Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-15paloalto Netoworks: Unit42Kristopher Russo, Austin Dever, Amer Elsad
@online{russo:20230915:threat:8dd4390, author = {Kristopher Russo and Austin Dever and Amer Elsad}, title = {{Threat Group Assessment: Muddled Libra}}, date = {2023-09-15}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/muddled-libra/}, language = {English}, urldate = {2023-10-10} } Threat Group Assessment: Muddled Libra
2023-07-20paloalto Netoworks: Unit42Lior Rochberger, Shimi Cohen
@online{rochberger:20230720:threat:eaf1994, author = {Lior Rochberger and Shimi Cohen}, title = {{Threat Group Assessment: Mallox Ransomware}}, date = {2023-07-20}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/mallox-ransomware/}, language = {English}, urldate = {2023-07-24} } Threat Group Assessment: Mallox Ransomware
TargetCompany
2023-05-09paloalto Netoworks: Unit42Doel Santos, Daniel Bunce, Anthony Galiette
@online{santos:20230509:threat:c231c7f, author = {Doel Santos and Daniel Bunce and Anthony Galiette}, title = {{Threat Assessment: Royal Ransomware}}, date = {2023-05-09}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/royal-ransomware/}, language = {English}, urldate = {2023-05-10} } Threat Assessment: Royal Ransomware
Royal Ransom Royal Ransom
2022-11-03paloalto Netoworks: Unit42Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu, Siddhart Shibiraj
@online{sangvikar:20221103:cobalt:9a81f6f, author = {Durgesh Sangvikar and Chris Navarrete and Matthew Tennis and Yanhui Jia and Yu Fu and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild}}, date = {2022-11-03}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-team-server/}, language = {English}, urldate = {2022-11-03} } Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
Cobalt Strike
2022-10-31paloalto Netoworks: Unit42Or Chechik
@online{chechik:20221031:banking:c421ac8, author = {Or Chechik}, title = {{Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure}}, date = {2022-10-31}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/banking-trojan-techniques/}, language = {English}, urldate = {2022-10-31} } Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Dridex Kronos TrickBot Zeus
2022-03-24paloalto Netoworks: Unit42Unit42
@online{unit42:20220324:threat:8b3586f, author = {Unit42}, title = {{Threat Brief: Lapsus$ Group}}, date = {2022-03-24}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/lapsus-group/}, language = {English}, urldate = {2022-03-25} } Threat Brief: Lapsus$ Group
RedLine Stealer
2022-03-16paloalto Netoworks: Unit42Chris Navarrete, Durgesh Sangvikar, Andrew Guan, Yu Fu, Yanhui Jia, Siddhart Shibiraj
@online{navarrete:20220316:cobalt:015f5df, author = {Chris Navarrete and Durgesh Sangvikar and Andrew Guan and Yu Fu and Yanhui Jia and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect}}, date = {2022-03-16}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-malleable-c2-profile/}, language = {English}, urldate = {2022-03-18} } Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect
Cobalt Strike
2021-10-18paloalto Netoworks: Unit42Brad Duncan
@online{duncan:20211018:case:bdd95ff, author = {Brad Duncan}, title = {{Case Study: From BazarLoader to Network Reconnaissance}}, date = {2021-10-18}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/bazarloader-network-reconnaissance/}, language = {English}, urldate = {2021-10-22} } Case Study: From BazarLoader to Network Reconnaissance
BazarBackdoor Cobalt Strike
2021-08-10paloalto Netoworks: Unit42Ruchna Nigam, Haozhe Zhang, Zhibin Zhang
@online{nigam:20210810:new:ee88c46, author = {Ruchna Nigam and Haozhe Zhang and Zhibin Zhang}, title = {{New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices}}, date = {2021-08-10}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/ech0raix-ransomware-soho/}, language = {English}, urldate = {2021-08-20} } New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices
QNAPCrypt
2020-09-23paloalto Netoworks: Unit42Brad Duncan
@online{duncan:20200923:case:078ee7f, author = {Brad Duncan}, title = {{Case Study: Emotet Thread Hijacking, an Email Attack Technique}}, date = {2020-09-23}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/emotet-thread-hijacking/}, language = {English}, urldate = {2022-11-28} } Case Study: Emotet Thread Hijacking, an Email Attack Technique
Emotet
2019-01-08paloalto Netoworks: Unit42Robert Falcone, Bryan Lee
@online{falcone:20190108:darkhydrus:3996fa4, author = {Robert Falcone and Bryan Lee}, title = {{DarkHydrus delivers new Trojan that can use Google Drive for C2 communications}}, date = {2019-01-08}, organization = {paloalto Netoworks: Unit42}, url = {https://unit42.paloaltonetworks.com/darkhydrus-delivers-new-trojan-that-can-use-google-drive-for-c2-communications/}, language = {English}, urldate = {2020-01-07} } DarkHydrus delivers new Trojan that can use Google Drive for C2 communications
RogueRobinNET DarkHydrus