Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-03-18RiskIQYonathan Klijnsma
@online{klijnsma:20200318:magecart:2ee4a78, author = {Yonathan Klijnsma}, title = {{Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims}}, date = {2020-03-18}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-nutribullet/}, language = {English}, urldate = {2020-03-19} } Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims
magecart
2019-02-28RiskIQYonathan Klijnsma
@online{klijnsma:20190228:magecart:e2b0173, author = {Yonathan Klijnsma}, title = {{Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime}}, date = {2019-02-28}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-group-4-always-advancing/}, language = {English}, urldate = {2020-01-06} } Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime
magecart
2018-07-09RiskIQYonathan Klijnsma, Jordan Herman
@online{klijnsma:20180709:inside:e92fff2, author = {Yonathan Klijnsma and Jordan Herman}, title = {{Inside and Beyond Ticketmaster: The Many Breaches of Magecart}}, date = {2018-07-09}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/magecart-ticketmaster-breach/}, language = {English}, urldate = {2020-01-12} } Inside and Beyond Ticketmaster: The Many Breaches of Magecart
magecart
2018-01-23RiskIQYonathan Klijnsma
@online{klijnsma:20180123:espionage:f3d28b0, author = {Yonathan Klijnsma}, title = {{Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors}}, date = {2018-01-23}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/spear-phishing-turkish-defense-contractors/}, language = {English}, urldate = {2019-12-24} } Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors
Remcos
2018-01-16RiskIQYonathan Klijnsma
@online{klijnsma:20180116:first:9184887, author = {Yonathan Klijnsma}, title = {{First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks}}, date = {2018-01-16}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-group-spear-phishing-russian-banks/}, language = {English}, urldate = {2019-11-26} } First Activities of Cobalt Group in 2018: Spear Phishing Russian Banks
Cobalt
2017-12-20RiskIQYonathan Klijnsma
@online{klijnsma:20171220:mining:4b3dc11, author = {Yonathan Klijnsma}, title = {{Mining Insights: Infrastructure Analysis of Lazarus Group Cyber Attacks on the Cryptocurrency Industry}}, date = {2017-12-20}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/lazarus-group-cryptocurrency/}, language = {English}, urldate = {2020-01-13} } Mining Insights: Infrastructure Analysis of Lazarus Group Cyber Attacks on the Cryptocurrency Industry
PowerRatankba
2017-11-28RiskIQYonathan Klijnsma
@online{klijnsma:20171128:gaffe:7c5097a, author = {Yonathan Klijnsma}, title = {{Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions}}, date = {2017-11-28}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/cobalt-strike/}, language = {English}, urldate = {2020-01-13} } Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions
Cobalt
2017-11-02RiskIQYonathan Klijnsma
@online{klijnsma:20171102:new:d98411c, author = {Yonathan Klijnsma}, title = {{New Insights into Energetic Bear’s Watering Hole Cyber Attacks on Turkish Critical Infrastructure}}, date = {2017-11-02}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/energetic-bear/}, language = {English}, urldate = {2020-01-13} } New Insights into Energetic Bear’s Watering Hole Cyber Attacks on Turkish Critical Infrastructure
Energetic Bear
2017-10-26RiskIQYonathan Klijnsma
@online{klijnsma:20171026:new:8298949, author = {Yonathan Klijnsma}, title = {{New htpRAT Gives Complete Remote Control Capabilities to Chinese Cyber Threat Actors}}, date = {2017-10-26}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/htprat/}, language = {English}, urldate = {2020-01-09} } New htpRAT Gives Complete Remote Control Capabilities to Chinese Cyber Threat Actors
htpRAT
2017-10-25RiskIQYonathan Klijnsma
@online{klijnsma:20171025:down:8d41ef5, author = {Yonathan Klijnsma}, title = {{Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection}}, date = {2017-10-25}, organization = {RiskIQ}, url = {https://www.riskiq.com/blog/labs/badrabbit/}, language = {English}, urldate = {2020-01-10} } Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection
EternalPetya
2016-05-17Fox-ITYonathan Klijnsma, Danny Heppener, Mitchel Sahertian, Krijn de Mik, Maarten van Dantzig, Yun Zheng Hu, Lennart Haagsma, Martin van Hensbergen, Erik de Jong
@techreport{klijnsma:20160517:mofang:7035a61, author = {Yonathan Klijnsma and Danny Heppener and Mitchel Sahertian and Krijn de Mik and Maarten van Dantzig and Yun Zheng Hu and Lennart Haagsma and Martin van Hensbergen and Erik de Jong}, title = {{Mofang: A politically motivated information stealing adversary}}, date = {2016-05-17}, institution = {Fox-IT}, url = {https://foxitsecurity.files.wordpress.com/2016/06/fox-it_mofang_threatreport_tlp-white.pdf}, language = {English}, urldate = {2020-01-09} } Mofang: A politically motivated information stealing adversary
Shim RAT Mofang
2015-11-300x3A SecurityYonathan Klijnsma
@online{klijnsma:20151130:inside:801d2d4, author = {Yonathan Klijnsma}, title = {{Inside Braviax/FakeRean: An analysis and history of a FakeAV family}}, date = {2015-11-30}, organization = {0x3A Security}, url = {https://0x3asecurity.wordpress.com/2015/11/30/134260124544/}, language = {English}, urldate = {2019-07-09} } Inside Braviax/FakeRean: An analysis and history of a FakeAV family