Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-30laceworkLacework Labs
@online{labs:20210930:mirai:014ab03, author = {Lacework Labs}, title = {{Mirai goes Stealth – TLS & IoT Malware}}, date = {2021-09-30}, organization = {lacework}, url = {https://www.lacework.com/blog/mirai-goes-stealth-tls-iot-malware/}, language = {English}, urldate = {2021-10-11} } Mirai goes Stealth – TLS & IoT Malware
Mirai elf.vpnfilter
2021-09-23laceworkJared Stroud, Tom Hegel
@online{stroud:20210923:hcrootkit:5100508, author = {Jared Stroud and Tom Hegel}, title = {{HCRootkit / Sutersu Linux Rootkit Analysis}}, date = {2021-09-23}, organization = {lacework}, url = {https://www.lacework.com/blog/hcrootkit-sutersu-linux-rootkit-analysis/}, language = {English}, urldate = {2021-09-29} } HCRootkit / Sutersu Linux Rootkit Analysis
2021-09-09Lacework LabsLacework Labs
@online{labs:20210909:pysa:3115858, author = {Lacework Labs}, title = {{PYSA Ransomware Gang adds Linux Support}}, date = {2021-09-09}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/pysa-ransomware-gang-adds-linux-support/}, language = {English}, urldate = {2021-09-10} } PYSA Ransomware Gang adds Linux Support
Mespinoza
2021-09-08laceworkLacework Labs
@online{labs:20210908:muhstik:f7875d9, author = {Lacework Labs}, title = {{Muhstik Takes Aim at Confluence CVE 2021-26084}}, date = {2021-09-08}, organization = {lacework}, url = {https://www.lacework.com/blog/muhstik-takes-aim-at-confluence-cve-2021-26084/}, language = {English}, urldate = {2021-09-12} } Muhstik Takes Aim at Confluence CVE 2021-26084
Tsunami
2021-06-21laceworkTom Hegel
@online{hegel:20210621:threat:105ce11, author = {Tom Hegel}, title = {{Threat Hunting SSH Keys – Bash Script Feature Pivoting}}, date = {2021-06-21}, organization = {lacework}, url = {https://www.lacework.com/blog/threat-hunting-ssh-keys-bash-script-feature-pivoting/}, language = {English}, urldate = {2021-06-24} } Threat Hunting SSH Keys – Bash Script Feature Pivoting
2021-06-10laceworkChris Hall
@online{hall:20210610:keksec:53918f5, author = {Chris Hall}, title = {{Keksec & Tsunami-Ryuk}}, date = {2021-06-10}, organization = {lacework}, url = {https://www.lacework.com/keksec-tsunami-ryuk/}, language = {English}, urldate = {2021-06-16} } Keksec & Tsunami-Ryuk
N3Cr0m0rPh
2021-05-25laceworkLacework Labs
@online{labs:20210525:taking:101064a, author = {Lacework Labs}, title = {{Taking TeamTNT’s Docker Images Offline}}, date = {2021-05-25}, organization = {lacework}, url = {https://www.lacework.com/taking-teamtnt-docker-images-offline/}, language = {English}, urldate = {2021-06-16} } Taking TeamTNT’s Docker Images Offline
2021-05-20laceworkJared Stroud, Chris Hall, Tom Hegel
@online{stroud:20210520:8220:c309f60, author = {Jared Stroud and Chris Hall and Tom Hegel}, title = {{8220 Gangs Recent use of Custom Miner and Botnet}}, date = {2021-05-20}, organization = {lacework}, url = {https://www.lacework.com/8220-gangs-recent-use-of-custom-miner-and-botnet/}, language = {English}, urldate = {2021-05-26} } 8220 Gangs Recent use of Custom Miner and Botnet
2021-05-04Lacework LabsChris Hall
@online{hall:20210504:cpuminer:db7b10e, author = {Chris Hall}, title = {{Cpuminer & Friends}}, date = {2021-05-04}, organization = {Lacework Labs}, url = {https://www.lacework.com/cpuminer-friends/}, language = {English}, urldate = {2021-05-08} } Cpuminer & Friends
2021-04-22laceworkChris Hall, Jared Stroud
@online{hall:20210422:sysrvhello:2c8a477, author = {Chris Hall and Jared Stroud}, title = {{Sysrv-Hello Expands Infrastructure}}, date = {2021-04-22}, organization = {lacework}, url = {https://www.lacework.com/sysrv-hello-expands-infrastructure/}, language = {English}, urldate = {2021-04-29} } Sysrv-Hello Expands Infrastructure
2021-04-13laceworkTom Hegel
@online{hegel:20210413:carbine:c4dd5ef, author = {Tom Hegel}, title = {{Carbine Loader Cryptojacking Campaign}}, date = {2021-04-13}, organization = {lacework}, url = {https://www.lacework.com/carbine-loader-cryptojacking-campaign/}, language = {English}, urldate = {2021-04-20} } Carbine Loader Cryptojacking Campaign
2021-03-18Github (lacework)lacework-labs
@online{laceworklabs:20210318:dga:9b57724, author = {lacework-labs}, title = {{DGA and decoder scripts for n3cr0morph IRC malware}}, date = {2021-03-18}, organization = {Github (lacework)}, url = {https://github.com/lacework/lacework-labs/tree/master/keksec}, language = {English}, urldate = {2021-03-25} } DGA and decoder scripts for n3cr0morph IRC malware
N3Cr0m0rPh
2021-03-18laceworkChris Hall
@online{hall:20210318:kek:94c6e57, author = {Chris Hall}, title = {{The “Kek Security” Network}}, date = {2021-03-18}, organization = {lacework}, url = {https://www.lacework.com/the-kek-security-network/}, language = {English}, urldate = {2021-03-19} } The “Kek Security” Network
Kaiten N3Cr0m0rPh
2021-01-27laceworkChris Hall
@online{hall:20210127:groundhog:ba8acfe, author = {Chris Hall}, title = {{Groundhog Botnet Rapidly Infecting Cloud}}, date = {2021-01-27}, organization = {lacework}, url = {https://www.lacework.com/groundhog-botnet-rapidly-infecting-cloud/}, language = {English}, urldate = {2021-01-29} } Groundhog Botnet Rapidly Infecting Cloud
XOR DDoS
2021-01-05Lacework LabsLacework Labs
@online{labs:20210105:teamtnt:8508ba0, author = {Lacework Labs}, title = {{TeamTNT Builds Botnet from Chinese Cloud Servers}}, date = {2021-01-05}, organization = {Lacework Labs}, url = {https://www.lacework.com/teamtnt-builds-botnet-from-chinese-cloud-servers/}, language = {English}, urldate = {2021-03-12} } TeamTNT Builds Botnet from Chinese Cloud Servers
TeamTNT TNTbotinger TeamTNT
2020-11-10laceworkChris Hall
@online{hall:20201110:meet:a741348, author = {Chris Hall}, title = {{Meet Muhstik – IoT Botnet Infecting Cloud Servers}}, date = {2020-11-10}, organization = {lacework}, url = {https://www.lacework.com/meet-muhstik-iot-botnet-infecting-cloud-servers/}, language = {English}, urldate = {2020-11-12} } Meet Muhstik – IoT Botnet Infecting Cloud Servers
Tsunami
2020-10-15laceworkChris Hall
@online{hall:20201015:moobots:2aaf302, author = {Chris Hall}, title = {{Moobot's Cloud Migration}}, date = {2020-10-15}, organization = {lacework}, url = {https://www.lacework.com/moobots-cloud-migration/}, language = {English}, urldate = {2020-10-23} } Moobot's Cloud Migration