Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-25paloalto Networks Unit 42Mark Lim
@online{lim:20220425:defeating:3da4840, author = {Mark Lim}, title = {{Defeating BazarLoader Anti-Analysis Techniques}}, date = {2022-04-25}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/bazarloader-anti-analysis-techniques/}, language = {English}, urldate = {2022-04-29} } Defeating BazarLoader Anti-Analysis Techniques
BazarBackdoor
2022-02-25paloalto Networks Unit 42Unit 42
@online{42:20220225:spear:34925b2, author = {Unit 42}, title = {{Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot}}, date = {2022-02-25}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/ukraine-targeted-outsteel-saintbot/}, language = {English}, urldate = {2022-03-01} } Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot
Saint Bot
2022-02-24paloalto Networks Unit 42Unit 42
@online{42:20220224:sockdetour:c8b1500, author = {Unit 42}, title = {{SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors}}, date = {2022-02-24}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/sockdetour/}, language = {English}, urldate = {2022-03-10} } SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors
2021-07-06paloalto Networks Unit 42John Martineau
@online{martineau:20210706:understanding:b8b39b6, author = {John Martineau}, title = {{Understanding REvil: The Ransomware Gang Behind the Kaseya Attack}}, date = {2021-07-06}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/revil-threat-actors/}, language = {English}, urldate = {2021-07-08} } Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
Gandcrab REvil
2020-10-05paloalto Networks Unit 42Nathaniel Quist
@online{quist:20201005:blackt:d09e278, author = {Nathaniel Quist}, title = {{Black-T: New Cryptojacking Variant from TeamTnT}}, date = {2020-10-05}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/black-t-cryptojacking-variant/}, language = {English}, urldate = {2020-10-08} } Black-T: New Cryptojacking Variant from TeamTnT
2020-06-17paloalto Networks Unit 42Dominik Reichel, Esmid Idrizovic
@online{reichel:20200617:acidbox:556ade7, author = {Dominik Reichel and Esmid Idrizovic}, title = {{AcidBox: Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations}}, date = {2020-06-17}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/acidbox-rare-malware/}, language = {English}, urldate = {2020-06-18} } AcidBox: Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations
AcidBox
2020-06-03paloalto Networks Unit 42Doel Santos, Alex Hinchliffe
@online{santos:20200603:threat:0ae192e, author = {Doel Santos and Alex Hinchliffe}, title = {{Threat Assessment: Hangover Threat Group}}, date = {2020-06-03}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/threat-assessment-hangover-threat-group}, language = {English}, urldate = {2020-06-08} } Threat Assessment: Hangover Threat Group
2020-05-14paloalto Networks Unit 42Ruchna Nigam
@online{nigam:20200514:mirai:65d9d83, author = {Ruchna Nigam}, title = {{Mirai and Hoaxcalls Botnets Target Legacy Symantec Web Gateways}}, date = {2020-05-14}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/hoaxcalls-mirai-target-legacy-symantec-web-gateways/}, language = {English}, urldate = {2020-05-18} } Mirai and Hoaxcalls Botnets Target Legacy Symantec Web Gateways
Bashlite Mirai
2018-12-18paloalto Networks Unit 42Robert Falcone
@online{falcone:20181218:sofacy:3573b82, author = {Robert Falcone}, title = {{Sofacy Creates New ‘Go’ Variant of Zebrocy Tool}}, date = {2018-12-18}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/sofacy-creates-new-go-variant-of-zebrocy-tool/}, language = {English}, urldate = {2020-01-07} } Sofacy Creates New ‘Go’ Variant of Zebrocy Tool
Zebrocy
2015-07-20paloalto Networks Unit 42Bryan Lee, Josh Grunzweig
@online{lee:20150720:watering:0a84edb, author = {Bryan Lee and Josh Grunzweig}, title = {{Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor}}, date = {2015-07-20}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/watering-hole-attack-on-aerospace-firm-exploits-cve-2015-5122-to-install-isspace-backdoor/}, language = {English}, urldate = {2020-02-13} } Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor
IsSpace