Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-13TrustwaveLloyd Macrohon, Rodel Mendrez
@online{macrohon:20220113:decrypting:274747e, author = {Lloyd Macrohon and Rodel Mendrez}, title = {{Decrypting Qakbot’s Encrypted Registry Keys}}, date = {2022-01-13}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/decrypting-qakbots-encrypted-registry-keys/}, language = {English}, urldate = {2022-01-25} } Decrypting Qakbot’s Encrypted Registry Keys
QakBot
2021-12-23TrustwaveTrustwave SpiderLabs
@online{spiderlabs:20211223:covid19:be34a52, author = {Trustwave SpiderLabs}, title = {{COVID-19 Phishing Lure to Steal and Mine Cryptocurrency}}, date = {2021-12-23}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/covid-19-phishing-lure-to-steal-and-mine-cryptocurrency/}, language = {English}, urldate = {2022-01-05} } COVID-19 Phishing Lure to Steal and Mine Cryptocurrency
ClipBanker
2021-10-15TrustwaveRodel Mendrez, Lloyd Macrohon
@online{mendrez:20211015:blackbyte:22439d3, author = {Rodel Mendrez and Lloyd Macrohon}, title = {{BlackByte Ransomware – Pt 2. Code Obfuscation Analysis}}, date = {2021-10-15}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-2-code-obfuscation-analysis/}, language = {English}, urldate = {2021-11-03} } BlackByte Ransomware – Pt 2. Code Obfuscation Analysis
2021-10-15TrustwaveRodel Mendrez, Lloyd Macrohon
@online{mendrez:20211015:blackbyte:4dfd5aa, author = {Rodel Mendrez and Lloyd Macrohon}, title = {{BlackByte Ransomware – Pt. 1 In-depth Analysis}}, date = {2021-10-15}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-1-in-depth-analysis/}, language = {English}, urldate = {2021-11-03} } BlackByte Ransomware – Pt. 1 In-depth Analysis
2021-10-14TrustwaveRadoslaw Zdonczyk
@online{zdonczyk:20211014:handshake:929fb32, author = {Radoslaw Zdonczyk}, title = {{A Handshake with MySQL Bots}}, date = {2021-10-14}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/handshake-with-mysql-bots/}, language = {English}, urldate = {2021-11-03} } A Handshake with MySQL Bots
2021-07-07TrustwaveRodel Mendrez, Nikita Kazymirskyi
@online{mendrez:20210707:diving:1c04c81, author = {Rodel Mendrez and Nikita Kazymirskyi}, title = {{Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails}}, date = {2021-07-07}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/diving-deeper-into-the-kaseya-vsa-attack-revil-returns-and-other-hackers-are-riding-their-coattails/}, language = {English}, urldate = {2021-07-09} } Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
Cobalt Strike REvil
2021-06-24TrustwaveDiana Lopera
@online{lopera:20210624:yet:5a8a4c5, author = {Diana Lopera}, title = {{Yet Another Archive Format Smuggling Malware}}, date = {2021-06-24}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/another-archive-format-smuggling-malware/}, language = {English}, urldate = {2021-06-29} } Yet Another Archive Format Smuggling Malware
Agent Tesla
2021-05-04TrustwaveLloyd Macrohon, Rodel Mendrez
@online{macrohon:20210504:pingback:4988e88, author = {Lloyd Macrohon and Rodel Mendrez}, title = {{Pingback: Backdoor At The End Of The ICMP Tunnel}}, date = {2021-05-04}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/backdoor-at-the-end-of-the-icmp-tunnel/}, language = {English}, urldate = {2021-05-04} } Pingback: Backdoor At The End Of The ICMP Tunnel
PingBack
2021-03-15TrustwaveJoshua Deacon
@online{deacon:20210315:hafnium:02beddd, author = {Joshua Deacon}, title = {{HAFNIUM, China Chopper and ASP.NET Runtime}}, date = {2021-03-15}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hafnium-china-chopper-and-aspnet-runtime/}, language = {English}, urldate = {2021-03-22} } HAFNIUM, China Chopper and ASP.NET Runtime
CHINACHOPPER
2021-03-11TrustwaveDiana Lopera
@online{lopera:20210311:image:dbb9908, author = {Diana Lopera}, title = {{Image File Trickery Part II: Fake Icon Delivers NanoCore}}, date = {2021-03-11}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/image-file-trickery-part-ii-fake-icon-delivers-nanocore/}, language = {English}, urldate = {2021-03-16} } Image File Trickery Part II: Fake Icon Delivers NanoCore
Nanocore RAT
2021-02-12TrustwaveRodel Mendrez, Diana Lopera
@online{mendrez:20210212:many:560778f, author = {Rodel Mendrez and Diana Lopera}, title = {{The Many Roads Leading To Agent Tesla}}, date = {2021-02-12}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-many-roads-leading-to-agent-tesla/}, language = {English}, urldate = {2021-02-18} } The Many Roads Leading To Agent Tesla
Agent Tesla
2021-02-03TrustwaveTrustwave SpiderLabs
@techreport{spiderlabs:20210203:new:08a89eb, author = {Trustwave SpiderLabs}, title = {{New Vulnerabilities Discovered in SolarWinds Products by Trustwave SpiderLabs}}, date = {2021-02-03}, institution = {Trustwave}, url = {https://trustwave.azureedge.net/media/17653/solarwinds-vuln-fact-sheet-_final-222021.pdf}, language = {English}, urldate = {2021-02-04} } New Vulnerabilities Discovered in SolarWinds Products by Trustwave SpiderLabs
2021-01-06TrustwaveDiana Lopera
@online{lopera:20210106:trump:c82445d, author = {Diana Lopera}, title = {{A Trump Sex Video? No, It's a RAT!}}, date = {2021-01-06}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/updated-qnode-rat-downloader-distributed-as-trump-video-scandal/}, language = {English}, urldate = {2021-01-11} } A Trump Sex Video? No, It's a RAT!
QRat
2020-08-24TrustwaveDiana Lopera
@online{lopera:20200824:rats:2bb29dc, author = {Diana Lopera}, title = {{RATs and Spam: The Node.JS QRAT}}, date = {2020-08-24}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rats-and-spam-the-nodejs-qrat/}, language = {English}, urldate = {2020-11-26} } RATs and Spam: The Node.JS QRAT
QRat
2020-07-22TrustwaveHomer Pacag
@online{pacag:20200722:lockscreen:e3c212d, author = {Homer Pacag}, title = {{Lockscreen Ransomware Phishing Leads To Google Play Card Scam}}, date = {2020-07-22}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/lockscreen-ransomware-phishing-leads-to-google-play-card-scam/}, language = {English}, urldate = {2020-07-30} } Lockscreen Ransomware Phishing Leads To Google Play Card Scam
lockscreen
2020-07-14TrustwaveBrian Hussey
@online{hussey:20200714:goldenspy:a870540, author = {Brian Hussey}, title = {{GoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software}}, date = {2020-07-14}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-4-goldenhelper-malware-embedded-in-official-golden-tax-software/}, language = {English}, urldate = {2020-07-15} } GoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software
GoldenHelper GoldenSpy
2020-07-11TrustwavePeter Evans, Rodel Mendrez
@online{evans:20200711:injecting:3d78e32, author = {Peter Evans and Rodel Mendrez}, title = {{Injecting Magecart into Magento Global Config}}, date = {2020-07-11}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/injecting-magecart-into-magento-global-config/}, language = {English}, urldate = {2020-07-15} } Injecting Magecart into Magento Global Config
magecart
2020-07-02TrustwaveBrian Hussey
@online{hussey:20200702:goldenspy:31c222a, author = {Brian Hussey}, title = {{GoldenSpy Chapter 3: New and Improved Uninstaller}}, date = {2020-07-02}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-3-new-and-improved-uninstaller/}, language = {English}, urldate = {2020-07-15} } GoldenSpy Chapter 3: New and Improved Uninstaller
GoldenSpy
2020-06-30TrustwaveBrian Hussey
@online{hussey:20200630:goldenspy:1ecdff8, author = {Brian Hussey}, title = {{GoldenSpy: Chapter Two - The Uninstaller}}, date = {2020-06-30}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-two-the-uninstaller/}, language = {English}, urldate = {2020-07-02} } GoldenSpy: Chapter Two - The Uninstaller
GoldenSpy
2020-06-25TrustwaveTrustwave SpiderLabs
@techreport{spiderlabs:20200625:golden:8fa4199, author = {Trustwave SpiderLabs}, title = {{The Golden Tax Department and Emergence of GoldenSpy Malware}}, date = {2020-06-25}, institution = {Trustwave}, url = {https://trustwave.azureedge.net/media/16908/the-golden-tax-department-and-emergence-of-goldenspy-malware.pdf}, language = {English}, urldate = {2020-06-30} } The Golden Tax Department and Emergence of GoldenSpy Malware
GoldenSpy