Property:Link
From Botnets.fr
Jump to navigation
Jump to search
This is a property of type
URL
.
Usage
807
previous 250
20
50
100
250
500
next 250
Filter
<p>The <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Property_page/Filter">search filter</a> allows the inclusion of <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Query_expressions">query expressions</a> such as <code>~</code> or <code>!</code>. The selected <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Query_engine">query engine</a> might also support case insensitive matching or other short expressions like:</p><ul><li><code>in:</code> result should include the term, e.g. '<code>in:Foo</code>'</li></ul><ul><li><code>not:</code> result should to not include the term, e.g. '<code>not:Bar</code>'</li></ul>
Showing 250 pages using this property.
"
"Crypto Ransomware" CTB-Locker (Critroni.A) on the rise
+
http://malware.dontneedcoffee.com/2014/07/ctb-locker.html
+
"NetTraveler is Running!" - Red Star APT attacks compromise high-profile victims
+
http://securelist.com/blog/research/35936/nettraveler-is-running-red-star-apt-attacks-compromise-high-profile-victims/
+
"njRAT" Uncovered
+
http://www.threatgeek.com/2013/06/fidelis-threat-advisory-1009-njrat-uncovered.html
+
'
'Tigger' trojan keeps security researchers hopping
+
http://www.darkreading.com/security/attacks-breaches/215800583/tigger-trojan-keeps-security-researchers-hopping.html
+
1
1940 IPs for a BHEK/ULocker server - Nexcess-Net
+
http://malware.dontneedcoffee.com/2012/09/ULockerAS36444BHEK.html
+
A
A DDoS family affair: Dirt Jumper bot family continues to evolve
+
https://asert.arbornetworks.com/a-ddos-family-affair-dirt-jumper-bot-family-continues-to-evolve/
+
A Foray into Conficker’s Logic and Rendezvous Points
+
https://www.usenix.org/legacy/events/leet09/tech/full papers/porras/porras.pdf
+
A ScarePakage variant is targeting more countries : impersonating Europol and AFP
+
http://malware.dontneedcoffee.com/2014/08/scarepackageknstant.html
+
A case study on Storm worm
+
http://static.usenix.org/event/leet08/tech/full papers/holz/holz html/
+
A chat with NGR Bot
+
http://resources.infosecinstitute.com/ngr-rootkit/
+
A new iteration of the TDSS/TDL-4 malware using DGA-based command and control
+
https://www.damballa.com/downloads/r pubs/damballa discovery brief 9 2012.pdf
+
A peek inside the Darkness (Optima) DDoS Bot
+
http://blog.webroot.com/2012/03/08/a-peek-inside-the-darkness-optima-ddos-bot/
+
A peek inside the PickPocket botnet
+
http://www.webroot.com/blog/2012/01/06/a-peek-inside-the-pickpocket-botnet/
+
A quick update on spambot Kelihos
+
http://www.abuse.ch/?p=4878
+
A study of the Ilomo / Clampi botnet
+
http://www.trendmicro.com/us/security-intelligence/research-and-analysis/index.html
+
A study on botnet detection techniques
+
http://www.ijsrp.org/research paper apr2012/ijsrp-apr-2012-113.pdf
+
APT1: technical backstage
+
http://www.malware.lu/Pro/RAP002 APT1 Technical backstage.1.0.pdf
+
AbaddonPOS: A new point of sale threat linked to Vawtrak
+
https://www.proofpoint.com/us/threat-insight/post/AbaddonPOS-A-New-Point-Of-Sale-Threat-Linked-To-Vawtrak
+
Acquisition and analysis of volatile memory from Android devices
+
http://digitalforensicssolutions.com/papers/android-memory-analysis-DI.pdf
+
Actually, my name is Duqu - Stuxnet is my middle name
+
http://stratsec.blogspot.fr/2012/03/actually-my-name-is-duqu-stuxnet-is-my.html
+
Adobe Flash Player 0-day and HackingTeam's Remote Control System
+
http://www.securelist.com/en/blog/208194112/Adobe Flash Player 0 day and HackingTeam s Remote Control System
+
Adrenalin botnet. The trend marks the Russian crimeware
+
http://evilfingers.blogspot.fr/2009/05/adrenalin-botnet-trend-marks-russian.html
+
Advancing the fight against botnets with consumer notifications
+
http://blogs.technet.com/b/security/archive/2011/12/05/advancing-the-fight-against-botnets-with-consumer-notifications.aspx
+
Aldi Bot - bka.de DDoS
+
http://www.youtube.com/watch?v=UskKFTFVLyI
+
Alina: casting a shadow on POS
+
https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina--Casting-a-Shadow-on-POS/
+
Alina: following the shadow part 1
+
https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina--Following-The-Shadow-Part-1/
+
Alina: following the shadow part 2
+
https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina--Following-The-Shadow-Part-2/
+
All-in-one malware: an overview of Sality
+
http://www.symantec.com/connect/blogs/all-one-malware-overview-sality
+
An Analysis of the iKeeB (duh) iPhone botnet (Worm)
+
http://mtc.sri.com/iPhone/
+
An advanced hybrid peer-to-peer botnet
+
http://static.usenix.org/event/hotbots07/tech/full papers/wang/wang.pdf
+
An analysis of Dorkbot’s infection vectors (part 2)
+
http://blogs.technet.com/b/mmpc/archive/2012/11/21/an-analysis-of-dorkbot-s-infection-vectors-part-2.aspx
+
An analysis of the cross-platform backdoor NetWeirdRC
+
http://www.intego.com/mac-security-blog/an-analysis-of-the-cross-platform-backdoor-netweirdrc/
+
An analysis of underground forums
+
http://cseweb.ucsd.edu/~voelker/pubs/forums-imc11.pdf
+
An encounter with trojan Nap
+
http://blog.fireeye.com/research/2013/02/an-encounter-with-trojan-nap.html
+
An evaluation of current and future botnet defences
+
http://eprints.qut.edu.au/32595/1/c32595.pdf
+
An interesting case of JRE sandbox breach (CVE-2012-0507)
+
http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
+
An overnight sensation — CoreBot returns as a full-fledged financial malware
+
https://securityintelligence.com/an-overnight-sensation-corebot-returns-as-a-full-fledged-financial-malware/
+
An overview of exploit packs
+
http://contagiodump.blogspot.it/2010/06/overview-of-exploit-packs-update.html
+
An overview of messaging botnets
+
https://blogs.mcafee.com/mcafee-labs/an-overview-of-messaging-botnets
+
Analyse de Xtreme RAT
+
http://code.google.com/p/malware-lu/wiki/en xtreme RAT
+
Analyse et poncage du botnet HerpesNet
+
https://malware.lu/articles/2012/05/21/analysis-and-pownage-of-herpesnet-botnet.html
+
Analyse of the sample cdorked.A
+
http://code.google.com/p/malware-lu/wiki/en malware cdorked A
+
Analyse statique de Duqu stage 1
+
http://code.google.com/p/malware-lu/wiki/en static analysis duqu stage 1
+
Analyse statique de Duqu stage 2
+
http://code.google.com/p/malware-lu/wiki/en static analysis duqu stage 2
+
Analysis of DarkMegi aka NpcDark
+
http://stopmalvertising.com/rootkits/analysis-of-darkmegi-aka-npcdark.html
+
Analysis of TDL4
+
http://baesystemsdetica.blogspot.fr/2012/10/analysis-of-tdl4 8570.html
+
Analysis of Ysreef (a variant of Tobfy)
+
http://code.google.com/p/malware-lu/wiki/en malware Ysreef
+
Analysis of a PlugX malware variant used for targeted attacks
+
http://www.circl.lu/pub/tr-12/
+
Analysis of a VBScript bot
+
http://research.zscaler.com/2014/01/analysis-of-vbscript-bot.html
+
Analysis of a stage 3 Miniduke malware sample
+
https://www.circl.lu/pub/tr-14/
+
Analysis of a “/0” stealth scan from a botnet
+
http://www.caida.org/publications/papers/2012/analysis slash zero/analysis slash zero.pdf
+
Analysis of functions used to encode strings in Flame (GDB script)
+
http://code.google.com/p/malware-lu/wiki/en flame analysis with script gdb
+
Analysis of ngrBot
+
http://stopmalvertising.com/rootkits/analysis-of-ngrbot.html
+
Analysis of the Finfisher lawful interception malware
+
https://community.rapid7.com/community/infosec/blog/2012/08/08/finfisher
+
Analysis of the malware of Red October - Part 1
+
http://code.google.com/p/malware-lu/wiki/en malware redoctober
+
Analysis of the malware of Red October - Part 2
+
http://code.google.com/p/malware-lu/wiki/en malware redoctober2
+
Analysis: Malware Win32/Rimecud.B
+
https://community.qualys.com/blogs/securitylabs/2011/05/09/analysis-malware-win32rimecudb
+
Analyzing a new exploit pack
+
http://www.kahusecurity.com/2012/analyzing-a-new-exploit-pack/
+
Anaru malware now live and ready to steal
+
http://www.symantec.com/connect/ko/blogs/anaru-malware-now-live-and-ready-steal
+
And real name of Magnitude is....
+
http://malware.dontneedcoffee.com/2014/02/and-real-name-of-magnitude-is.html
+
Android Marcher now marching via porn sites
+
http://research.zscaler.com/2016/03/android-marcher-now-marching-via-porn.html
+
Android RATs branch out with Dendroid
+
http://www.symantec.com/connect/ko/blogs/android-rats-branch-out-dendroid
+
Android malware pairs man-in-the-middle with remote-controlled banking trojan
+
http://blogs.mcafee.com/mcafee-labs/android-malware-pairs-man-in-the-middle-with-remote-controlled-banking-trojan
+
Android trojan used to create simple SMS spam botnet
+
http://blog.cloudmark.com/2012/12/16/android-trojan-used-to-create-simple-sms-spam-botnet/
+
Android.Bmaster: A million-dollar mobile botnet
+
http://www.symantec.com/connect/blogs/androidbmaster-million-dollar-mobile-botnet
+
Android.Counterclank found in official Android market
+
http://www.symantec.com/connect/blogs/androidcounterclank-found-official-android-market
+
Andromeda 2.7 features
+
http://blog.fortinet.com/Andromeda-2-7-Features/ blog.fortinet.com
+
Angler Exploit Kit – Operating at the Cutting Edge
+
http://community.websense.com/blogs/securitylabs/archive/2015/02/05/angler-exploit-kit-operating-at-the-cutting-edge.aspx
+
Anonymous supporters tricked into installing ZeuS trojan
+
http://www.symantec.com/connect/ko/blogs/anonymous-supporters-tricked-installing-zeus-trojan
+
Another family of DDoS bots: Avzhan
+
http://www.arbornetworks.com/asert/2010/09/another-family-of-ddos-bots-avzhan/
+
Anunak:APT against financial institutions
+
https://www.fox-it.com/en/files/2014/12/Anunak APT-against-financial-institutions2.pdf
+
Análisis del comportamiento de VOlk y sus funcionalidades
+
http://blogs.eset-la.com/laboratorio/2012/12/26/analisis-comportamiento-volk-funcionalidades/
+
Apache binary backdoors on Cpanel-based servers
+
http://blog.sucuri.net/2013/04/apache-binary-backdoors-on-cpanel-based-servers.html
+
Apple releases Java update; includes fix for vulnerability exploited by Flashback malware
+
http://www.intego.com/mac-security-blog/apple-releases-java-update-includes-fix-for-vulnerability-exploited-by-flashback-malware/
+
Apple took 3 years to fix Finfisher trojan hole
+
http://krebsonsecurity.com/2011/11/apple-took-3-years-to-fix-finfisher-trojan-hole/
+
Apple zombie malware 'NetWeird' rummages for browser and email passwords
+
http://nakedsecurity.sophos.com/2012/08/24/apple-zombie-malware-netweird-rummages-for-browser-and-email-passwords/
+
Armenian Bredolab creator jailed for computer sabotage
+
http://threatpost.com/en us/blogs/armenian-bredolab-creator-jailed-computer-sabotage-052312
+
Attack on Zygote: a new twist in the evolution of mobile threats
+
https://securelist.com/analysis/publications/74032/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats/
+
Attackers place Command and Control servers inside enterprise walls
+
http://www.securityweek.com/new-attack-method-puts-command-and-control-servers-inside-enterprise-walls
+
Attention! All data on your hardrive is encrypted
+
http://blogs.avg.com/news-threats/attention-data-hardrive-encrypted
+
AutoIT ransomware
+
http://code.google.com/p/malware-lu/wiki/en analyse autoit ransomware
+
Avalanche phishers migrate to ZeuS
+
http://www.bankinfosecurity.com/avalanche-phishers-migrate-to-zeus-a-3030
+
Avatar rootkit: the continuing saga
+
http://www.welivesecurity.com/2013/08/21/avatar-rootkit-the-continuing-saga/
+
B
Back to Stuxnet: the missing link
+
http://www.securelist.com/en/blog/208193568/Back to Stuxnet the missing link
+
Backdoor uses Evernote as command and control server
+
http://blog.trendmicro.com/trendlabs-security-intelligence/backdoor-uses-evernote-as-command-and-control-server/
+
Backdoor:Win32/Caphaw.A
+
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Caphaw.A
+
Banking trojan Dridex uses macros for infection
+
http://blog.trendmicro.com/trendlabs-security-intelligence/banking-trojan-dridex-uses-macros-for-infection/
+
BareBox: efficient malware analysis on bare-metal
+
http://www.cs.ucsb.edu/~chris/research/doc/acsac11 barebox.pdf
+
Battling the Rustock threat
+
http://go.microsoft.com/?linkid=9777259
+
Battling the Zbot threat
+
http://download.microsoft.com/download/A/2/2/A226868B-7922-4655-BF48-F11DDEE3E63C/Battling the Zbot threat.pdf
+
Behind the Captcha or Inside Blackhole Exploit Kit 2.0 - Exploit Kit Administration Panel
+
http://malware.dontneedcoffee.com/2012/09/behind-captcha-or-inside-blackhole.html
+
Bitcrypt broken
+
http://blog.cassidiancybersecurity.com/post/2014/02/Bitcrypt-broken
+
Black Dragon: "... and all will burn beneath the shadow of my wings"
+
http://malwageddon.blogspot.fr/2013/07/black-dragon-and-all-will-burn-beneath.html
+
BlackEnergy competitor – The 'Darkness' DDoS bot
+
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20101205
+
Blackhole & Cridex: season 2 episode 1: Intuit spam & SSL traffic analysis
+
http://www.deependresearch.org/2012/10/blackhole-cridex-season-2-episode-1.html
+
Blackhole Ramnit - samples and analysis
+
http://contagiodump.blogspot.com/2012/01/blackhole-ramnit-samples-and-analysis.html
+
Blackhole and Cool Exploit kits nearly extinct
+
https://threatpost.com/blackhole-and-cool-exploit-kits-nearly-extinct/103034
+
Blackhole exploit kit v2 on the rise
+
http://research.zscaler.com/2012/10/blackhole-exploit-kit-v2-on-rise.html
+
Blackhole, CVE-2012-0507 and Carberp
+
http://blog.eset.com/2012/03/30/blackhole-cve-2012-0507-and-carberp blog.eset.com
+
Bleeding Life Exploit Pack
+
http://www.kahusecurity.com/2010/bleeding-life-exploit-pack/
+
Bleeping Computer
+
http://www.bleepingcomputer.com/
+
Blueliv
+
http://www.blueliv.com
+
Bot Roast II nets 8 individuals
+
http://www.fbi.gov/news/pressrel/press-releases/bot-roast-ii-nets-8-individuals
+
Bot herders build newer versions of previous botnet Waledac
+
http://www.spamfighter.com/News-18155-Bot-Herders-Build-Newer-Versions-of-Previous-Botnet-Waledac.htm
+
Bot of the day: Ramnit/Ninmul
+
http://www.emergingthreatspro.com/bot-of-the-day/bot-of-the-day-ramnitninmul/
+
Bot shopping with my wife
+
http://pandalabs.pandasecurity.com/bot-shopping-with-my-wife/
+
BotGrep: finding P2P bots with structured graph analysis
+
http://static.usenix.org/events/sec10/tech/full papers/Nagaraja.pdf
+
BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection
+
https://www.damballa.com/downloads/a pubs/Usenix08.pdf
+
BoteAR: a “social botnet”- What are we talking about
+
https://securelist.com/blog/research/57768/botear-a-social-botnet/
+
Botnet command server hidden in Tor
+
https://blog.gdatasoftware.com/blog/article/botnet-command-server-hidden-in-tor.html
+
Botnet construction, control and concealment
+
http://www.shadowserver.org/wiki/uploads/Information/thesis botnet krogoth 2008 final.pdf
+
Botnet operation disabled
+
http://www.fbi.gov/news/stories/2011/april/botnet 041411
+
Botnet shutdown success story - again: disabling the new Hlux/Kelihos botnet
+
http://www.securelist.com/en/blog/208193431/Botnet Shutdown Success Story again Disabling the new Hlux Kelihos Botnet
+
Botnet shutdown success story: how Kaspersky Lab disabled the Hlux/Kelihos botnet
+
http://www.securelist.com/en/blog/208193137/Botnet Shutdown Success Story How Kaspersky Lab Disabled the Hlux Kelihos Botnet
+
Botnet: classification, attacks, detection, tracing, and preventive measures
+
http://www.hindawi.com/journals/wcn/2009/692654/
+
Botnets on discount!
+
http://blog.gdatasoftware.com/blog/article/botnets-on-discount.html
+
Boxer SMS trojan: malware as a global service
+
http://blog.eset.com/2012/11/29/android-boxer-a-worldwide-sms-trojan
+
Bredolab botmaster ‘Birdie’ still at large
+
http://krebsonsecurity.com/2012/03/bredolab-botmaster-birdie-still-at-large/
+
Bredolab severely injured but not dead
+
http://blog.fireeye.com/research/2010/10/bredolab-severely-injured-but-not-dead.html
+
Buh-bye Beebone! Law enforcement kills polymorphic virus-spreading botnet
+
https://nakedsecurity.sophos.com/2015/04/12/buh-bye-beebone-law-enforcement-kills-polymorphic-virus-spreading-botnet/
+
C
CTB-Locker is back: the web server edition
+
https://securelist.com/blog/research/73989/ctb-locker-is-back-the-web-server-edition/
+
CVE-2012-4681 - On its way to Sakura Exploit Kit too
+
http://malware.dontneedcoffee.com/2012/08/cve-2012-4681-on-its-way-to-sakura.html
+
CVE-2012-4681 - Redkit Exploit Kit - I want Porche Turbo
+
http://malware.dontneedcoffee.com/2012/08/cve-2012-4681-redkit-exploit-kit-i-want.html
+
CVE-2012-4681 - Связка Sweet Orange
+
http://malware.dontneedcoffee.com/2012/08/cve-2012-4681-sweet-orange.html
+
CVE-2012-5076 - Massively adopted - Blackhole update to 2.0.1
+
http://malware.dontneedcoffee.com/2012/11/cve-2012-5076-massively-adopted.html
+
CVE-2013-1493 (jre17u15 - jre16u41) integrating exploit kits
+
http://malware.dontneedcoffee.com/2013/03/cve-2013-1493-jre17u15-jre16u41.html
+
CVE-2013-2465/CVE-2013-2471/CVE-2013-2463 integrating Exploit Kits -- jre7u21 CVE- jre6u45 and earlier
+
http://malware.dontneedcoffee.com/2013/08/cve-2013-2465-integrating-exploit-kits.html
+
CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites
+
http://malware.dontneedcoffee.com/2014/02/cve-2013-5330-flash-in-unknown-exploit.html
+
CVE-2015-0311 (Flash up to 16.0.0.287) integrating Exploit Kits
+
http://malware.dontneedcoffee.com/2015/01/cve-2015-0311-flash-up-to-1600287.html
+
Carbanak/Anunak in the BlueCoat malware analysis appliance
+
https://www.bluecoat.com/security-blog/2015-02-18/carbanakanunak-bluecoat-malware-analysis-appliance
+
Carbanak: Multi-million dollar cybercrime gang focuses on banks rather than their customers
+
http://www.symantec.com/connect/blogs/carbanak-multi-million-dollar-cybercrime-gang-focuses-banks-rather-their-customers
+
Carberp + BlackHole = growing fraud incidents
+
http://blog.eset.com/2011/12/04/carberp-blackhole-growing-fraud-incidents blog.eset.com
+
Carberp - a modular information stealing trojan
+
http://pxnow.prevx.com/content/blog/carberp-a modular information stealing trojan.pdf
+
Carberp gang evolution: CARO 2012 presentation
+
http://blog.eset.com/2012/05/24/carberp-gang-evolution-at-caro-2012 blog.eset.com
+
Carberp reverse engineering
+
http://quequero.org/Carberp Reverse Engineering
+
Carberp steals e-cash vouchers from Facebook users
+
http://www.trusteer.com/blog/carberp-steals-e-cash-vouchers-facebook-users
+
Carberp, the renaissance ?
+
http://malware.dontneedcoffee.com/2012/12/carberprenaissance.html
+
Carberp-based trojan attacking SAP
+
http://blogs.technet.com/b/mmpc/archive/2013/11/20/carberp-based-trojan-attacking-sap.aspx
+
Carberp-in-the-Mobile
+
http://www.securelist.com/en/blog/208194045/Carberp in the Mobile
+
Carberp: Silent trojan, eventual successor to ZeuS
+
http://www.infospyware.net/blog/carberp-silent-trojan-eventual-successor-to-zeus/
+
Carberp: it’s not over yet
+
http://www.securelist.com/en/blog/694/Carberp its not over yet
+
Case study of the Miner botnet
+
https://ccdcoe.org/sites/default/files/multimedia/pdf/5 7 PlohmannGerhards-Padilla ACaseStudyOnTheMinerBotnet.pdf
+
Cerber Dominates Ransomware Landscape After Locky's Demise
+
https://www.bleepingcomputer.com/news/security/cerber-dominates-ransomware-landscape-after-lockys-demise/
+
Chameleon botnet grabbed $6m A MONTH from online ad-slingers
+
http://www.theregister.co.uk/2013/03/19/chameleon botnet/
+
Chapro.A source code
+
http://dustri.org/code/chapro.c
+
Chasing cybercrime: network insights of Dyre and Dridex trojan bankers
+
https://www.blueliv.com/research/chasing-the-cybercrime-network-insights-of-dyre-and-dridex-trojan-bankers-report/
+
China targets macs used by NGOs
+
http://www.f-secure.com/weblog/archives/00002334.html
+
Cimbot - A technical analysis
+
https://www.fireeye.com/blog/threat-research/2009/03/cimbot-a-technical-analysis.html
+
Citadel : le fichier de configuration
+
http://cert.lexsi.com/weblog/index.php/2012/03/12/426-citadel-le-fichier-de-configuration
+
Citadel V1.3.5.1: enter the fort’s dungeons
+
http://blogs.rsa.com/rsafarl/citadel-v1-3-5-1-enter-the-forts-dungeons/
+
Citadel ZeuS bot
+
http://cyb3rsleuth.blogspot.com/2012/01/citadel-zeus-bot.html
+
Citadel plitfi botnet report
+
http://www.cert.pl/news/6900/langswitch lang/en
+
Citadel trojan malware analysis
+
http://botnetlegalnotice.com/citadel/files/Patel Decl Ex20.pdf
+
Citadel trojan touts trouble-ticket system
+
http://krebsonsecurity.com/2012/01/citadel-trojan-touts-trouble-ticket-system/
+
Citadel: a cyber-criminal’s ultimate weapon?
+
http://blog.malwarebytes.org/intelligence/2012/11/citadel-a-cyber-criminals-ultimate-weapon/
+
Clampi/Ligats/Ilomo trojan
+
http://www.secureworks.com/research/threats/clampi-trojan/
+
Collateral damage: Microsoft hits security researchers along with Citadel
+
https://www.abuse.ch/?p=5362
+
Combatting point-of-sale malware
+
http://www2.trustwave.com/rs/trustwave/images/Special Report Combatting Point of Sale Malware.pdf
+
Conficker working group
+
http://www.confickerworkinggroup.org/
+
Conficker working group: lessons learned
+
http://www.confickerworkinggroup.org/wiki/uploads/Conficker Working Group Lessons Learned 17 June 2010 final.pdf
+
Confidential documents from Japanese politics stolen by malware
+
http://securityaffairs.co/wordpress/11529/intelligence/confidential-documents-from-japanese-politics-stolen-by-malware.html
+
Cool EK : "Hello my friend..." CVE-2012-5076
+
http://malware.dontneedcoffee.com/2012/11/cool-ek-hello-my-friend-cve-2012-5067.html
+
Cool Exploit Kit - A new Browser Exploit Pack on the Battlefield with a "Duqu" like font drop
+
http://malware.dontneedcoffee.com/2012/10/newcoolek.html
+
Cool exploit kit - URL structure
+
http://fortknoxnetworks.blogspot.fr/2012/11/cool-exploit-kit-url-structure.html
+
Coordinated DDoS attack during Russian Duma elections
+
http://blogs.law.harvard.edu/idblog/2011/12/08/coordinated-ddos-attack-during-russian-duma-elections/
+
Coreflood botnet - Detection and remediation
+
http://sempersecurus.blogspot.com/2011/04/coreflood-botnet-detection-and.html
+
Covert channels over social networks
+
http://www.sans.org/reading-room/whitepapers/threats/covert-channels-social-networks-33960
+
Cracking down on botnets
+
http://blogs.technet.com/b/microsoft blog/archive/2010/02/25/cracking-down-on-botnets.aspx
+
Cracking into the new P2P variant of Zeusbot/Spyeye
+
http://www.symantec.com/connect/blogs/cracking-new-P2P-variant-zeusbotspyeye
+
Cracking the encrypted C&C protocol of the ZeroAccess botnet
+
http://www.virusbtn.com/pdf/conference slides/2012/Morris-VB2012.pdf
+
Crisis for Windows sneaks onto virtual machines
+
http://www.symantec.com/connect/blogs/crisis-windows-sneaks-virtual-machines
+
Critroni crypto ransomware seen using Tor for command and control
+
http://threatpost.com/critroni-crypto-ransomware-seen-using-tor-for-command-and-control/107306
+
Cross-platform Frutas RAT builder and back door
+
http://www.symantec.com/connect/blogs/cross-platform-frutas-rat-builder-and-back-door
+
CryptXXX: new ransomware from the actors behind Reveton, dropping via Angler
+
https://www.proofpoint.com/us/threat-insight/post/cryptxxx-new-ransomware-actors-behind-reveton-dropping-angler
+
Crypto breakthrough shows Flame was designed by world-class scientists
+
http://arstechnica.com/security/2012/06/flame-crypto-breakthrough/
+
Crypto experts called on to crack cyberspy tool's encryption
+
http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240005480/crypto-experts-called-on-to-crack-cyberspy-tool-s-encryption.html
+
CryptoDefense and How Decrypt ransomware information guide and FAQ
+
http://www.bleepingcomputer.com/virus-removal/cryptodefense-ransomware-information
+
Cutwail drives spike in malicious HTML attachment spam
+
http://labs.m86security.com/2012/02/cutwail-drives-spike-in-malicious-html-attachment-spam/
+
Cyber gang seeks botmasters to wage massive wave of trojan attacks against U.S. banks
+
http://blogs.rsa.com/rsafarl/cyber-gang-seeks-botmasters-to-wage-massive-wave-of-trojan-attacks-against-u-s-banks/
+
D
DDoS attacks: the Zemra bot
+
http://www.symantec.com/connect/blogs/ddos-attacks-zemra-bot
+
DDoS watch: keeping an eye on Aldi Bot
+
http://ddos.arbornetworks.com/2011/10/ddos-aldi-bot/
+
DGAs and cyber-criminals: a case study
+
http://www.damballa.com/downloads/r pubs/RN DGAs-and-Cyber-Criminals-A-Case-Study.pdf (pdf)
+
DIMVA
+
http://www.dimva.org/
+
DISCLOSURE: detecting botnet command and control servers through large-scale NetFlow analysis
+
http://www.iseclab.org/papers/disclosure.pdf
+
DNS: a botnet dialect
+
http://www.slideshare.net/ffranz/rootedcon2012-dns-a-botnet-dialect-carlos-diaz-francisco-j-gomez
+
DaRK DDoSseR leads to Gh0st RAT
+
http://blog.trendmicro.com/trendlabs-security-intelligence/dark-ddosser-leads-to-gh0st-rat/
+
Damballa
+
http://www.damballa.com
+
DarkMegi rootkit - sample (distributed via Blackhole)
+
http://contagiodump.blogspot.fr/2012/04/this-is-darkmegie-rootkit-sample-kindly.html contagiodump.blogspot.fr
+
Darkmegi: this is not the Rootkit you’re looking for
+
http://blogs.mcafee.com/mcafee-labs/darkmegi-not-the-rootkit-youre-looking-for
+
Darkness DDoS bot version identification guide
+
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110127
+
De code van Dorifel nader bekeken
+
http://webwereld.nl/analyse/111452/de-code-van-dorifel-nader-bekeken.html
+
Demystifying Pobelka
+
http://foxitsecurity.files.wordpress.com/2013/01/demystifying-pobelka1.pdf
+
Department of Justice takes action to disable international botnet
+
http://www.justice.gov/opa/pr/2011/April/11-crm-466.html www.justice.gov
+
Department of Labor strategic web compromise
+
http://blog.crowdstrike.com/department-labor-strategic-web-compromise/
+
Detecting extended attributes (ZeroAccess) and other Frankenstein’s monsters with HMFT
+
http://www.hexacorn.com/blog/2013/01/25/detecting-extended-attributes-zeroaccess-and-other-frankensteins-monsters-with-hmft/
+
Detection and classification of different botnet C&C channels
+
http://www.cse.lehigh.edu/~gtan/paper/ATC2011.pdf
+
Dharma Ransomware Uses AV Tool to Distract from Malicious Activities
+
https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/
+
Digging inside Tinba malware - A walkthrough
+
http://secniche.blogspot.it/2012/06/two-weeks-back-tinba-malware-hit.html secniche.blogspot.it
+
Digging into the Nitol DDoS botnet
+
http://blogs.mcafee.com/mcafee-labs/digging-into-the-nitol-ddos-botnet
+
Dirt Jumper DDoS bot increasingly popular
+
https://asert.arbornetworks.com/dirt-jumper-ddos-bot-increasingly-popular/
+
Discerning relationships: the Mexican botnet connection
+
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp discerning-relationships mexican-botnet.pdf
+
Discovered: botnet costing display advertisers over six million dollars per month
+
http://www.spider.io/blog/2013/03/chameleon-botnet www.spider.io
+
Disorderly conduct: localized malware impersonates the police
+
http://blogs.technet.com/b/mmpc/archive/2011/12/19/disorderly-conduct-localized-malware-impersonates-the-police.aspx
+
Disttrack malware overwrites files, infects MBR
+
http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr
+
Disttrack sabotage malware wipes data at unnamed Middle East energy organization
+
http://www.securityweek.com/disttrack-sabotage-malware-wipes-data-unnamed-middle-east-energy-organization
+
Doctor Web a détecté un botnet enrôlant plus de 550 000 Mac
+
http://news.drweb.fr/?i=611&c=4&lng=fr&p=0 news.drweb.fr
+
Doctor Web exposes 550 000 strong Mac botnet
+
http://news.drweb.com/show/?i=2341
+
Domain generation algorithms (DGA) in stealthy malware
+
http://blog.damballa.com/?p=1504 blog.damballa.com
+
Dorifel crypto malware paralyzes Dutch companies and public sector
+
http://blog.emsisoft.com/2012/08/09/dorifel-crypto-malware-paralyzes-dutch-companies-and-public-sector/ blog.emsisoft.com
+
Dorifel is much bigger than expected and it’s still active and growing!
+
https://securelist.com/blog/incidents/33898/dorifel-is-much-bigger-than-expected-and-its-still-active-and-growing/
+
Dorifel virus gereed voor Nederlandse banking phishing
+
http://www.digital-investigation.eu/nieuws/14/dorifel-virus-gereed-voor-nederlandse-banking-phishing.html www.digital-investigation.eu
+
Dorifel/Quervar: the support scammer’s secret weapon
+
http://blog.eset.com/2012/08/11/dorifelquervar-the-support-scammers-secret-weapon blog.eset.com
+
Dorkbot: conquistando Latinoamérica
+
http://www.eset-la.com/pdf/prensa/informe/dorkbot conquistando latinoamerica.pdf www.eset-la.com
+
Dragonfly Threat Against Western Energy Suppliers
+
http://www.symantec.com/connect/blogs/emerging-threat-dragonfly-energetic-bear-apt-group
+
Dridex learns new trick: P2P over HTTP
+
http://securityblog.s21sec.com/2014/11/dridex-learns-new-trick-P2P-over-http.html
+
DroidLive New SMS Android Trojan
+
http://www.csc.ncsu.edu/faculty/jiang/DroidLive/
+
Duqu FAQ
+
http://www.securelist.com/en/blog/208193178/Duqu FAQ
+
Dutch users served Sinowal for lunch
+
http://blog.trendmicro.com/dutch-users-served-sinowal-for-lunch/
+
Dyre Banking Trojan
+
http://www.secureworks.com/cyber-threat-intelligence/threats/dyre-banking-trojan/
+
E
ESET Welivesecurity
+
http://www.welivesecurity.com/
+
ESET analyzes first Android file-encrypting, TOR-enabled ransomware
+
http://www.welivesecurity.com/2014/06/04/simplocker/
+
EURO Winlocker
+
http://www.xylibox.com/2012/08/euro-winlocker.html
+
Egypt Finfisher intrusion tools and ethics
+
http://www.f-secure.com/weblog/archives/00002114.html
+
Emerging attack vectors - RSA slide deck
+
http://pen-testing.sans.org/blog/2012/03/07/emerging-attack-vectors-rsa-slide-deck pen-testing.sans.org
+
Encyclopedia entry: Win32/Carberp
+
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32/Carberp
+
Encyclopedia entry: Win32/Conficker
+
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32/Conficker
+
Encyclopedia entry: Win32/Oderoor
+
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32/Oderoor
+
Equation: the Death Star of malware galaxy
+
https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/
+
Esage Lab
+
http://esagelab.com/
+
Esthost taken down - Biggest cybercriminal takedown in history
+
http://blog.trendmicro.com/?p=38093
+
Etude sur le fonctionnement du Trojan.Matsnu.1 codant les données des utilisateurs
+
http://news.drweb.fr/show/?i=641&c=8 news.drweb.fr
+
Evolution of Win32Carberp: going deeper
+
http://blog.eset.com/2011/11/21/evolution-of-win32carberp-going-deeper blog.eset.com
+
Exploring the market for stolen passwords
+
http://krebsonsecurity.com/2012/12/exploring-the-market-for-stolen-passwords/
+
F
F-Secure has discovered MiniDuke malware samples in the wild
+
http://securityaffairs.co/wordpress/23658/cyber-crime/f-secure-new-miniduke-atp.html
+
FAQ on Kelihos.B/Hlux.B sinkholing
+
http://www.honeynet.org/node/836 www.honeynet.org
+
FBI ransomware now targeting Apple’s Mac OS X users
+
http://blog.malwarebytes.org/intelligence/2013/07/fbi-ransomware-now-targeting-apples-mac-os-x-users/
+
FBI shuts down Coreflood botnet, zombies transmitting financial data
+
http://www.eweek.com/c/a/Security/FBI-Shuts-Down-Coreflood-Botnet-Zombies-Transmitting-Financial-Data-767165/
+
Fake FBI Ransomware analysis
+
http://blogs.avg.com/news-threats/fake-fbi-ransomware-analysis/
+
Fast look at Sundown EK
+
http://malware.dontneedcoffee.com/2015/06/fast-look-at-sundown-ek.html
+
Fast look at an infection by a Blackhole Exploit Kit 2.0
+
http://malware.dontneedcoffee.com/2012/09/BHEK2.0landing.html
+
Feodo - a new botnet on the rise
+
http://blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
+
Festi botnet analysis & investigation
+
http://go.eset.com/us/resources/white-papers/AVAR2012 pdf.pdf go.eset.com
+
FighterPOS: a new one-man PoS malware campaign
+
http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/fighterpos-one-man-pos-malware-campaign
+
File infector Expiro hits US, steals FTP credentials
+
http://blog.trendmicro.com/trendlabs-security-intelligence/file-infector-expiro-hits-us-steals-ftp-credentials/
+
FireEye
+
https://www.fireeye.com
+
First step in cross-platform Trojan bankers from Brazil done
+
https://securelist.com/blog/research/74051/first-step-in-cross-platform-trojan-bankers-from-brazil-done/
+
First widespread virus cross-infection
+
http://www.symantec.com/connect/blogs/first-widespread-virus-cross-infection
+
Five charged in largest hacking scheme ever prosecuted in US
+
http://www.securityweek.com/five-charged-largest-hacking-scheme-ever-prosecuted-us
+
Flame, Duqu and Stuxnet: in-depth code analysis of mssecmgr.ocx
+
http://blog.eset.com/2012/07/20/flame-in-depth-code-analysis-of-mssecmgr-ocx blog.eset.com
+
Flame: replication via Windows Update MITM proxy
+
http://www.securelist.com/en/blog/208193566/Flame Replication via Windows Update MITM proxy server
+
Navigation menu
Personal tools
Log in
Namespaces
Property
Discussion
Variants
Views
Read
View source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Upload file
Special pages
Printable version
Permanent link
Page information
Browse properties