Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-09Twitter (@Katechondic)Katechondic
@online{katechondic:20220809:malware:2d6d764, author = {Katechondic}, title = {{Tweet on malware, suspected to be from China based actor, targeting Taiwan}}, date = {2022-08-09}, organization = {Twitter (@Katechondic)}, url = {https://twitter.com/katechondic/status/1556940169483264000}, language = {English}, urldate = {2022-09-19} } Tweet on malware, suspected to be from China based actor, targeting Taiwan
Unidentified 094
2022-03-10Twitter (@Katechondic)Katechondic
@online{katechondic:20220310:additional:5dd63e9, author = {Katechondic}, title = {{Tweet on additional computer names "desktop-g1i8n3f" & "desktop-j6llo2k", seen with Crimson RAT C2 infrastructure used by APT36}}, date = {2022-03-10}, organization = {Twitter (@Katechondic)}, url = {https://twitter.com/katechondic/status/1502206599166939137}, language = {English}, urldate = {2022-03-14} } Tweet on additional computer names "desktop-g1i8n3f" & "desktop-j6llo2k", seen with Crimson RAT C2 infrastructure used by APT36
Crimson RAT
2021-11-10RT on the RussianEkaterina Suslova, Aleksey Polyakov, Elizaveta Koroleva, Alena Goinskaya
@online{suslova:20211110:he:f915f5b, author = {Ekaterina Suslova and Aleksey Polyakov and Elizaveta Koroleva and Alena Goinskaya}, title = {{"He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime}}, date = {2021-11-10}, organization = {RT on the Russian}, url = {https://russian.rt.com/russia/article/926347-barnaulec-rozysk-fbr-kibermoshennichestvo}, language = {Russian}, urldate = {2021-11-19} } "He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime
REvil REvil
2021-07-29360 Total Securitykate
@online{kate:20210729:netfilter:27b34a6, author = {kate}, title = {{“Netfilter Rootkit II ” Continues to Hold WHQL Signatures}}, date = {2021-07-29}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/netfilter-rootkit-ii-continues-to-hold-whql-signatures/}, language = {English}, urldate = {2021-08-02} } “Netfilter Rootkit II ” Continues to Hold WHQL Signatures
NetfilterRootkit
2021-05-21360 Total Securitykate
@online{kate:20210521:darksides:fd45119, author = {kate}, title = {{DarkSide’s Targeted Ransomware Analysis Report for Critical U.S. Infrastructure}}, date = {2021-05-21}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/darksides-targeted-ransomware-analysis-report-for-critical-u-s-infrastructure-2/}, language = {English}, urldate = {2021-05-26} } DarkSide’s Targeted Ransomware Analysis Report for Critical U.S. Infrastructure
DarkSide
2021-04-02360 Total Securitykate
@online{kate:20210402:txt:1216a3c, author = {kate}, title = {{A “txt file” can steal all your secrets}}, date = {2021-04-02}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/a-txt-file-can-steal-all-your-secrets/?web_view=true}, language = {English}, urldate = {2021-04-06} } A “txt file” can steal all your secrets
Poulight Stealer
2021-02-25360 Total Securitykate
@online{kate:20210225:darkworld:c49b538, author = {kate}, title = {{DarkWorld Ransomware}}, date = {2021-02-25}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/darkworld-ransomware/}, language = {English}, urldate = {2021-02-25} } DarkWorld Ransomware
2020-11-20360kate
@online{kate:20201120:360:949bcc5, author = {kate}, title = {{360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico}}, date = {2020-11-20}, organization = {360}, url = {https://blog.360totalsecurity.com/en/360-file-less-attack-protection-intercepts-the-banker-trojan-bbtok-active-in-mexico/}, language = {English}, urldate = {2020-11-25} } 360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico
BBtok
2020-10-14360 Total Securitykate
@online{kate:20201014:secret:814bae5, author = {kate}, title = {{Secret Stealing Trojan Active in Brazil Releases the New Framework SolarSys}}, date = {2020-10-14}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/secret-stealing-trojan-active-in-brazil-releases-the-new-framework-solarsys/}, language = {English}, urldate = {2020-10-23} } Secret Stealing Trojan Active in Brazil Releases the New Framework SolarSys
2020-10-08MicrosoftMicrosoft Defender Research Team, Dinesh Venkatesan
@online{team:20201008:sophisticated:6266b40, author = {Microsoft Defender Research Team and Dinesh Venkatesan}, title = {{Sophisticated new Android malware marks the latest evolution of mobile ransomware}}, date = {2020-10-08}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/}, language = {English}, urldate = {2020-10-12} } Sophisticated new Android malware marks the latest evolution of mobile ransomware
2020-09-25360 Total Securitykate
@online{kate:20200925:aptc43:15a3501, author = {kate}, title = {{APT-C-43 steals Venezuelan military secrets to provide intelligence support for the reactionaries - HpReact campaign}}, date = {2020-09-25}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/apt-c-43-steals-venezuelan-military-secrets-to-provide-intelligence-support-for-the-reactionaries-hpreact-campaign/}, language = {English}, urldate = {2020-10-02} } APT-C-43 steals Venezuelan military secrets to provide intelligence support for the reactionaries - HpReact campaign
PyArk El Machete
2020-05-14360 Total Securitykate
@online{kate:20200514:vendetta:06e3cde, author = {kate}, title = {{Vendetta - new threat actor from Europe}}, date = {2020-05-14}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/vendetta-new-threat-actor-from-europe/}, language = {English}, urldate = {2020-05-18} } Vendetta - new threat actor from Europe
Nanocore RAT Remcos
2020-05-09360 Total Securitykate
@online{kate:20200509:clodcore:6e24986, author = {kate}, title = {{ClodCore: A malware family that delivers mining modules through cloud control}}, date = {2020-05-09}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/clodcore-a-malware-family-that-delivers-mining-modules-through-cloud-control/}, language = {English}, urldate = {2020-05-18} } ClodCore: A malware family that delivers mining modules through cloud control
2020-01-19360kate
@online{kate:20200119:bayworld:2cc2212, author = {kate}, title = {{BayWorld event, Cyber Attack Against Foreign Trade Industry}}, date = {2020-01-19}, organization = {360}, url = {https://blog.360totalsecurity.com/en/bayworld-event-cyber-attack-against-foreign-trade-industry/}, language = {English}, urldate = {2020-02-03} } BayWorld event, Cyber Attack Against Foreign Trade Industry
Azorult Formbook Nanocore RAT Revenge RAT