Property:Link

From Botnets.fr

Jump to navigation Jump to search

This is a property of type URL.

Usage807

previous 250 20 50 100 250 500 next 250

Filter<p>The <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Property_page/Filter">search filter</a> allows the inclusion of <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Query_expressions">query expressions</a> such as <code>~</code> or <code>!</code>. The selected <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Query_engine">query engine</a> might also support case insensitive matching or other short expressions like:</p><ul><li><code>in:</code> result should include the term, e.g. '<code>in:Foo</code>'</li></ul><ul><li><code>not:</code> result should to not include the term, e.g. '<code>not:Bar</code>'</li></ul>

Showing 250 pages using this property.

F

Flamer analysis: framework reconstruction +

http://blog.eset.com/2012/08/02/flamer-analysis-framework-reconstruction blog.eset.com +

Flamer: highly sophisticated and discreet threat targets the Middle East +

http://www.symantec.com/connect/blogs/flamer-highly-sophisticated-and-discreet-threat-targets-middle-east +

Flamer: urgent suicide +

http://www.symantec.com/connect/blogs/flamer-urgent-suicide +

Flashfake Mac OS X botnet confirmed +

http://www.securelist.com/en/blog/208193441/Flashfake Mac OS X botnet confirmed +

Fortiguard: Android/Stiniter.A!tr +

http://www.fortiguard.com/av/VID3677621 www.fortiguard.com +

https://www.fox-it.com/ +

From Georgia, with love Win32/Georbot +

http://blog.eset.com/wp-content/media files/ESET win32georbot analysis final.pdf blog.est.com (pdf) +

From Sakura to Reveton via Smoke Bot - or a botnet distribution of Reveton +

http://malware.dontneedcoffee.com/2012/09/from-sakura-to-reveton-via-smoke-bot-or.html +

Full analysis of Flame's Command & Control servers +

http://www.securelist.com/en/blog/750/Full Analysis of Flame s Command Control servers +

Full analysis of Flame's command & control servers +

https://www.securelist.com/en/blog/750/Full Analysis of Flame s Command Control servers +

G

Gamarue dropping Lethic bot +

http://research.zscaler.com/2015/06/gamarue-dropping-lethic-bot.html +

GandCrab ransomware distributed by RIG and GrandSoft exploit kits +

https://blog.malwarebytes.com/threat-analysis/2018/01/gandcrab-ransomware-distributed-by-rig-and-grandsoft-exploit-kits/ +

Gangstaservice Winlock Affiliate +

http://www.xylibox.com/2012/08/gangstaservice-winlock-affiliate.html +

Gauss: Nation-state cyber-surveillance meets banking Trojan +

http://www.securelist.com/en/blog/208193767/Gauss Nation state cyber surveillance meets banking Trojan +

Gauss: abnormal distribution +

http://www.securelist.com/en/analysis/204792238/Gauss Abnormal Distribution +

Get gamed and rue the day... +

http://blogs.technet.com/b/mmpc/archive/2011/10/25/get-gamed-and-rue-the-day.aspx +

Getting more "personal" & deeper into Cridex with parfeit credential stealer infection +

http://malwaremustdie.blogspot.jp/2012/12/get-more-personal-deeper-into-cridex.html malwaremustdie.blogspot.jp +

Gimemo finally targeting USA with Camera Feature too +

http://malware.dontneedcoffee.com/2012/07/gimemocameraUSA.html +

Gimemo wants to play in the big league +

http://malware.dontneedcoffee.com/2012/05/gimemo-wants-to-play-in-big-league.html +

GingerMaster Android Malware Utilizing A Root Exploit +

http://www.csc.ncsu.edu/faculty/jiang/GingerMaster/ +

Going solo: self-propagating ZBOT malware spotted +

http://blog.trendmicro.com/trendlabs-security-intelligence/going-solo-self-propagating-zbot-malware-spotted/ +

Google Groups trojan +

http://www.symantec.com/connect/blogs/google-groups-trojan +

Got malware? Rent an exploit service +

https://blog.damballa.com/archives/1893 blog.damballa.com +

Gumblar Google-poisoning attack morphs +

http://www.theregister.co.uk/2009/05/19/gumblar google poisoning update/ +

Guys behind Gauss and Flame are the same +

http://blog.fireeye.com/research/2012/08/guys-behind-gauss-and-flame-are-the-same.html +

H

HARMUR: storing and analyzing historic data on malicious domains +

http://www.cs.bham.ac.uk/~covam/publications/badgers2011harmur.html www.cs.bham.ac.uk +

HTran and the Advanced Persistent Threat +

http://www.secureworks.com/cyber-threat-intelligence/threats/htran/ +

https://www.hackread.com +

Hackers are increasingly targeting IoT Devices with Mirai DDoS Malware +

https://www.hackread.com/iot-devices-with-mirai-ddos-malware/ +

Hammertoss: stealthy tactics define a Russian cyber threat group +

https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf +

Harnig botnet: a retreating army +

https://www.fireeye.com/blog/threat-research/2011/03/a-retreating-army.html +

Harnig is back +

https://www.fireeye.com/blog/threat-research/2011/08/harnig-is-back.html +

Harvesting data on the Xarvester botmaster +

http://krebsonsecurity.com/2012/08/harvesting-data-on-the-xarvester-botmaster/ +

Have we seen the end of the ZeroAccess botnet? +

http://nakedsecurity.sophos.com/2014/01/07/have-we-seen-the-end-of-the-zeroaccess-botnet/ +

Hello Neutrino ! (just one more Exploit Kit) +

http://malware.dontneedcoffee.com/2013/03/hello-neutrino-just-one-more-exploit-kit.html +

Herpes botnet +

http://xylibox.blogspot.fr/2011/12/herpes-botnet.html xylibox.blogspot.fr +

HerpesNet botnet 1.7 +

http://toolzware.com/theblog/herpesnet-botnet-1-7/ toolzware.com +

Hesperbot – A new, advanced banking trojan in the wild +

http://www.eset.com/us/resources/white-papers/Hesperbot Whitepaper.pdf +

Hiding in plain sight: the FAKEM remote access trojan +

http://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-sight-the-fakem-remote-access-trojan/ +

Hiloti: the (bot)master of disguise +

http://blog.fortinet.com/hiloti-the-botmaster-of-disguise/ blog.fortinet.com +

Hodprot: hot to bot +

http://go.eset.com/us/resources/white-papers/Hodprot-Report.pdf go.eset.com (PDF) +

How Lockergoga took down Hydro — ransomware used in targeted attacks aimed at big business +

https://doublepulsar.com/how-lockergoga-took-down-hydro-ransomware-used-in-targeted-attacks-aimed-at-big-business-c666551f5880 +

How to steal a Botnet and what can happen when you do +

http://www.youtube.com/watch?v=2GdqoQJa6r4 Youtube +

Hébergeurs malhonnêtes : nouvelle fermeture (3FN) +

http://blog.crimenumerique.fr/2009/06/06/hebergeurs-malhonnetes-nouvelle-fermeture-3fn/ +

I

IRC bot for Android +

http://www.securelist.com/en/blog/208193332/IRC bot for Android +

IcoScript: using webmail to control malware +

https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript +

Illuminating the Etumbot APT backdoor +

http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ +

Infamous Skynet botnet author allegedly arrested +

http://www.malwaretech.com/2013/12/infamous-skynet-botnet-author-allegedly.html +

Inside Andromeda Bot v2.06 Webpanel / AKA Gamarue - Botnet Control Panel +

http://malware.dontneedcoffee.com/2012/07/inside-andromeda-bot-v206-webpanel-aka.html +

Inside Blackhole Exploits Kit v1.2.4 - Exploit Kit Control Panel +

http://malware.dontneedcoffee.com/2012/07/inside-blackhole-exploits-kit-v124.html +

Inside Carberp botnet +

http://malwareint.blogspot.com/2011/02/inside-carberp-botnet.html +

Inside Citadel 1.3.4.5 C&C & Builder - Botnet Control Panel +

http://malware.dontneedcoffee.com/2012/07/inside-citadel-1.3.4.5-cncNbuilder.html +

Inside Impact exploit kit +

http://malware.dontneedcoffee.com/2012/12/inside-impact-exploit-kit-back-on-track.html +

Inside Pony 1.7 / Fareit C&C - Botnet Control Panel +

http://malware.dontneedcoffee.com/2012/06/inside-pony-17.html +

Inside Smoke Bot - Botnet Control Panel +

http://malware.dontneedcoffee.com/2012/04/inside-smoke-bot.html +

Inside Smoke Bot - botnet control panel +

http://malware.dontneedcoffee.com/2012/04/inside-smoke-bot.html +

Inside Styx exploit kit control panel +

http://malware.dontneedcoffee.com/2013/05/inside-styx-2013-05.html +

Inside Ulocker +

http://www.xylibox.com/2012/08/ulocker.html www.xylibox.com +

Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel +

http://malware.dontneedcoffee.com/2012/08/inside-upas-kit1.0.1.1.html +

Inside an APT campaign with multiple targets in India and Japan +

http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp luckycat redux.pdf +

Inside the Grum botnet +

http://krebsonsecurity.com/2012/08/inside-the-grum-botnet/ +

Inside the world of the Citadel trojan +

http://www.mcafee.com/us/resources/white-papers/wp-citadel-trojan.pdf www.mcafee.com +

Inside view of Lyposit aka (for its friends) Lucky LOCKER +

http://malware.dontneedcoffee.com/2012/11/inside-view-of-lyposit-aka-for-its.html +

Insights from the analysis of the Mariposa botnet +

http://www.ncfta.ca/papers/InsightsFromTheAnalysisOfTheMariposaBotnet.pdf +

Insights into Win32/Bradop +

http://blogs.technet.com/b/mmpc/archive/2012/06/15/insights-into-win32-bradop.aspx +

Interconnection of Gauss with Stuxnet, Duqu & Flame +

http://blog.eset.com/2012/08/15/interconnection-of-gauss-with-stuxnet-duqu-flame blog.eset.com +

International cyber ring that infected millions of computers dismantled +

http://www.fbi.gov/news/stories/2011/november/malware 110911/malware 110911 +

Internet Census 2012, port scanning /0 using insecure embedded devices +

http://census2012.sourceforge.net/paper.html +

Introducing Ponmocup-Finder +

http://c-apt-ure.blogspot.fr/2012/06/introducing-ponmocup-finder.html c-apt-ure.blogspot.fr +

It’s 2012 and Armageddon has arrived +

http://ddos.arbornetworks.com/uploads/2012/03/Crypto-Armageddon-Blog.pdf arbornetworks.com (pdf) +

It’s not the end of the world: DarkComet misses by a mile +

http://ddos.arbornetworks.com/2012/03/its-not-the-end-of-the-world-darkcomet-misses-by-a-mile/ +

J

Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor +

http://blog.trendmicro.com/java-runtime-environment-1-7-zero-day-exploit-delivers-backdoor/ +

Java Signed Applet Social Engineering Code Execution +

http://www.rapid7.com/db/modules/exploit/multi/browser/java signed applet +

Java Zero-Days and the Blackhole Exploit Kit +

http://blog.trendmicro.com/java-zero-days-and-the-blackhole-exploit-kit/ +

Joint strike force against Dorifel +

http://hitmanpro.wordpress.com/2012/08/11/joint-strike-force-against-dorifel/ hitmanpro.wordpress.com +

K

Kaptoxa point-of-sale compromise +

http://www.isightpartners.com/2014/01/kaptoxa-pos-report-faq/ +

Karagny.L unpack +

http://code.google.com/p/malware-lu/wiki/en unpack Karagny L +

Kaspersky Lab et Seculert annoncent la récente découverte de « Madi », une nouvelle attaque de cyberespionnage au Moyen‑Orient +

http://www.globalsecuritymag.fr/Kaspersky-Lab-et-Seculert,20120717,31426.html www.globalsecuritymag.fr +

Kaspersky Securelist +

https://securelist.com/ +

Kaspersky security bulletin 2015. Overall statistics for 2015 +

https://securelist.com/analysis/kaspersky-security-bulletin/73038/kaspersky-security-bulletin-2015-overall-statistics-for-2015/ +

Kelihos back in town using Fast Flux +

http://www.abuse.ch/?p=3658 abuse.ch +

Kelihos botnet appears again with new variant +

http://secureconnexion.wordpress.com/2013/02/11/kelihos-botnet-appears-again-with-new-variant/ secureconnexion.wordpress.com +

Kelihos botnet trying to expand by harnessing Russian national sentiments +

http://community.websense.com/blogs/securitylabs/archive/2014/08/22/kelihos-botnet-trying-to-expand-by-harnessing-russian-national-sentiments.aspx community.websense.com +

Kelihos is dead. Long live Kelihos +

http://blog.damballa.com/?p=1571 blog.damballa.com +

Kelihos is dead… No wait… Long live Kelihos! Again! +

http://blog.spiderlabs.com/2013/03/kelihos-is-dead-no-wait-long-live-kelihos-again.html blog.spiderlabs.com +

Kelihos/Hlux botnet returns with new techniques +

http://www.securelist.com/en/blog/655/Kelihos Hlux botnet returns with new techniques +

Kelihos: not alien resurrection, more attack of the clones +

http://blog.eset.com/2012/03/10/kelihos-not-alien-resurrection-more-attack-of-the-clones blog.eset.com +

King of spam:Festi botnet analysis +

http://blog.eset.com/wp-content/media files/king-of-spam-festi-botnet-analysis.pdf blog.eset.com (PDF) +

Know your enemy: tracking botnets +

http://www.honeynet.org/papers/bots/ +

Koobface botnet master KrotReal back in business, distributes ransomware and promotes BHSEO service/product +

http://ddanchev.blogspot.fr/2012/11/koobface-botnet-master-krotreal-back-in.html ddanchev.blogspot.fr +

Koobface, un écosystème cybercriminel ou le conte des Mille et une nuits ? +

http://blog.crimenumerique.fr/2010/02/24/koobface-un-ecosysteme-cybercriminel-ou-le-conte-des-mille-et-une-nuits/ +

Kore exploit kit +

http://www.kahusecurity.com/2013/kore-exploit-kit/ +

Kraken botnet infiltration +

http://dvlabs.tippingpoint.com/blog/2008/04/28/kraken-botnet-infiltration dvlabs.tippingpoint.com +

Krebs on Security +

http://krebsonsecurity.com/ +

L

Large-scale analysis of malware downloaders +

http://www.christian-rossow.de/publications/downloaders-dimva12.pdf +

Latest Kelihos botnet shut down live at RSA Conference 2013 +

http://threatpost.com/en us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 +

Latest SpyEye botnet active and cheaper +

http://blogs.mcafee.com/mcafee-labs/latest-spyeye-botnet-active-and-cheaper +

Latin American banks under fire from the Mexican VOlk-botnet +

http://www.securelist.com/en/blog/208193160/Latin American banks under fire from the Mexican VOlk Botnet +

Le dropper de CTB-Locker +

http://christophe.rieunier.name/securite/CTB-Locker/CTB-Locker analysis.php +

Learning stateful models for network honeypots +

http://user.informatik.uni-goettingen.de/~krieck/docs/2012a-aisec.pdf user.informatik.uni-goettingen.de +

Legal implications of countering botnets +

http://www.ccdcoe.org/articles/2012/LegalImplicationsOfCounteringBotnets.pdf www.ccdcoe.org +

Leouncia - Yet another backdoor +

http://blog.fireeye.com/research/2010/12/leouncia-yet-another-backdoor.html +

Leouncia - Yet another backdoor - Part 2 +

http://blog.fireeye.com/research/2010/12/leouncia-yet-another-backdoor-part-2.html +

Library file in certain Android apps connects to C&C servers +

http://blog.trendmicro.com/library-file-in-certain-android-apps-connects-to-cc-servers/ +

Lifting the lid on the Redkit exploit kit (Part 1) +

http://nakedsecurity.sophos.com/2013/05/03/lifting-the-lid-on-the-redkit-exploit-kit-part-1/ +

Lights Out: Dragonfly is on the move +

http://www.cyactive.com/lights-dragonfly-move/ +

Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole +

http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/ +

Live Coronavirus Map Used to Spread Malware +

https://krebsonsecurity.com/2020/03/live-coronavirus-map-used-to-spread-malware/ +

Locky Ransomware switches to the Lukitus extension for Encrypted Files +

https://www.bleepingcomputer.com/news/security/locky-ransomware-switches-to-the-lukitus-extension-for-encrypted-files/ +

LogPOS - new point of sale malware using mailslots +

http://morphick.com/blog/2015/2/27/mailslot-pos +

Long life to Kelihos! +

http://community.websense.com/blogs/securitylabs/archive/2012/02/17/long-life-to-kelihos.aspx +

Look what I found: it's a Pony! +

http://blog.spiderlabs.com/2013/06/look-what-i-found-its-a-pony-1.html blog.spiderlabs.com +

M

MDK: the largest mobile botnet in China +

http://www.symantec.com/connect/ko/blogs/mdk-largest-mobile-botnet-china +

MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled +

http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html +

MP-DDoser: A rapidly improving DDoS threat +

https://asert.arbornetworks.com/mp-ddoser-a-rapidly-improving-ddos-threat/ +

MP-DDoser:Monitoring a rapidly improving DDoS threat +

https://asert.arbornetworks.com/wp-content/uploads/2012/06/Crypto-MPDDOS-Report1.pdf +

MSIE 0-day exploit CVE-2014-0322 - Possibly targeting French aerospace association +

http://community.websense.com/blogs/securitylabs/archive/2014/02/13/msie-0-day-exploit-cve-2014-0322-possibly-targeting-french-aerospace-organization.aspx community.websense.com +

MSRT April 2012: Win32/Claretore +

http://blogs.technet.com/b/mmpc/archive/2012/04/10/msrt-april-2012-win32-claretore.aspx blog.technet.com +

MSRT April 2014 – Ramdo +

http://blogs.technet.com/b/mmpc/archive/2014/04/08/msrt-april-2014-ramdo.aspx +

MSRT June '12 - cleanup on aisle one +

http://blogs.technet.com/b/mmpc/archive/2012/06/12/msrt-june-12-cleanup-on-aisle-one.aspx +

MSRT March 2012: breaking bad +

http://blogs.technet.com/b/mmpc/archive/2012/03/13/msrt-march-2012-breaking-bad.aspx +

MSRT November '12 - Weelsof around the world +

http://blogs.technet.com/b/mmpc/archive/2012/12/04/msrt-november-12-weelsof-around-the-world.aspx +

MSRT September '12 - Medfos, hijacking your daily search +

http://blogs.technet.com/b/mmpc/archive/2012/09/10/msrt-september-12-medfos-hijacking-your-daily-search.aspx +

MSRT march: three hioles in one +

http://blogs.technet.com/b/mmpc/archive/2012/03/15/msrt-march-three-hioles-in-one.aspx +

Maazben: best of both worlds +

http://www.m86security.com/labs/i/Maazben-Best-of-Both-Worlds,trace.1090~.asp www.m86security.com +

Mac BackDoor.Wirenet.1 config extractor +

http://code.google.com/p/malware-lu/wiki/en malware wirenet +

Mac Flashback exploiting unpatched Java vulnerability +

https://www.f-secure.com/weblog/archives/00002341.html +

Mac spyware found at Oslo Freedom Forum +

http://www.f-secure.com/weblog/archives/00002554.html +

Madi is back - New Tricks and a new Command&Control server +

http://www.securelist.com/en/blog/208193696/Madi is back New Tricks and a New Command Control Server +

Mahdi malware finds 150 new targets including U.S. and Germany, gets more evasive +

http://www.securityweek.com/mahdi-malware-finds-150-new-targets-including-us-and-germany-gets-more-evasive +

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode +

http://nakedsecurity.sophos.com/2012/06/06/zeroaccess-rootkit-usermode/ +

Malicious Apache module injects Iframes +

http://blog.unmaskparasites.com/2012/09/10/malicious-apache-module-injects-iframes/ blog.unmaskparasites.com +

Malicious Apache module used for content injection: Linux/Chapro.A +

http://blog.eset.com/2012/12/18/malicious-apache-module-used-for-content-injection-linuxchapro-a blog.eset.com +

Malware 2 - from infection to persistence +

http://www.contextis.com/research/blog/malware2/ +

Malware Memory Analysis - Volatility +

http://blog.basementpctech.com/2012/04/in-acquiring-memory-blog-list-of-tools.html blog.basementpctech.com +

Malware Uses Google Go Language +

http://www.symantec.com/connect/blogs/malware-uses-google-go-language +

Malware analysis Rannoh/Matsnu +

http://malware.lu/Pro/RAP001 malware rannoh matsnu 1.1.pdf (PDF) +

Malware analysis of the Lurk downloader +

http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/ +

Malware analysis tutorial 32: exploration of botnet client +

http://fumalwareanalysis.blogspot.kr/2012/08/malware-analysis-tutorial-32.html fumalwareanalysis.blogspot.kr +

Malware attacking POS systems +

http://www.hexacorn.com/blog/2012/12/19/malware-attacking-pos-systems/ +

Malware discovered developed with Google's "Go" programming language +

http://www.securityweek.com/malware-discovered-developed-googles-go-programming-language +

Malware evolving to defeat anti-DDoS services like CloudFlare? +

http://www.welivesecurity.com/2013/02/13/malware-evolving-to-defeat-anti-ddos-services-like-cloudflare/ +

Malware for everyone - Aldi Bot at a discount price +

http://www.h-online.com/security/news/item/Malware-for-everyone-Aldi-Bot-at-a-discount-price-1346594.html www.h-online.com +

Malware hunting with the Sysinternals tools +

http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/SIA302 channel9.msdn.com +

Malware pandemics +

http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA531166 +

Malware targeting Windows 8 uses Google Docs +

http://www.symantec.com/connect/blogs/malware-targeting-windows-8-uses-google-docs +

https://blog.malwarebytes.com +

Mariposa botnet 'mastermind' jailed in Slovenia +

http://www.bbc.co.uk/news/technology-25506016 www.bbc.co.uk +

Massive Drop in number of active Zeus C&C servers +

https://www.abuse.ch/?p=2417 +

Massive search fraud botnet seized by Microsoft and Symantec +

http://arstechnica.com/security/2013/02/massive-search-fraud-botnet-siezed-by-microsoft-and-symantec/ +

Mastermind behind Gozi bank malware charged along with two others +

http://www.wired.com/threatlevel/2013/01/mastermind-behind-gozi-charged/ +

McAfee Labs threat advisory : W32.Pinkslipbot +

https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT DOCUMENTATION/22000/PD22960/en US/McAfee-Labs-ThreatAdvisory-Pinkslipbot.pdf +

Measuring and detecting Fast-Flux service networks +

http://pi1.informatik.uni-mannheim.de/filepool/publications/fast-flux-ndss08.pdf uni-mannheim.de (pdf) +

Measuring and detecting malware downloads in live network traffic +

http://www.perdisci.com/publications/publication-files/amico.pdf +

Measuring botnet populations +

https://asert.arbornetworks.com/measuring-botnet-populations/ +

Meet "Red Dot exploit toolkit" +

http://malware.dontneedcoffee.com/2013/01/meet-red-dot-exploit-toolkit.html +

Meet CritXPack (Previously Vintage Pack) +

http://malware.dontneedcoffee.com/2012/11/meet-critxpack-previously-vintage-pack.html +

Meet ProPack Exploit Pack - yes that's a lot of pack +

http://malware.dontneedcoffee.com/2012/11/meet-propack-exploit-pack.html +

Meet ‘Flame’, the massive spy malware infiltrating Iranian computers +

http://www.wired.com/threatlevel/2012/05/flame/ +

Members of the largest criminal group engaged in online banking fraud are detained +

http://group-ib.com/news 2012 03 20.html group-ib.com +

Mexican Twitter-controlled botnet unpicked +

http://www.theregister.co.uk/2010/09/15/mexican twitter botnet/ +

https://www.microsoft.com +

Microsoft and Symantec take down Bamital botnet that hijacks online searches +

http://blogs.technet.com/b/microsoft blog/archive/2013/02/06/microsoft-and-symantec-take-down-bamital-botnet-that-hijacks-online-searches.aspx +

Microsoft and financial services industry leaders target cybercriminal operations from ZeuS botnets +

http://blogs.technet.com/b/microsoft blog/archive/2012/03/25/microsoft-and-financial-services-industry-leaders-target-cybercriminal-operations-from-zeus-botnets.aspx +

Microsoft disrupts the emerging Nitol botnet being spread through an unsecure supply chain +

http://blogs.technet.com/b/microsoft blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx +

Microsoft neutralizes Kelihos botnet, names defendant in case +

http://blogs.technet.com/b/microsoft blog/archive/2011/09/27/microsoft-neutralizes-kelihos-botnet-names-defendant-in-case.aspx blog.technet.com +

Microsoft partners with Interpol, industry to disrupt global malware attack affecting more than 770,000 PCs in past six months +

http://blogs.technet.com/b/mmpc/archive/2015/04/12/microsoft-partners-with-interpol-industry-to-disrupt-global-malware-attack-affecting-more-than-770-000-pcs-in-past-six-months-39-simda-at-39-designed-to-divert-internet-traffic-to-disseminate-other-types-of-malware.aspx +

Microsoft security updates January 2016 +

https://securelist.com/blog/software/73284/microsoft-security-updates-january-2016/ +

http://blog.crysys.hu/2013/02/miniduke/ blog.crysys.hu +

MoVP 1.3 Desktops, heaps, and ransomware +

http://volatility-labs.blogspot.com.es/2012/09/movp-13-desktops-heaps-and-ransomware.html +

Mocbot spam analysis +

http://www.secureworks.com/cyber-threat-intelligence/threats/mocbot-spam/ +

Monkif botnet hides commands in JPEGs +

http://blogs.mcafee.com/mcafee-labs/monkif-botnet-hides-commands-in-jpegs +

More Flame/Skywiper CNC behavior uncovered +

http://blog.fireeye.com/research/2012/06/flame-skywiper-cnc-update.html +

More details of the Dorifel servers +

http://rickey-g.blogspot.nl/2012/08/more-details-of-dorifel-servers.html blogspot.com +

Morto worm sets a (DNS) record +

http://www.symantec.com/connect/blogs/morto-worm-sets-dns-record +

Mpack installs ultra-invisible trojan +

http://www.computerworld.com/s/article/9026323/Mpack installs ultra invisible Trojan www.computerworld.com +

Multitenancy Botnets thwart threat analysis +

http://ossectools.blogspot.fr/2012/05/multitenancy-botnets-thwart-threat.html ossectools.blogspot.fr +

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication +

http://www.welivesecurity.com/2013/05/01/mysterious-avatar-rootkit-with-api-sdk-and-yahoo-groups-for-cc-communication/ +

N

NASK shuts down dangerous Virut botnet domains +

https://www.cert.pl/news/6666/langswitch lang/en +

NGRBot spreads via chat +

http://blogs.mcafee.com/mcafee-labs/ngrbot-spreads-via-chat +

Necurs Quick Analysis +

http://code.google.com/p/malware-lu/wiki/en necurs analysis +

Neosploit gets Java 0-Day +

http://www.kahusecurity.com/2012/neosploit-gets-java-0-day/ +

Nepalese government websites compromised to serve Zegost RAT +

http://community.websense.com/blogs/securitylabs/archive/2012/08/08/nepalese-government-websites-compromised-to-serve-zegost-backdoor.aspx community.websense.com +

NetTraveler APT gets a makeover for 10th birthday +

http://securelist.com/blog/research/66272/nettraveler-apt-gets-a-makeover-for-10th-birthday/ +

NetTraveler is back: the 'Red Star' APT returns with new tricks +

http://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/ +

New Apple Mac trojan called OSX/Crisis discovered +

http://www.intego.com/mac-security-blog/new-apple-mac-trojan-called-osxcrisis-discovered-by-intego-virus-team/ +

New Chinese exploit pack +

http://www.kahusecurity.com/2012/new-chinese-exploit-pack/ +

New CryptoLocker spreads via removable drives +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/ +

New Duqu sample found in the wild +

http://www.symantec.com/connect/blogs/new-duqu-sample-found-wild +

New GamaPoS malware piggybacks on Andromeda botnet; spreads in 13 US states +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-gamapos-threat-spreads-in-the-us-via-andromeda-botnet/ +

New IE Zero-Day used in targeted attacks +

http://www.symantec.com/connect/blogs/new-ie-zero-day-used-targeted-attacks +

New IceIX (ZeuS variant) changes its encryption method (again) +

http://www.tidos-group.com/blog/?p=447 www.tidos-group.com +

New Mac malware discovered on attendee computer at anti-surveillance workshop +

http://threatpost.com/new-mac-malware-discovered-on-attendee-computer-at-anti-surveillance-workshop/ +

New Mahdi updates, new C2 server +

http://blog.seculert.com/2012/08/new-mahdi-updates.html +

New POS malware emerges - Punkey +

https://www.trustwave.com/Resources/SpiderLabs-Blog/New-POS-Malware-Emerges---Punkey/ +

New PoS malware “Backoff” targets US +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-pos-malware-backoff-targets-us/ +

New RATs emerge from leaked Njw0rm source code +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-rats-emerge-from-leaked-njw0rm-source-code/ +

New Thor botnet nearly ready to be sold, price $8,000 +

http://www.spamfighter.com/News-17520-New-THOR-Botnet-Nearly-Ready-to-be-Sold-Price-$8000.htm spamfighter.com +

New Xtreme RAT attacks US, Israel, and other foreign governments +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-xtreme-rat-attacks-on-usisrael-and-other-foreign-governments/ +

New crimeware attacks LatAm bank users +

http://www.securelist.com/en/blog/208194103/New crimeware attacks LatAm bank users +

New crypto-ransomware JIGSAW plays nasty games +

http://blog.trendmicro.com/trendlabs-security-intelligence/jigsaw-ransomware-plays-games-victims/ +

New crypto-ransomware emerge in the wild +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-crypto-ransomware-emerge-in-the-wild/ +

New point-of-sale malware distributed by Andromeda botnet +

http://www.cio.com/article/2949334/new-pointofsale-malware-distributed-by-andromeda-botnet.html +

New ransomware plays its victims an audio file, over and over and over… +

http://blog.trendmicro.com/trendlabs-security-intelligence/new-ransomware-plays-its-victims-an-audio-file-over-and-over-and-over/ +

New trojan found: Admin.HLP leaks organizations data +

http://blog.radware.com/security/2012/08/ert-threat-alert-new-trojan-found-admin-hlp-attacks-organization-data/ +

New virus SMSZombie.A discovered by TrustGo Security Labs +

http://blog.trustgo.com/SMSZombie/ +

NewPosThings has new PoS things +

http://blog.trendmicro.com/trendlabs-security-intelligence/newposthings-has-new-pos-things/ +

Newly detected Crisis virus infects Windows, Macs and virtual machines +

http://www.eweek.com/c/a/Security/Newly-Detected-Crisis-Virus-Infects-Windows-Macs-and-Virtual-Machines-217207 www.eweek.com +

Newly launched ‘HTTP-based botnet setup as a service’ empowers novice cybercriminals with bulletproof hosting capabilities +

http://www.webroot.com/blog/2013/07/24/newly-launched-http-based-botnet-setup-as-a-service-empowers-novice-cybercriminals-with-bulletproof-hosting-capabilities/ +

Ngrbot steals information and mine Bitcoins +

https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=391 www.mysonicwall.com +

NitlovePOS: another new POS malware +

https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos another.html +

Nitol DDoS botnet discovered in China +

http://www.infosecurity-magazine.com/view/25296/nitol-ddos-botnet-discovered-in-china/ +

NjRAT & H-Worm variant infections continue to rise +

http://research.zscaler.com/2015/03/njrat-h-worm-variant-infections.html +

Not just a one-trick PonyDOS +

http://ddos.arbornetworks.com/uploads/2012/03/PonyDOS.pdf arbornetworks.com (pdf) +

Now you Z-(eus) it, now you don’t: ZeuS bots silently upgraded to Citadel +

http://blogs.rsa.com/rsafarl/now-you-z-eus-it-now-you-don’t-zeus-bots-silently-upgraded-to-citadel/ +

Nuevo botnet contra Mexico: Karn!v0r3x +

http://laboratoriomalware.blogspot.com/2012/01/nuevo-botnet-contra-mexico-karnv0r3x.html +

Nymaim - obfuscation chronicles +

http://www.welivesecurity.com/2013/08/26/nymaim-obfuscation-chronicles/ +

O

OSX Kitmos analysis +

http://blog.sbarbeau.fr/2013/05/osx-kitmos-analysis.html blog.sbarbeau.fr +

OSX.Iservice technical details +

http://www.symantec.com/security response/writeup.jsp?docid=2009-012216-4245-99&tabid=2 +

OSX.iService its not going to iWork for you +

http://www.symantec.com/connect/blogs/osxiservice-it-s-not-going-iwork-you +

OSX/Crisis has been used as part of a targeted attack +

http://www.intego.com/mac-security-blog/osxcrisis-has-been-used-as-part-of-a-targeted-attack/ +

OSX/Flashback - The first malware to infect hundreds of thousands of Apple Mac +

http://www.eset.com/us/resources/white-papers/osx flashback.pdf +

Obama order sped up wave of cyberattacks against Iran +

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html? r=1 www.nytimes.com +

Olmasco bootkit: next circle of TDL4 evolution (or not) +

http://blog.eset.com/2012/10/18/olmasco-bootkit-next-circle-of-tdl4-evolution-or-not blog.eset.com +

On botnets that use DNS for command and control +

http://www.cj2s.de/On-Botnets-that-use-DNS-for-Command-and-Control.pdf +

On the analysis of the ZeuS botnet crimeware toolkit +

http://www.ncfta.ca/papers/On the Analysis of the ZeuS Botnet Crimeware.pdf www.ncfta.ca +

One Sinowal trojan + one gang = hundreds of thousands of compromised accountS +

http://www.rsa.com/blog/blog entry.aspx?id=1378 +

One bot to rule them all +

http://press.pandasecurity.com/news/one-bot-to-dominate-them-all/ press.pandasecurity.com +

One-man PoS malware operation captures 22,000 credit card details in Brazil +

http://blog.trendmicro.com/trendlabs-security-intelligence/fighterpos-fighting-a-new-pos-malware-family/ +

Operation Bot Roast II +

http://www.fbi.gov/news/stories/2007/november/botnet 112907 +

Operation SnowMan: DeputyDog actor compromises US veterans of foreign wars website +

http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html www.fireeye.com +

Operation Socialist The Inside Story Of How British Spies Hacked Belgium’s Largest Telco +

https://firstlook.org/theintercept/2014/12/13/belgacom-hack-gchq-inside-story/ +

OphionLocker: Joining in the Ransomware Race +

https://www.f-secure.com/weblog/archives/00002777.html +

Over 9 million PCs infected - ZeroAccess botnet uncovered +

http://nakedsecurity.sophos.com/2012/09/19/zeroaccess-botnet-uncovered/ +

Overcoming reputation and proof-of-work systems in botnets +

http://eprints.qut.edu.au/35657/ eprints.qut.edu.au +

Overview: inside the ZeuS trojan’s source code +

http://www.thetechherald.com/articles/Overview-Inside-the-ZeuS-Trojans-source-code www.thetechherald.com +

Owning Kraken zombies +

http://dvlabs.tippingpoint.com/blog/2008/04/28/owning-kraken-zombies +

P

P2P botnet Kelihos.B with 100.000 nodes sinkholed +

http://blog.crowdstrike.com/2012/03/P2P-botnet-kelihosb-with-100000-nodes.html blog.crowdstrike.com +

PETYA crypto-ransomware overwrites MBR to lock users out of their computers +

http://blog.trendmicro.com/trendlabs-security-intelligence/petya-crypto-ransomware-overwrites-mbr-lock-users-computers/ +

Panda Security uncovers bot-killing malware +

http://www.securityweek.com/panda-security-uncovers-bot-killing-malware +

Panel Gendarmerie +

http://www.malekal.com/2012/09/03/panel-gendarmerie/ +

Panel Supern0va et virus gendarmerie +

http://www.malekal.com/2012/06/05/panel-supern0va-et-virus-gendarmerie/ +

Panel Virus Gendarmerie : Ratio 0.36% +

http://www.malekal.com/2012/04/18/panel-virus-gendarmerie-ratio-0-36/ +

Part virus, part botnet, spreading fast: Ramnit moves past Facebook passwords +

http://arstechnica.com/business/news/2012/01/part-virus-part-botnet-spreading-fast-ramnit-moves-past-facebook-passwords.ars +

Peer-to-peer botnets: overview and case study +

http://static.usenix.org/event/hotbots07/tech/full papers/grizzard/grizzard.pdf usenix.org +

PeerRush: mining for unwanted P2P traffic +

http://www.cs.uga.edu/~kangli/src/dimva2013.pdf www.cs.uga.edu +

Petya ransomware skips the files and encrypts your hard drive instead +

http://www.bleepingcomputer.com/news/security/petya-ransomware-skips-the-files-and-encrypts-your-hard-drive-instead/ +

Pitou, The “silent” resurrection of the PITOU notorious Srizbi kernel spambot +

http://www.f-secure.com/static/doc/labs global/Whitepapers/pitou whitepaper.pdf +

Playing cops & robbers with banks & browsers +

http://www.symantec.com/connect/blogs/playing-cops-robbers-banks-browsers +

PlugX malware: A good hacker is an apologetic hacker +

https://securelist.com/blog/virus-watch/74150/plugx-malware-a-good-hacker-is-an-apologetic-hacker/ +

Retrieved from "https://www.botnets.fr/index.php?title=Property:Link&oldid=26"