Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-21ZscalerJavier Vicente, Brett Stone-Gross
@online{vicente:20220121:analysis:419182f, author = {Javier Vicente and Brett Stone-Gross}, title = {{Analysis of Xloader’s C2 Network Encryption}}, date = {2022-01-21}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/analysis-xloaders-c2-network-encryption}, language = {English}, urldate = {2022-01-25} } Analysis of Xloader’s C2 Network Encryption
Xloader Formbook
2022-01-20ZscalerSahil Antil, Sudeep Singh
@online{antil:20220120:new:2bc6613, author = {Sahil Antil and Sudeep Singh}, title = {{New espionage attack by Molerats APT targeting users in the Middle East}}, date = {2022-01-20}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/new-espionage-attack-molerats-apt-targeting-users-middle-east}, language = {English}, urldate = {2022-01-24} } New espionage attack by Molerats APT targeting users in the Middle East
Spark
2021-12-15ZscalerRubin Azad
@online{azad:20211215:threatlabz:fcf4d6c, author = {Rubin Azad}, title = {{ThreatLabz analysis - Log4Shell CVE-2021-44228 Exploit Attempts}}, date = {2021-12-15}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/threatlabz-analysis-log4shell-cve-2021-44228-exploit-attempts}, language = {English}, urldate = {2022-01-05} } ThreatLabz analysis - Log4Shell CVE-2021-44228 Exploit Attempts
Kinsing Mirai
2021-12-14ZscalerNagraj Seshadri
@online{seshadri:20211214:neutralizing:ef415fd, author = {Nagraj Seshadri}, title = {{Neutralizing Apache Log4j Exploits with Identity-Based Segmentation}}, date = {2021-12-14}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/neutralizing-apache-log4j-exploits-identity-based-segmentation}, language = {English}, urldate = {2022-01-05} } Neutralizing Apache Log4j Exploits with Identity-Based Segmentation
2021-12-13ZscalerDennis Schwarz, Avinash Kumar
@online{schwarz:20211213:return:94bdbce, author = {Dennis Schwarz and Avinash Kumar}, title = {{Return of Emotet: Malware Analysis}}, date = {2021-12-13}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-emotet-malware-analysis}, language = {English}, urldate = {2021-12-20} } Return of Emotet: Malware Analysis
Emotet
2021-11-16ZscalerDeepen Desai
@online{desai:20211116:return:936dad6, author = {Deepen Desai}, title = {{Return of Emotet malware}}, date = {2021-11-16}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-emotet-malware}, language = {English}, urldate = {2021-11-19} } Return of Emotet malware
Emotet
2021-11-05ZscalerDennis Schwarz
@online{schwarz:20211105:spike:f47ffcd, author = {Dennis Schwarz}, title = {{Spike in DanaBot Malware Activity}}, date = {2021-11-05}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/spike-danabot-malware-activity}, language = {English}, urldate = {2021-11-08} } Spike in DanaBot Malware Activity
DanaBot
2021-10-22ZscalerStuti Chaturvedi, Amandeep Kumar
@online{chaturvedi:20211022:new:c65f106, author = {Stuti Chaturvedi and Amandeep Kumar}, title = {{New MultiloginBot Phishing Campaign}}, date = {2021-10-22}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/new-multiloginbot-phishing-campaign}, language = {English}, urldate = {2021-11-03} } New MultiloginBot Phishing Campaign
2021-10-15ZscalerRajdeepsinh Dodia
@online{dodia:20211015:atomsilo:81b4ff1, author = {Rajdeepsinh Dodia}, title = {{AtomSilo Ransomware Enters the League of Double Extortion}}, date = {2021-10-15}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/atomsilo-ransomware-enters-league-double-extortion}, language = {English}, urldate = {2021-11-03} } AtomSilo Ransomware Enters the League of Double Extortion
ATOMSILO
2021-10-08ZscalerTarun Dewan, Lenart Brave
@online{dewan:20211008:new:b97c20c, author = {Tarun Dewan and Lenart Brave}, title = {{New Trickbot and BazarLoader campaigns use multiple delivery vectorsi}}, date = {2021-10-08}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/new-trickbot-and-bazarloader-campaigns-use-multiple-delivery-vectors}, language = {English}, urldate = {2021-10-14} } New Trickbot and BazarLoader campaigns use multiple delivery vectorsi
BazarBackdoor TrickBot
2021-09-28ZscalerAvinash Kumar, Brett Stone-Gross
@online{kumar:20210928:squirrelwaffle:9b1cffc, author = {Avinash Kumar and Brett Stone-Gross}, title = {{Squirrelwaffle: New Loader Delivering Cobalt Strike}}, date = {2021-09-28}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/squirrelwaffle-new-loader-delivering-cobalt-strike}, language = {English}, urldate = {2021-10-11} } Squirrelwaffle: New Loader Delivering Cobalt Strike
Cobalt Strike Squirrelwaffle
2021-09-09ZscalerSudeep Singh, Sahil Antil
@online{singh:20210909:cloudfall:ee21616, author = {Sudeep Singh and Sahil Antil}, title = {{CloudFall Targets Researchers and Scientists Invited to International Military Conferences in Central Asia and Eastern Europe}}, date = {2021-09-09}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/cloudfall-targets-researchers-and-scientists-invited-international-military}, language = {English}, urldate = {2021-09-12} } CloudFall Targets Researchers and Scientists Invited to International Military Conferences in Central Asia and Eastern Europe
2021-07-28ZscalerBrett Stone-Gross
@online{stonegross:20210728:doppelpaymer:5deeffe, author = {Brett Stone-Gross}, title = {{DoppelPaymer Continues to Cause Grief Through Rebranding}}, date = {2021-07-28}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/doppelpaymer-continues-cause-grief-through-rebranding}, language = {English}, urldate = {2021-08-02} } DoppelPaymer Continues to Cause Grief Through Rebranding
DoppelPaymer
2021-07-06ZscalerZscaler
@online{zscaler:20210706:kaseya:17a776b, author = {Zscaler}, title = {{Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload}}, date = {2021-07-06}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/kaseya-supply-chain-ransomware-attack-technical-analysis-revil-payload}, language = {English}, urldate = {2021-08-02} } Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload
REvil
2021-06-24ZscalerSudeep Singh, Sahil Antil
@online{singh:20210624:demystifying:e2c5464, author = {Sudeep Singh and Sahil Antil}, title = {{Demystifying the full attack chain of MineBridge RAT}}, date = {2021-06-24}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/demystifying-full-attack-chain-minebridge-rat}, language = {English}, urldate = {2021-06-29} } Demystifying the full attack chain of MineBridge RAT
MINEBRIDGE
2021-05-05ZscalerAniruddha Dolas, Mohd Sadique, Manohar Ghule
@online{dolas:20210505:catching:ace83fc, author = {Aniruddha Dolas and Mohd Sadique and Manohar Ghule}, title = {{Catching RATs Over Custom Protocols Analysis of top non-HTTP/S threats}}, date = {2021-05-05}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/catching-rats-over-custom-protocols}, language = {English}, urldate = {2021-05-08} } Catching RATs Over Custom Protocols Analysis of top non-HTTP/S threats
Agent Tesla AsyncRAT Crimson RAT CyberGate Ghost RAT Nanocore RAT NetWire RC NjRAT Quasar RAT Remcos
2021-04-14ZscalerRohit Chaturvedi, Atinderpal Singh, Tarun Dewan
@online{chaturvedi:20210414:look:02bf1e0, author = {Rohit Chaturvedi and Atinderpal Singh and Tarun Dewan}, title = {{A look at HydroJiin campaign}}, date = {2021-04-14}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/look-hydrojiin-campaign}, language = {English}, urldate = {2021-04-16} } A look at HydroJiin campaign
NetWire RC Quasar RAT
2021-03-30ZscalerBrett Stone-Gross
@online{stonegross:20210330:ares:6bae793, author = {Brett Stone-Gross}, title = {{Ares Malware: The Grandson of the Kronos Banking Trojan}}, date = {2021-03-30}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/ares-malware-grandson-kronos-banking-trojan}, language = {English}, urldate = {2021-03-31} } Ares Malware: The Grandson of the Kronos Banking Trojan
Kronos
2021-03-23ZscalerSudeep Singh, Sahil Antil
@online{singh:20210323:lowvolume:8162a16, author = {Sudeep Singh and Sahil Antil}, title = {{Low-volume multi-stage attack leveraging AzureEdge and Shopify CDNs}}, date = {2021-03-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/low-volume-multi-stage-attack-leveraging-azureedge-and-shopify-cdns}, language = {English}, urldate = {2021-03-30} } Low-volume multi-stage attack leveraging AzureEdge and Shopify CDNs
2021-02-23ZscalerSudeep Singh, Sahil Antil
@online{singh:20210223:return:fed533a, author = {Sudeep Singh and Sahil Antil}, title = {{Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures}}, date = {2021-02-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-minebridge-rat-new-ttps-and-social-engineering-lures}, language = {English}, urldate = {2021-02-25} } Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures
MINEBRIDGE