Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-07Lacework LabsChris Hall
@online{hall:20220607:kinsing:8e96c1f, author = {Chris Hall}, title = {{Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134}}, date = {2022-06-07}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/}, language = {English}, urldate = {2022-06-15} } Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134
Dark Kinsing
2022-05-12Lacework LabsChris Hall, Jared Stroud
@online{hall:20220512:malware:ff2f6a5, author = {Chris Hall and Jared Stroud}, title = {{Malware targeting latest F5 vulnerability}}, date = {2022-05-12}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/malware-targeting-latest-f5-vulnerability/}, language = {English}, urldate = {2022-05-17} } Malware targeting latest F5 vulnerability
Mirai
2021-12-02laceworkLacework Labs
@online{labs:20211202:abc:84ea824, author = {Lacework Labs}, title = {{ABC Botnet Attacks on the Rise}}, date = {2021-12-02}, organization = {lacework}, url = {https://www.lacework.com/blog/abc-botnet-attacks-on-the-rise/}, language = {English}, urldate = {2021-12-06} } ABC Botnet Attacks on the Rise
Abcbot
2021-10-25laceworkLacework Labs
@online{labs:20211025:teamtnt:61b4157, author = {Lacework Labs}, title = {{TeamTNT Continues to Target Exposed Docker API}}, date = {2021-10-25}, organization = {lacework}, url = {https://www.lacework.com/blog/teamtnt-continues-to-target-exposed-docker-api/}, language = {English}, urldate = {2021-11-03} } TeamTNT Continues to Target Exposed Docker API
2021-10-13laceworkLacework Labs
@online{labs:20211013:spytech:1e11e26, author = {Lacework Labs}, title = {{“Spytech Necro” – Keksec’s Latest Python Malware}}, date = {2021-10-13}, organization = {lacework}, url = {https://www.lacework.com/blog/spytech-necro-keksecs-latest-python-malware/}, language = {English}, urldate = {2021-10-25} } “Spytech Necro” – Keksec’s Latest Python Malware
N3Cr0m0rPh
2021-09-30laceworkLacework Labs
@online{labs:20210930:mirai:014ab03, author = {Lacework Labs}, title = {{Mirai goes Stealth – TLS & IoT Malware}}, date = {2021-09-30}, organization = {lacework}, url = {https://www.lacework.com/blog/mirai-goes-stealth-tls-iot-malware/}, language = {English}, urldate = {2021-10-11} } Mirai goes Stealth – TLS & IoT Malware
Mirai VPNFilter
2021-09-23laceworkJared Stroud, Tom Hegel
@online{stroud:20210923:hcrootkit:5100508, author = {Jared Stroud and Tom Hegel}, title = {{HCRootkit / Sutersu Linux Rootkit Analysis}}, date = {2021-09-23}, organization = {lacework}, url = {https://www.lacework.com/blog/hcrootkit-sutersu-linux-rootkit-analysis/}, language = {English}, urldate = {2021-09-29} } HCRootkit / Sutersu Linux Rootkit Analysis
2021-09-09Lacework LabsLacework Labs
@online{labs:20210909:pysa:3115858, author = {Lacework Labs}, title = {{PYSA Ransomware Gang adds Linux Support}}, date = {2021-09-09}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/pysa-ransomware-gang-adds-linux-support/}, language = {English}, urldate = {2021-09-10} } PYSA Ransomware Gang adds Linux Support
Mespinoza
2021-09-08laceworkLacework Labs
@online{labs:20210908:muhstik:f7875d9, author = {Lacework Labs}, title = {{Muhstik Takes Aim at Confluence CVE 2021-26084}}, date = {2021-09-08}, organization = {lacework}, url = {https://www.lacework.com/blog/muhstik-takes-aim-at-confluence-cve-2021-26084/}, language = {English}, urldate = {2021-09-12} } Muhstik Takes Aim at Confluence CVE 2021-26084
Tsunami
2021-06-21laceworkTom Hegel
@online{hegel:20210621:threat:105ce11, author = {Tom Hegel}, title = {{Threat Hunting SSH Keys – Bash Script Feature Pivoting}}, date = {2021-06-21}, organization = {lacework}, url = {https://www.lacework.com/blog/threat-hunting-ssh-keys-bash-script-feature-pivoting/}, language = {English}, urldate = {2021-06-24} } Threat Hunting SSH Keys – Bash Script Feature Pivoting
2021-06-10laceworkChris Hall
@online{hall:20210610:keksec:53918f5, author = {Chris Hall}, title = {{Keksec & Tsunami-Ryuk}}, date = {2021-06-10}, organization = {lacework}, url = {https://www.lacework.com/keksec-tsunami-ryuk/}, language = {English}, urldate = {2021-06-16} } Keksec & Tsunami-Ryuk
N3Cr0m0rPh
2021-05-25laceworkLacework Labs
@online{labs:20210525:taking:101064a, author = {Lacework Labs}, title = {{Taking TeamTNT’s Docker Images Offline}}, date = {2021-05-25}, organization = {lacework}, url = {https://www.lacework.com/taking-teamtnt-docker-images-offline/}, language = {English}, urldate = {2021-06-16} } Taking TeamTNT’s Docker Images Offline
2021-05-20laceworkJared Stroud, Chris Hall, Tom Hegel
@online{stroud:20210520:8220:c309f60, author = {Jared Stroud and Chris Hall and Tom Hegel}, title = {{8220 Gangs Recent use of Custom Miner and Botnet}}, date = {2021-05-20}, organization = {lacework}, url = {https://www.lacework.com/8220-gangs-recent-use-of-custom-miner-and-botnet/}, language = {English}, urldate = {2021-05-26} } 8220 Gangs Recent use of Custom Miner and Botnet
2021-05-04Lacework LabsChris Hall
@online{hall:20210504:cpuminer:db7b10e, author = {Chris Hall}, title = {{Cpuminer & Friends}}, date = {2021-05-04}, organization = {Lacework Labs}, url = {https://www.lacework.com/cpuminer-friends/}, language = {English}, urldate = {2021-05-08} } Cpuminer & Friends
2021-04-22Lacework Labs
@online{labs:20210422:sysrvhello:0caeeb1, author = {Lacework Labs}, title = {{Sysrv-Hello Expands Infrastructure}}, date = {2021-04-22}, url = {https://www.lacework.com/blog/sysrv-hello-expands-infrastructure/}, language = {English}, urldate = {2022-05-31} } Sysrv-Hello Expands Infrastructure
Sysrv-hello
2021-04-22laceworkChris Hall, Jared Stroud
@online{hall:20210422:sysrvhello:2c8a477, author = {Chris Hall and Jared Stroud}, title = {{Sysrv-Hello Expands Infrastructure}}, date = {2021-04-22}, organization = {lacework}, url = {https://www.lacework.com/sysrv-hello-expands-infrastructure/}, language = {English}, urldate = {2022-05-25} } Sysrv-Hello Expands Infrastructure
Sysrv-hello
2021-04-13laceworkTom Hegel
@online{hegel:20210413:carbine:c4dd5ef, author = {Tom Hegel}, title = {{Carbine Loader Cryptojacking Campaign}}, date = {2021-04-13}, organization = {lacework}, url = {https://www.lacework.com/carbine-loader-cryptojacking-campaign/}, language = {English}, urldate = {2021-04-20} } Carbine Loader Cryptojacking Campaign
2021-03-18Github (lacework)lacework-labs
@online{laceworklabs:20210318:dga:9b57724, author = {lacework-labs}, title = {{DGA and decoder scripts for n3cr0morph IRC malware}}, date = {2021-03-18}, organization = {Github (lacework)}, url = {https://github.com/lacework/lacework-labs/tree/master/keksec}, language = {English}, urldate = {2021-03-25} } DGA and decoder scripts for n3cr0morph IRC malware
N3Cr0m0rPh
2021-03-18laceworkChris Hall
@online{hall:20210318:kek:94c6e57, author = {Chris Hall}, title = {{The “Kek Security” Network}}, date = {2021-03-18}, organization = {lacework}, url = {https://www.lacework.com/the-kek-security-network/}, language = {English}, urldate = {2021-03-19} } The “Kek Security” Network
Kaiten N3Cr0m0rPh
2021-01-27laceworkChris Hall
@online{hall:20210127:groundhog:ba8acfe, author = {Chris Hall}, title = {{Groundhog Botnet Rapidly Infecting Cloud}}, date = {2021-01-27}, organization = {lacework}, url = {https://www.lacework.com/groundhog-botnet-rapidly-infecting-cloud/}, language = {English}, urldate = {2021-01-29} } Groundhog Botnet Rapidly Infecting Cloud
XOR DDoS