Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-27ZscalerSudeep Singh, Sahil Antil
@online{singh:20220627:return:a09268a, author = {Sudeep Singh and Sahil Antil}, title = {{Return of the Evilnum APT with updated TTPs and new targets}}, date = {2022-06-27}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-evilnum-apt-updated-ttps-and-new-targets}, language = {English}, urldate = {2022-06-29} } Return of the Evilnum APT with updated TTPs and new targets
EVILNUM EVILNUM
2022-06-09ZscalerNiraj Shivtarkar, Avinash Kumar
@online{shivtarkar:20220609:lyceum:20cd217, author = {Niraj Shivtarkar and Avinash Kumar}, title = {{Lyceum .NET DNS Backdoor}}, date = {2022-06-09}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/lyceum-net-dns-backdoor}, language = {English}, urldate = {2022-06-10} } Lyceum .NET DNS Backdoor
Lyceum .NET DNS Backdoor
2022-05-19ZscalerSudeep Singh, Santiago Vicente, Brett Stone-Gross
@online{singh:20220519:vidar:1c68f0e, author = {Sudeep Singh and Santiago Vicente and Brett Stone-Gross}, title = {{Vidar distributed through backdoored Windows 11 downloads and abusing Telegram}}, date = {2022-05-19}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/vidar-distributed-through-backdoored-windows-11-downloads-and-abusing}, language = {English}, urldate = {2022-05-25} } Vidar distributed through backdoored Windows 11 downloads and abusing Telegram
Vidar
2022-05-03ZscalerJavier Vicente, Brett Stone-Gross
@online{vicente:20220503:analysis:ae8a3cc, author = {Javier Vicente and Brett Stone-Gross}, title = {{Analysis of BlackByte Ransomware's Go-Based Variants}}, date = {2022-05-03}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/analysis-blackbyte-ransomwares-go-based-variants}, language = {English}, urldate = {2022-05-04} } Analysis of BlackByte Ransomware's Go-Based Variants
BlackByte
2022-04-28ZscalerDennis Schwarz, Brett Stone-Gross
@online{schwarz:20220428:peeking:f8226bb, author = {Dennis Schwarz and Brett Stone-Gross}, title = {{Peeking into PrivateLoader}}, date = {2022-04-28}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/peeking-privateloader}, language = {English}, urldate = {2022-05-04} } Peeking into PrivateLoader
PrivateLoader
2022-04-27ZscalerDennis Schwarz, Brett Stone-Gross
@online{schwarz:20220427:targeted:7d4de4a, author = {Dennis Schwarz and Brett Stone-Gross}, title = {{Targeted attack on Thailand Pass customers delivers AsyncRAT}}, date = {2022-04-27}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/targeted-attack-thailand-pass-customers-delivers-asyncrat}, language = {English}, urldate = {2022-05-03} } Targeted attack on Thailand Pass customers delivers AsyncRAT
AsyncRAT
2022-04-26Zscalersandeep singh, Sahil Antil
@online{singh:20220426:naverending:3f4449c, author = {sandeep singh and Sahil Antil}, title = {{A "Naver"-ending game of Lazarus APT}}, date = {2022-04-26}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/naver-ending-game-lazarus-apt}, language = {English}, urldate = {2022-04-29} } A "Naver"-ending game of Lazarus APT
2022-04-06ZscalerAvinash Kumar, Niraj Shivtarkar
@online{kumar:20220406:ffdroider:7f5ad65, author = {Avinash Kumar and Niraj Shivtarkar}, title = {{FFDroider Stealer Targeting Social Media Platform Users}}, date = {2022-04-06}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/ffdroider-stealer-targeting-social-media-platform-users}, language = {English}, urldate = {2022-04-29} } FFDroider Stealer Targeting Social Media Platform Users
FFDroider
2022-03-30ZscalerMitesh Wani, Kaivalya Khursale
@online{wani:20220330:analysis:d8f8261, author = {Mitesh Wani and Kaivalya Khursale}, title = {{Analysis of BlackGuard - a new info stealer malware being sold in a Russian hacking forum}}, date = {2022-03-30}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/analysis-blackguard-new-info-stealer-malware-being-sold-russian-hacking}, language = {English}, urldate = {2022-03-31} } Analysis of BlackGuard - a new info stealer malware being sold in a Russian hacking forum
BlackGuard
2022-03-25ZscalerBrett Stone-Gross
@online{stonegross:20220325:conti:0d568cc, author = {Brett Stone-Gross}, title = {{Conti Ransomware Attacks Persist With an Updated Version Despite Leaks}}, date = {2022-03-25}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/conti-ransomware-attacks-persist-updated-version-despite-leaks}, language = {English}, urldate = {2022-03-28} } Conti Ransomware Attacks Persist With an Updated Version Despite Leaks
Conti
2022-03-23ZscalerRajdeepsinh Dodia
@online{dodia:20220323:midas:8b975b4, author = {Rajdeepsinh Dodia}, title = {{Midas Ransomware : Tracing the Evolution of Thanos Ransomware Variants}}, date = {2022-03-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/midas-ransomware-tracing-evolution-thanos-ransomware-variants}, language = {English}, urldate = {2022-03-25} } Midas Ransomware : Tracing the Evolution of Thanos Ransomware Variants
Hakbit Midas
2022-03-02ZscalerDennis Schwarz, Brett Stone-Gross
@online{schwarz:20220302:danabot:b734fd3, author = {Dennis Schwarz and Brett Stone-Gross}, title = {{DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense}}, date = {2022-03-02}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/danabot-launches-ddos-attack-against-ukrainian-ministry-defense}, language = {English}, urldate = {2022-03-04} } DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense
DanaBot
2022-02-25Zscaler
@online{zscaler:20220225:technical:b872b8e, author = {Zscaler}, title = {{Technical Analysis of PartyTicket Ransomware}}, date = {2022-02-25}, url = {https://www.zscaler.com/blogs/security-research/technical-analysis-partyticket-ransomware}, language = {English}, urldate = {2022-03-01} } Technical Analysis of PartyTicket Ransomware
PartyTicket
2022-02-24ZscalerDeepen Desai
@online{desai:20220224:hermeticwiper:7cac018, author = {Deepen Desai}, title = {{HermeticWiper & resurgence of targeted attacks on Ukraine}}, date = {2022-02-24}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/hermeticwiper-resurgence-targeted-attacks-ukraine}, language = {English}, urldate = {2022-03-02} } HermeticWiper & resurgence of targeted attacks on Ukraine
HermeticWiper
2022-02-17ZscalerStuti Chaturvedi, Aditya Sharma
@online{chaturvedi:20220217:freecryptoscam:340b9ec, author = {Stuti Chaturvedi and Aditya Sharma}, title = {{FreeCryptoScam - A New Cryptocurrency Scam That Leads to Installation of Backdoors and Stealers}}, date = {2022-02-17}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/freecryptoscam-new-cryptocurrency-scam-leads-installation-backdoors-and}, language = {English}, urldate = {2022-03-02} } FreeCryptoScam - A New Cryptocurrency Scam That Leads to Installation of Backdoors and Stealers
DCRat
2022-01-21ZscalerJavier Vicente, Brett Stone-Gross
@online{vicente:20220121:analysis:419182f, author = {Javier Vicente and Brett Stone-Gross}, title = {{Analysis of Xloader’s C2 Network Encryption}}, date = {2022-01-21}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/analysis-xloaders-c2-network-encryption}, language = {English}, urldate = {2022-01-25} } Analysis of Xloader’s C2 Network Encryption
Xloader Formbook
2022-01-20ZscalerSahil Antil, Sudeep Singh
@online{antil:20220120:new:2bc6613, author = {Sahil Antil and Sudeep Singh}, title = {{New espionage attack by Molerats APT targeting users in the Middle East}}, date = {2022-01-20}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/new-espionage-attack-molerats-apt-targeting-users-middle-east}, language = {English}, urldate = {2022-01-24} } New espionage attack by Molerats APT targeting users in the Middle East
Spark
2021-12-15ZscalerRubin Azad
@online{azad:20211215:threatlabz:fcf4d6c, author = {Rubin Azad}, title = {{ThreatLabz analysis - Log4Shell CVE-2021-44228 Exploit Attempts}}, date = {2021-12-15}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/threatlabz-analysis-log4shell-cve-2021-44228-exploit-attempts}, language = {English}, urldate = {2022-01-05} } ThreatLabz analysis - Log4Shell CVE-2021-44228 Exploit Attempts
Kinsing Mirai
2021-12-14ZscalerNagraj Seshadri
@online{seshadri:20211214:neutralizing:ef415fd, author = {Nagraj Seshadri}, title = {{Neutralizing Apache Log4j Exploits with Identity-Based Segmentation}}, date = {2021-12-14}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/neutralizing-apache-log4j-exploits-identity-based-segmentation}, language = {English}, urldate = {2022-01-05} } Neutralizing Apache Log4j Exploits with Identity-Based Segmentation
2021-12-13ZscalerDennis Schwarz, Avinash Kumar
@online{schwarz:20211213:return:94bdbce, author = {Dennis Schwarz and Avinash Kumar}, title = {{Return of Emotet: Malware Analysis}}, date = {2021-12-13}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/return-emotet-malware-analysis}, language = {English}, urldate = {2021-12-20} } Return of Emotet: Malware Analysis
Emotet