activity-update.html}, language = {English}, urldate = {2022-03-18} } Suspected DarkHotel APT activity update
RMOT
2022-03-02TrellixMax Kersten
@online{kersten:20220302:digging:42a2aaf, author = {Max Kersten}, title = {{Digging into HermeticWiper}}, date = {2022-03-02}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/digging-into-hermeticwiper.html}, language = {English}, urldate = {2022-03-04} } Digging into HermeticWiper
HermeticWiper
2022-02-28TrellixTaylor Mullins
@online{mullins:20220228:trellix:5428964, author = {Taylor Mullins}, title = {{Trellix Global Defenders: Cyberattacks Targeting Ukraine and HermeticWiper Protections}}, date = {2022-02-28}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/defenders-blog-on-cyberattacks-targeting-ukraine.html}, language = {English}, urldate = {2022-03-07} } Trellix Global Defenders: Cyberattacks Targeting Ukraine and HermeticWiper Protections
HermeticWiper
2022-02-28TrellixTaylor Mullins
@online{mullins:20220228:trellix:de4afa3, author = {Taylor Mullins}, title = {{Trellix Global Defenders: Analysis and Protections for RagnarLocker Ransomware}}, date = {2022-02-28}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/analysis-and-protections-for-ragnarlocker-ransomware.html}, language = {English}, urldate = {2022-04-07} } Trellix Global Defenders: Analysis and Protections for RagnarLocker Ransomware
RagnarLocker RagnarLocker
2022-02-28TrellixTaylor Mullins
@online{mullins:20220228:trellix:6ab8bac, author = {Taylor Mullins}, title = {{Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware}}, date = {2022-02-28}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/trellix-global-defenders-analysis-and-protections-for-blackbyte-ransomware.html}, language = {English}, urldate = {2022-03-07} } Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware
BlackByte
2022-02-17TrellixChristiaan Beek, Marc Elias
@online{beek:20220217:looking:0149198, author = {Christiaan Beek and Marc Elias}, title = {{Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes}}, date = {2022-02-17}, organization = {Trellix}, url = {https://www.trellix.com/en-gb/about/newsroom/stories/threat-labs/looking-over-the-nation-state-actors-shoulders.html}, language = {English}, urldate = {2022-03-01} } Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes
Empire Downloader