Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-07ESET ResearchVladislav Hrčka
@online{hrka:20211007:fontonlake:03cadd5, author = {Vladislav Hrčka}, title = {{FontOnLake: Previously unknown malware family targeting Linux}}, date = {2021-10-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/}, language = {English}, urldate = {2021-10-11} } FontOnLake: Previously unknown malware family targeting Linux
FontOnLake
2021-09-16Twitter (@GossiTheDog)Kevin Beaumont
@online{beaumont:20210916:some:550bbaa, author = {Kevin Beaumont}, title = {{Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell}}, date = {2021-09-16}, organization = {Twitter (@GossiTheDog)}, url = {https://twitter.com/GossiTheDog/status/1438500100238577670}, language = {English}, urldate = {2021-09-20} } Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot
2021-09-01FireEyeAdrien Bataille, Blaine Stancill
@online{bataille:20210901:too:5f62b52, author = {Adrien Bataille and Blaine Stancill}, title = {{Too Log; Didn't Read — Unknown Actor Using CLFS Log Files for Stealth}}, date = {2021-09-01}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/09/unknown-actor-using-clfs-log-files-for-stealth.html}, language = {English}, urldate = {2021-09-02} } Too Log; Didn't Read — Unknown Actor Using CLFS Log Files for Stealth
PRIVATELOG STASHLOG
2021-07-29KasperskyKaspersky
@online{kaspersky:20210729:ghostemperor:c9ddfe4, author = {Kaspersky}, title = {{GhostEmperor: Chinese-speaking APT targets high-profile victims using unknown rootkit}}, date = {2021-07-29}, organization = {Kaspersky}, url = {https://www.kaspersky.com/about/press-releases/2021_ghostemperor-chinese-speaking-apt-targets-high-profile-victims-using-unknown-rootkit}, language = {English}, urldate = {2021-10-07} } GhostEmperor: Chinese-speaking APT targets high-profile victims using unknown rootkit
GhostEmperor
2021-06-29Twitter (@IntezerLabs)Intezer
@online{intezer:20210629:unknown:1f1f2d3, author = {Intezer}, title = {{Tweet on unknown elf backdoor based on an open source remote shell named "amcsh"}}, date = {2021-06-29}, organization = {Twitter (@IntezerLabs)}, url = {https://twitter.com/IntezerLabs/status/1409844721992749059}, language = {English}, urldate = {2021-08-11} } Tweet on unknown elf backdoor based on an open source remote shell named "amcsh"
BioSet
2021-06-24fumik0 blogfumik0
@online{fumik0:20210624:lu0bot:9b9e569, author = {fumik0}, title = {{Lu0bot – An unknown NodeJS malware using UDP}}, date = {2021-06-24}, organization = {fumik0 blog}, url = {https://fumik0.com/2021/06/24/lu0bot-an-unknown-nodejs-malware-using-udp/}, language = {English}, urldate = {2021-06-25} } Lu0bot – An unknown NodeJS malware using UDP
2021-06-02Check Point ResearchCheck Point Research
@online{research:20210602:sharppanda:5a21952, author = {Check Point Research}, title = {{SharpPanda: Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor}}, date = {2021-06-02}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/}, language = {English}, urldate = {2021-06-04} } SharpPanda: Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor
2021-03-26AccentureEric Welling, Jeff Beley, Ryan Leininger
@online{welling:20210326:its:33085a3, author = {Eric Welling and Jeff Beley and Ryan Leininger}, title = {{It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims}}, date = {2021-03-26}, organization = {Accenture}, url = {https://www.accenture.com/us-en/blogs/cyber-defense/unknown-threat-group-using-hades-ransomware}, language = {English}, urldate = {2021-03-30} } It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims
Hades
2021-03-16The RecordDmitry Smilyanets
@online{smilyanets:20210316:i:cf06d4f, author = {Dmitry Smilyanets}, title = {{‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown}}, date = {2021-03-16}, organization = {The Record}, url = {https://therecord.media/i-scrounged-through-the-trash-heaps-now-im-a-millionaire-an-interview-with-revils-unknown/}, language = {English}, urldate = {2021-03-19} } ‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown
REvil
2021-03-04FlashpointFlashpoint
@online{flashpoint:20210304:breaking:f6dfffc, author = {Flashpoint}, title = {{Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker}}, date = {2021-03-04}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/breelite-cybercrime-forum-maza-breached-by-unknown-attacker/}, language = {English}, urldate = {2021-03-04} } Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker
2021-02-22Check Point ResearchEyal Itkin, Itay Cohen
@online{itkin:20210222:story:6f59f06, author = {Eyal Itkin and Itay Cohen}, title = {{The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day}}, date = {2021-02-22}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/the-story-of-jian/}, language = {English}, urldate = {2021-02-25} } The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day
2021-02-22Check Point ResearchEyal Itkin, Itay Cohen
@online{itkin:20210222:story:a3a3da9, author = {Eyal Itkin and Itay Cohen}, title = {{The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day}}, date = {2021-02-22}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/the-story-of-jian}, language = {English}, urldate = {2021-07-22} } The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day
APT31
2020-09-04KrabsOnSecurityMr. Krabs
@online{krabs:20200904:bitrat:bd0d3cd, author = {Mr. Krabs}, title = {{BitRAT pt. 2: Hidden Browser, SOCKS5 proxy, and UnknownProducts Unmasked}}, date = {2020-09-04}, organization = {KrabsOnSecurity}, url = {https://krabsonsecurity.com/2020/09/04/bitrat-pt-2-hidden-browser-socks5-proxy-and-unknownproducts-unmasked/}, language = {English}, urldate = {2020-09-05} } BitRAT pt. 2: Hidden Browser, SOCKS5 proxy, and UnknownProducts Unmasked
BitRAT WebMonitor RAT
2020-07-29FireEyeLee Foster, Sam Riddell, David Mainor, Gabby Roncone
@online{foster:20200729:ghostwriter:0d042f4, author = {Lee Foster and Sam Riddell and David Mainor and Gabby Roncone}, title = {{'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests}}, date = {2020-07-29}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/07/ghostwriter-influence-campaign.html}, language = {English}, urldate = {2021-04-06} } 'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests
Ghostwriter
2020-07-29MandiantMandiant
@techreport{mandiant:20200729:ghostwriter:c81a10a, author = {Mandiant}, title = {{‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests}}, date = {2020-07-29}, institution = {Mandiant}, url = {https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/Ghostwriter-Influence-Campaign.pdf}, language = {English}, urldate = {2020-07-30} } ‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests
2020-06-25AnomaliParthiban Rajendran, Gage Mele
@online{rajendran:20200625:unknown:33474d3, author = {Parthiban Rajendran and Gage Mele}, title = {{Unknown China-Based APT Targeting Myanmarese Entities}}, date = {2020-06-25}, organization = {Anomali}, url = {https://www.anomali.com/blog/unknown-china-based-apt-targeting-myanmarese-entities}, language = {English}, urldate = {2020-06-29} } Unknown China-Based APT Targeting Myanmarese Entities
2020-03-08unknown
@online{unknown:20200308:girlscr:b70e320, author = {unknown}, title = {{Girl.scr}}, date = {2020-03-08}, url = {https://www.dropbox.com/s/f4uulu2rhyj4leb/Girl.scr_malware_report.pdf?dl=0}, language = {English}, urldate = {2020-04-01} } Girl.scr
Erica Ransomware
2020-03-05secrssunknown
@online{unknown:20200305:vietnam:b7c4ae2, author = {unknown}, title = {{Vietnam National Background APT organization "Sea Lotus" used the topic of the epidemic to attack our government agencies}}, date = {2020-03-05}, organization = {secrss}, url = {https://www.secrss.com/articles/17900}, language = {Chinese}, urldate = {2020-04-26} } Vietnam National Background APT organization "Sea Lotus" used the topic of the epidemic to attack our government agencies
METALJACK
2020-03-02IT Klinikaunknown
@online{unknown:20200302:panja:709f641, author = {unknown}, title = {{Pažnja: Novi opasni ransomware pwndLocker i u Srbiji!}}, date = {2020-03-02}, organization = {IT Klinika}, url = {https://www.it-klinika.rs/blog/paznja-novi-opasni-ransomware-pwndlocker-i-u-srbiji}, language = {Serbo-Croatian}, urldate = {2020-03-03} } Pažnja: Novi opasni ransomware pwndLocker i u Srbiji!
PwndLocker
2019-02-26Palo Alto Networks Unit 42Alex Hinchliffe, Mike Harbison
@online{hinchliffe:20190226:farseer:62554e3, author = {Alex Hinchliffe and Mike Harbison}, title = {{Farseer: Previously Unknown Malware Family bolsters the Chinese armoury}}, date = {2019-02-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/farseer-previously-unknown-malware-family-bolsters-the-chinese-armoury/}, language = {English}, urldate = {2020-01-08} } Farseer: Previously Unknown Malware Family bolsters the Chinese armoury
Farseer