Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-18360 netlabHui Wang, Alex.Turing, litao3rd, YANG XU
@online{wang:20211118:pitfall:23ff4ea, author = {Hui Wang and Alex.Turing and litao3rd and YANG XU}, title = {{The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service}}, date = {2021-11-18}, organization = {360 netlab}, url = {https://blog.netlab.360.com/the-pitfall-of-threat-intelligence-whitelisting-specter-botnet-is-taking-over-top-legit-dns-domains-by-using-cloudns-service/}, language = {English}, urldate = {2021-11-19} } The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service
Specter
2021-11-12360 netlabAlex.Turing, Hui Wang, YANG XU
@online{alexturing:20211112:malware:70f965d, author = {Alex.Turing and Hui Wang and YANG XU}, title = {{Malware uses namesilo Parking pages and Google's custom pages to spread}}, date = {2021-11-12}, organization = {360 netlab}, url = {https://blog.netlab.360.com/zhatuniubility-malware-uses-namesilo-parking-pages-and-googles-custom-pages-to-spread/}, language = {English}, urldate = {2021-11-17} } Malware uses namesilo Parking pages and Google's custom pages to spread
2021-09-28NetlabHui Wang, Alex.Turing, YANG XU
@online{wang:20210928:miraiptearimasuta:2349f41, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread}}, date = {2021-09-28}, organization = {Netlab}, url = {https://blog.netlab.360.com/rimasuta-spread-with-ruijie-0day-en/}, language = {English}, urldate = {2021-10-24} } Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread
Mirai
2021-05-15Twitter (@xuy1202)YANG XU
@online{xu:20210515:necro:47291da, author = {YANG XU}, title = {{Tweet on Necro using hardcoded onion address as a gateway for TOR CC}}, date = {2021-05-15}, organization = {Twitter (@xuy1202)}, url = {https://twitter.com/xuy1202/status/1393384128456794116}, language = {English}, urldate = {2021-05-25} } Tweet on Necro using hardcoded onion address as a gateway for TOR CC
N3Cr0m0rPh
2021-05-11Twitter (@xuy1202)YANG XU
@online{xu:20210511:necros:d1f186c, author = {YANG XU}, title = {{Tweet on necro's new DGA}}, date = {2021-05-11}, organization = {Twitter (@xuy1202)}, url = {https://twitter.com/xuy1202/status/1392089568384454657}, language = {English}, urldate = {2021-05-13} } Tweet on necro's new DGA
N3Cr0m0rPh
2021-04-29360 netlabLiu Ya, YANG XU, Jinye
@online{ya:20210429:threat:56c2d1e, author = {Liu Ya and YANG XU and Jinye}, title = {{Threat Alert: New update from Sysrv-hello, now infecting victims‘ webpages to push malicious exe to end users}}, date = {2021-04-29}, organization = {360 netlab}, url = {https://blog.netlab.360.com/threat-alert-new-update-from-sysrv-hello-now-infecting-victims-webpages-to-push-malicious-exe-to-end-users/}, language = {English}, urldate = {2021-05-03} } Threat Alert: New update from Sysrv-hello, now infecting victims‘ webpages to push malicious exe to end users
2021-03-18360 netlabJinye, YANG XU
@online{jinye:20210318:necro:e22f5c1, author = {Jinye and YANG XU}, title = {{Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux}}, date = {2021-03-18}, organization = {360 netlab}, url = {https://blog.netlab.360.com/necro-upgrades-again-using-tor-dynamic-domain-dga-and-aiming-at-both-windows-linux/}, language = {English}, urldate = {2021-03-19} } Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux
N3Cr0m0rPh
2021-03-12360 netlabAlex.Turing, liuyang, YANG XU
@online{alexturing:20210312:new:37158fe, author = {Alex.Turing and liuyang and YANG XU}, title = {{New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims}}, date = {2021-03-12}, organization = {360 netlab}, url = {https://blog.netlab.360.com/new_threat_zhtrap_botnet_en/}, language = {English}, urldate = {2021-03-16} } New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims
ZHtrap