Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-26Cisco TalosWarren Mercer, Vitor Ventura
@online{mercer:20210526:elizabethan:40a80e7, author = {Warren Mercer and Vitor Ventura}, title = {{Elizabethan England has nothing on modern-day Russia}}, date = {2021-05-26}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2021/05/privateer-groups.html}, language = {English}, urldate = {2021-06-16} } Elizabethan England has nothing on modern-day Russia
2021-02-23TalosVitor Ventura, Warren Mercer
@online{ventura:20210223:gamaredon:3fbfa9b, author = {Vitor Ventura and Warren Mercer}, title = {{Gamaredon - When nation states don’t pay all the bills}}, date = {2021-02-23}, organization = {Talos}, url = {https://blog.talosintelligence.com/2021/02/gamaredonactivities.html}, language = {English}, urldate = {2021-02-25} } Gamaredon - When nation states don’t pay all the bills
2021-02-09TalosWarren Mercer, Chris Neal, Vitor Ventura
@online{mercer:20210209:kasablanka:63078fc, author = {Warren Mercer and Chris Neal and Vitor Ventura}, title = {{Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows}}, date = {2021-02-09}, organization = {Talos}, url = {https://blog.talosintelligence.com/2021/02/kasablanka-lodarat.html}, language = {English}, urldate = {2021-02-09} } Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows
Loda
2020-10-29Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20201029:donots:850f31b, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread}}, date = {2020-10-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/10/donot-firestarter.html}, language = {English}, urldate = {2020-10-29} } DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
Unidentified APK 005
2020-10-06TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20201006:poetrat:17f845e, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PoetRAT: Malware targeting public and private sector in Azerbaijan evolves}}, date = {2020-10-06}, organization = {Talos}, url = {https://blog.talosintelligence.com/2020/10/poetrat-update.html}, language = {English}, urldate = {2020-10-07} } PoetRAT: Malware targeting public and private sector in Azerbaijan evolves
Poet RAT
2020-06-29Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200629:promethium:e80cd47, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PROMETHIUM extends global reach with StrongPity3 APT}}, date = {2020-06-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html}, language = {English}, urldate = {2020-06-30} } PROMETHIUM extends global reach with StrongPity3 APT
StrongPity
2020-05-19Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200519:wolf:8e65365, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{The wolf is back...}}, date = {2020-05-19}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/05/the-wolf-is-back.html}, language = {English}, urldate = {2020-05-20} } The wolf is back...
WolfRAT
2020-04-16Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200416:poetrat:ab5659a, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors}}, date = {2020-04-16}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html}, language = {English}, urldate = {2020-05-05} } PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
Poet RAT
2020-03-05Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura
@online{mercer:20200305:bisonal:7885944, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{Bisonal: 10 years of play}}, date = {2020-03-05}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/03/bisonal-10-years-of-play.html}, language = {English}, urldate = {2020-03-05} } Bisonal: 10 years of play
Korlia
2020-01-16Cisco TalosWarren Mercer, Paul Rascagnères, Vitor Ventura, Eric Kuhla
@online{mercer:20200116:jhonerat:b41f102, author = {Warren Mercer and Paul Rascagnères and Vitor Ventura and Eric Kuhla}, title = {{JhoneRAT: Cloud based python RAT targeting Middle Eastern countries}}, date = {2020-01-16}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/01/jhonerat.html}, language = {English}, urldate = {2020-01-27} } JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
JhoneRAT
2019-09-24Cisco TalosWarren Mercer, Paul Rascagnères, Jungsoo An
@online{mercer:20190924:how:ac2b53e, author = {Warren Mercer and Paul Rascagnères and Jungsoo An}, title = {{How Tortoiseshell created a fake veteran hiring website to host malware}}, date = {2019-09-24}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/09/tortoiseshell-fake-veterans.html}, language = {English}, urldate = {2019-12-02} } How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit
2019-04-23TalosWarren Mercer, Paul Rascagnères
@online{mercer:20190423:dnspionage:509e055, author = {Warren Mercer and Paul Rascagnères}, title = {{DNSpionage brings out the Karkoff}}, date = {2019-04-23}, organization = {Talos}, url = {https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html}, language = {English}, urldate = {2019-12-20} } DNSpionage brings out the Karkoff
DNSpionage Karkoff DNSpionage
2019-04-17Cisco TalosDanny Adamitis, David Maynor, Warren Mercer, Matthew Olney, Paul Rascagnères
@online{adamitis:20190417:dns:0146532, author = {Danny Adamitis and David Maynor and Warren Mercer and Matthew Olney and Paul Rascagnères}, title = {{DNS Hijacking Abuses Trust In Core Internet Service}}, date = {2019-04-17}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/04/seaturtle.html}, language = {English}, urldate = {2020-01-09} } DNS Hijacking Abuses Trust In Core Internet Service
Sea Turtle
2019-03-13Cisco TalosWarren Mercer, Paul Rascagnères, Ben Baker
@online{mercer:20190313:glitchpos:a94f15c, author = {Warren Mercer and Paul Rascagnères and Ben Baker}, title = {{GlitchPOS: New PoS malware for sale}}, date = {2019-03-13}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2019/03/glitchpos-new-pos-malware-for-sale.html}, language = {English}, urldate = {2019-10-29} } GlitchPOS: New PoS malware for sale
GlitchPOS
2019-02-04CiscoWarren Mercer, Paul Rascagnères, Jaeson Schultz
@online{mercer:20190204:exilerat:1f7c57c, author = {Warren Mercer and Paul Rascagnères and Jaeson Schultz}, title = {{ExileRAT shares C2 with LuckyCat, targets Tibet}}, date = {2019-02-04}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2019/02/exilerat-shares-c2-with-luckycat.html}, language = {English}, urldate = {2020-01-07} } ExileRAT shares C2 with LuckyCat, targets Tibet
LuckyCat Exile RAT
2018-11-27Cisco TalosWarren Mercer, Paul Rascagnères
@online{mercer:20181127:dnspionage:7f0b0f3, author = {Warren Mercer and Paul Rascagnères}, title = {{DNSpionage Campaign Targets Middle East}}, date = {2018-11-27}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html}, language = {English}, urldate = {2020-05-18} } DNSpionage Campaign Targets Middle East
DNSpionage DNSpionage
2018-11-08Cisco TalosEdmund Brumaghin, Warren Mercer, Paul Rascagnères, Vitor Ventura
@online{brumaghin:20181108:metamorfo:d12fe7e, author = {Edmund Brumaghin and Warren Mercer and Paul Rascagnères and Vitor Ventura}, title = {{Metamorfo Banking Trojan Keeps Its Sights on Brazil}}, date = {2018-11-08}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/11/metamorfo-brazilian-campaigns.html}, language = {English}, urldate = {2020-01-06} } Metamorfo Banking Trojan Keeps Its Sights on Brazil
Metamorfo
2018-11-05CiscoDanny Adamitis, Warren Mercer, Paul Rascagnères, Vitor Ventura, Eric Kuhla
@online{adamitis:20181105:persian:5adf8c2, author = {Danny Adamitis and Warren Mercer and Paul Rascagnères and Vitor Ventura and Eric Kuhla}, title = {{Persian Stalker pillages Iranian users of Instagram and Telegram}}, date = {2018-11-05}, organization = {Cisco}, url = {https://blog.talosintelligence.com/2018/11/persian-stalker.html}, language = {English}, urldate = {2019-11-27} } Persian Stalker pillages Iranian users of Instagram and Telegram
FakeGram
2018-06-20Cisco TalosWarren Mercer, Paul Rascagnères
@online{mercer:20180620:my:9c08115, author = {Warren Mercer and Paul Rascagnères}, title = {{My Little FormBook}}, date = {2018-06-20}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/06/my-little-formbook.html}, language = {English}, urldate = {2020-01-06} } My Little FormBook
Formbook
2018-05-31Cisco TalosWarren Mercer, Paul Rascagnères, Jungsoo An
@online{mercer:20180531:navrat:bf68765, author = {Warren Mercer and Paul Rascagnères and Jungsoo An}, title = {{NavRAT Uses US-North Korea Summit As Decoy For Attacks In South Korea}}, date = {2018-05-31}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2018/05/navrat.html?m=1}, language = {English}, urldate = {2020-01-08} } NavRAT Uses US-North Korea Summit As Decoy For Attacks In South Korea
NavRAT