Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-10-30US-CERTUS-CERT
@online{uscert:20201030:alert:e83e6b9, author = {US-CERT}, title = {{Alert (AA20-304A): Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data}}, date = {2020-10-30}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-304a}, language = {English}, urldate = {2020-11-02} } Alert (AA20-304A): Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
2020-10-29US-CERTUS-CERT
@online{uscert:20201029:malware:8122496, author = {US-CERT}, title = {{Malware Analysis Report (AR20-303B): ZEBROCY Backdoor}}, date = {2020-10-29}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-303b}, language = {English}, urldate = {2020-11-02} } Malware Analysis Report (AR20-303B): ZEBROCY Backdoor
Zebrocy
2020-10-29US-CERTUS-CERT
@online{uscert:20201029:malware:c4c177c, author = {US-CERT}, title = {{Malware Analysis Report (AR20-303A): PowerShell Script: ComRAT}}, date = {2020-10-29}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-303a}, language = {English}, urldate = {2020-11-02} } Malware Analysis Report (AR20-303A): PowerShell Script: ComRAT
Agent.BTZ
2020-10-27US-CERTUS-CERT
@online{uscert:20201027:alert:cd5c1eb, author = {US-CERT}, title = {{Alert (AA20-301A): North Korean Advanced Persistent Threat Focus: Kimsuky}}, date = {2020-10-27}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-301a}, language = {English}, urldate = {2020-10-29} } Alert (AA20-301A): North Korean Advanced Persistent Threat Focus: Kimsuky
BabyShark Meterpreter Kimsuky
2020-10-22US-CERTUS-CERT
@online{uscert:20201022:alert:d74e5f3, author = {US-CERT}, title = {{Alert (AA20-296B): Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems}}, date = {2020-10-22}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-296b}, language = {English}, urldate = {2020-10-23} } Alert (AA20-296B): Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems
2020-10-22US-CERTUS-CERT
@online{uscert:20201022:alert:88ee7f6, author = {US-CERT}, title = {{Alert (AA20-296A): Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets}}, date = {2020-10-22}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-296a}, language = {English}, urldate = {2020-10-23} } Alert (AA20-296A): Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
2020-10-09US-CERTUS-CERT
@online{uscert:20201009:alert:7782aaa, author = {US-CERT}, title = {{Alert (AA20-283A): APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations}}, date = {2020-10-09}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-283a}, language = {English}, urldate = {2020-10-12} } Alert (AA20-283A): APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
2020-10-01US-CERTUS-CERT
@online{uscert:20201001:alert:a46c3d4, author = {US-CERT}, title = {{Alert (AA20-275A): Potential for China Cyber Response to Heightened U.S.-China Tensions}}, date = {2020-10-01}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-275a}, language = {English}, urldate = {2020-10-04} } Alert (AA20-275A): Potential for China Cyber Response to Heightened U.S.-China Tensions
CHINACHOPPER Cobalt Strike Empire Downloader MimiKatz Poison Ivy
2020-10-01US-CERTUS-CERT
@online{uscert:20201001:malware:819220c, author = {US-CERT}, title = {{Malware Analysis Report (AR20-275A): Remote Access Trojan: SLOTHFULMEDIA}}, date = {2020-10-01}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-275a}, language = {English}, urldate = {2020-10-04} } Malware Analysis Report (AR20-275A): Remote Access Trojan: SLOTHFULMEDIA
SlothfulMedia
2020-09-24US-CERTUS-CERT
@online{uscert:20200924:analysis:e1e4cc0, author = {US-CERT}, title = {{Analysis Report (AR20-268A): Federal Agency Compromised by Malicious Cyber Actor}}, date = {2020-09-24}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-268a}, language = {English}, urldate = {2020-10-13} } Analysis Report (AR20-268A): Federal Agency Compromised by Malicious Cyber Actor
Cobalt Strike Meterpreter
2020-09-15US-CERTUS-CERT
@online{uscert:20200915:alert:13d0ab3, author = {US-CERT}, title = {{Alert (AA20-259A): Iran-Based Threat Actor Exploits VPN Vulnerabilities}}, date = {2020-09-15}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-259a}, language = {English}, urldate = {2020-09-16} } Alert (AA20-259A): Iran-Based Threat Actor Exploits VPN Vulnerabilities
CHINACHOPPER Fox Kitten
2020-09-15US-CERTUS-CERT
@online{uscert:20200915:malware:8345418, author = {US-CERT}, title = {{Malware Analysis Report (AR20-259A): Iranian Web Shells}}, date = {2020-09-15}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-259a}, language = {English}, urldate = {2020-09-16} } Malware Analysis Report (AR20-259A): Iranian Web Shells
CHINACHOPPER
2020-09-14US-CERTUS-CERT
@online{uscert:20200914:alert:71b6963, author = {US-CERT}, title = {{Alert (AA20-258A): Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity}}, date = {2020-09-14}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-258a}, language = {English}, urldate = {2020-09-16} } Alert (AA20-258A): Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
2020-08-19US-CERTUS-CERT
@online{uscert:20200819:malware:63a2025, author = {US-CERT}, title = {{Malware Analysis Report (AR20-232A)}}, date = {2020-08-19}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-232a}, language = {English}, urldate = {2020-09-01} } Malware Analysis Report (AR20-232A)
Bankshot BLINDINGCAN
2020-08-14Department of Homeland SecurityUS-CERT
@online{uscert:20200814:alert:d3dbb71, author = {US-CERT}, title = {{Alert (AA20-227A): Phishing Emails Used to Deploy KONNI Malware}}, date = {2020-08-14}, organization = {Department of Homeland Security}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-227a}, language = {English}, urldate = {2020-08-14} } Alert (AA20-227A): Phishing Emails Used to Deploy KONNI Malware
Konni
2020-08-03US-CERTUS-CERT, CISA
@online{uscert:20200803:mar102920891v1:366a266, author = {US-CERT and CISA}, title = {{MAR-10292089-1.v1 – Chinese Remote Access Trojan: TAIDOOR}}, date = {2020-08-03}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-216a}, language = {English}, urldate = {2020-08-05} } MAR-10292089-1.v1 – Chinese Remote Access Trojan: TAIDOOR
taidoor
2020-07-16CISAUS-CERT
@online{uscert:20200716:malware:8f97a51, author = {US-CERT}, title = {{Malware Analysis Report (AR20-198A)}}, date = {2020-07-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198a}, language = {English}, urldate = {2020-07-20} } Malware Analysis Report (AR20-198A)
SoreFang
2020-07-16CISAUS-CERT
@online{uscert:20200716:malware:b2a55f2, author = {US-CERT}, title = {{Malware Analysis Report (AR20-198C)}}, date = {2020-07-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198c}, language = {English}, urldate = {2020-07-20} } Malware Analysis Report (AR20-198C)
WellMail
2020-07-16CISAUS-CERT
@online{uscert:20200716:malware:539b015, author = {US-CERT}, title = {{Malware Analysis Report (AR20-198B)}}, date = {2020-07-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198b}, language = {English}, urldate = {2020-07-20} } Malware Analysis Report (AR20-198B)
WellMess
2020-05-12US-CERTUS-CERT
@online{uscert:20200512:mar102888341v1:e6e6a28, author = {US-CERT}, title = {{MAR-10288834-1.v1 – North Korean Remote Access Tool: COPPERHEDGE}}, date = {2020-05-12}, organization = {US-CERT}, url = {https://www.us-cert.gov/ncas/analysis-reports/ar20-133a}, language = {English}, urldate = {2020-05-14} } MAR-10288834-1.v1 – North Korean Remote Access Tool: COPPERHEDGE
Bankshot