Property:Link
From Botnets.fr
Jump to navigation
Jump to search
This is a property of type
URL
.
Usage
807
previous 250
20
50
100
250
500
next 250
Filter
<p>The <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Property_page/Filter">search filter</a> allows the inclusion of <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Query_expressions">query expressions</a> such as <code>~</code> or <code>!</code>. The selected <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Query_engine">query engine</a> might also support case insensitive matching or other short expressions like:</p><ul><li><code>in:</code> result should include the term, e.g. '<code>in:Foo</code>'</li></ul><ul><li><code>not:</code> result should to not include the term, e.g. '<code>not:Bar</code>'</li></ul>
Showing 250 pages using this property.
F
Flamer analysis: framework reconstruction
+
http://blog.eset.com/2012/08/02/flamer-analysis-framework-reconstruction blog.eset.com
+
Flamer: highly sophisticated and discreet threat targets the Middle East
+
http://www.symantec.com/connect/blogs/flamer-highly-sophisticated-and-discreet-threat-targets-middle-east
+
Flamer: urgent suicide
+
http://www.symantec.com/connect/blogs/flamer-urgent-suicide
+
Flashfake Mac OS X botnet confirmed
+
http://www.securelist.com/en/blog/208193441/Flashfake Mac OS X botnet confirmed
+
Fortiguard: Android/Stiniter.A!tr
+
http://www.fortiguard.com/av/VID3677621 www.fortiguard.com
+
Fox-IT
+
https://www.fox-it.com/
+
From Georgia, with love Win32/Georbot
+
http://blog.eset.com/wp-content/media files/ESET win32georbot analysis final.pdf blog.est.com (pdf)
+
From Sakura to Reveton via Smoke Bot - or a botnet distribution of Reveton
+
http://malware.dontneedcoffee.com/2012/09/from-sakura-to-reveton-via-smoke-bot-or.html
+
Full analysis of Flame's Command & Control servers
+
http://www.securelist.com/en/blog/750/Full Analysis of Flame s Command Control servers
+
Full analysis of Flame's command & control servers
+
https://www.securelist.com/en/blog/750/Full Analysis of Flame s Command Control servers
+
G
Gamarue dropping Lethic bot
+
http://research.zscaler.com/2015/06/gamarue-dropping-lethic-bot.html
+
GandCrab ransomware distributed by RIG and GrandSoft exploit kits
+
https://blog.malwarebytes.com/threat-analysis/2018/01/gandcrab-ransomware-distributed-by-rig-and-grandsoft-exploit-kits/
+
Gangstaservice Winlock Affiliate
+
http://www.xylibox.com/2012/08/gangstaservice-winlock-affiliate.html
+
Gauss: Nation-state cyber-surveillance meets banking Trojan
+
http://www.securelist.com/en/blog/208193767/Gauss Nation state cyber surveillance meets banking Trojan
+
Gauss: abnormal distribution
+
http://www.securelist.com/en/analysis/204792238/Gauss Abnormal Distribution
+
Get gamed and rue the day...
+
http://blogs.technet.com/b/mmpc/archive/2011/10/25/get-gamed-and-rue-the-day.aspx
+
Getting more "personal" & deeper into Cridex with parfeit credential stealer infection
+
http://malwaremustdie.blogspot.jp/2012/12/get-more-personal-deeper-into-cridex.html malwaremustdie.blogspot.jp
+
Gimemo finally targeting USA with Camera Feature too
+
http://malware.dontneedcoffee.com/2012/07/gimemocameraUSA.html
+
Gimemo wants to play in the big league
+
http://malware.dontneedcoffee.com/2012/05/gimemo-wants-to-play-in-big-league.html
+
GingerMaster Android Malware Utilizing A Root Exploit
+
http://www.csc.ncsu.edu/faculty/jiang/GingerMaster/
+
Going solo: self-propagating ZBOT malware spotted
+
http://blog.trendmicro.com/trendlabs-security-intelligence/going-solo-self-propagating-zbot-malware-spotted/
+
Google Groups trojan
+
http://www.symantec.com/connect/blogs/google-groups-trojan
+
Got malware? Rent an exploit service
+
https://blog.damballa.com/archives/1893 blog.damballa.com
+
Gumblar Google-poisoning attack morphs
+
http://www.theregister.co.uk/2009/05/19/gumblar google poisoning update/
+
Guys behind Gauss and Flame are the same
+
http://blog.fireeye.com/research/2012/08/guys-behind-gauss-and-flame-are-the-same.html
+
H
HARMUR: storing and analyzing historic data on malicious domains
+
http://www.cs.bham.ac.uk/~covam/publications/badgers2011harmur.html www.cs.bham.ac.uk
+
HTran and the Advanced Persistent Threat
+
http://www.secureworks.com/cyber-threat-intelligence/threats/htran/
+
HackRead
+
https://www.hackread.com
+
Hackers are increasingly targeting IoT Devices with Mirai DDoS Malware
+
https://www.hackread.com/iot-devices-with-mirai-ddos-malware/
+
Hammertoss: stealthy tactics define a Russian cyber threat group
+
https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf
+
Harnig botnet: a retreating army
+
https://www.fireeye.com/blog/threat-research/2011/03/a-retreating-army.html
+
Harnig is back
+
https://www.fireeye.com/blog/threat-research/2011/08/harnig-is-back.html
+
Harvesting data on the Xarvester botmaster
+
http://krebsonsecurity.com/2012/08/harvesting-data-on-the-xarvester-botmaster/
+
Have we seen the end of the ZeroAccess botnet?
+
http://nakedsecurity.sophos.com/2014/01/07/have-we-seen-the-end-of-the-zeroaccess-botnet/
+
Hello Neutrino ! (just one more Exploit Kit)
+
http://malware.dontneedcoffee.com/2013/03/hello-neutrino-just-one-more-exploit-kit.html
+
Herpes botnet
+
http://xylibox.blogspot.fr/2011/12/herpes-botnet.html xylibox.blogspot.fr
+
HerpesNet botnet 1.7
+
http://toolzware.com/theblog/herpesnet-botnet-1-7/ toolzware.com
+
Hesperbot – A new, advanced banking trojan in the wild
+
http://www.eset.com/us/resources/white-papers/Hesperbot Whitepaper.pdf
+
Hiding in plain sight: the FAKEM remote access trojan
+
http://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-sight-the-fakem-remote-access-trojan/
+
Hiloti: the (bot)master of disguise
+
http://blog.fortinet.com/hiloti-the-botmaster-of-disguise/ blog.fortinet.com
+
Hodprot: hot to bot
+
http://go.eset.com/us/resources/white-papers/Hodprot-Report.pdf go.eset.com (PDF)
+
How Lockergoga took down Hydro — ransomware used in targeted attacks aimed at big business
+
https://doublepulsar.com/how-lockergoga-took-down-hydro-ransomware-used-in-targeted-attacks-aimed-at-big-business-c666551f5880
+
How to steal a Botnet and what can happen when you do
+
http://www.youtube.com/watch?v=2GdqoQJa6r4 Youtube
+
Hébergeurs malhonnêtes : nouvelle fermeture (3FN)
+
http://blog.crimenumerique.fr/2009/06/06/hebergeurs-malhonnetes-nouvelle-fermeture-3fn/
+
I
IRC bot for Android
+
http://www.securelist.com/en/blog/208193332/IRC bot for Android
+
IcoScript: using webmail to control malware
+
https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript
+
Illuminating the Etumbot APT backdoor
+
http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/
+
Infamous Skynet botnet author allegedly arrested
+
http://www.malwaretech.com/2013/12/infamous-skynet-botnet-author-allegedly.html
+
Inside Andromeda Bot v2.06 Webpanel / AKA Gamarue - Botnet Control Panel
+
http://malware.dontneedcoffee.com/2012/07/inside-andromeda-bot-v206-webpanel-aka.html
+
Inside Blackhole Exploits Kit v1.2.4 - Exploit Kit Control Panel
+
http://malware.dontneedcoffee.com/2012/07/inside-blackhole-exploits-kit-v124.html
+
Inside Carberp botnet
+
http://malwareint.blogspot.com/2011/02/inside-carberp-botnet.html
+
Inside Citadel 1.3.4.5 C&C & Builder - Botnet Control Panel
+
http://malware.dontneedcoffee.com/2012/07/inside-citadel-1.3.4.5-cncNbuilder.html
+
Inside Impact exploit kit
+
http://malware.dontneedcoffee.com/2012/12/inside-impact-exploit-kit-back-on-track.html
+
Inside Pony 1.7 / Fareit C&C - Botnet Control Panel
+
http://malware.dontneedcoffee.com/2012/06/inside-pony-17.html
+
Inside Smoke Bot - Botnet Control Panel
+
http://malware.dontneedcoffee.com/2012/04/inside-smoke-bot.html
+
Inside Smoke Bot - botnet control panel
+
http://malware.dontneedcoffee.com/2012/04/inside-smoke-bot.html
+
Inside Styx exploit kit control panel
+
http://malware.dontneedcoffee.com/2013/05/inside-styx-2013-05.html
+
Inside Ulocker
+
http://www.xylibox.com/2012/08/ulocker.html www.xylibox.com
+
Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel
+
http://malware.dontneedcoffee.com/2012/08/inside-upas-kit1.0.1.1.html
+
Inside an APT campaign with multiple targets in India and Japan
+
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp luckycat redux.pdf
+
Inside the Grum botnet
+
http://krebsonsecurity.com/2012/08/inside-the-grum-botnet/
+
Inside the world of the Citadel trojan
+
http://www.mcafee.com/us/resources/white-papers/wp-citadel-trojan.pdf www.mcafee.com
+
Inside view of Lyposit aka (for its friends) Lucky LOCKER
+
http://malware.dontneedcoffee.com/2012/11/inside-view-of-lyposit-aka-for-its.html
+
Insights from the analysis of the Mariposa botnet
+
http://www.ncfta.ca/papers/InsightsFromTheAnalysisOfTheMariposaBotnet.pdf
+
Insights into Win32/Bradop
+
http://blogs.technet.com/b/mmpc/archive/2012/06/15/insights-into-win32-bradop.aspx
+
Interconnection of Gauss with Stuxnet, Duqu & Flame
+
http://blog.eset.com/2012/08/15/interconnection-of-gauss-with-stuxnet-duqu-flame blog.eset.com
+
International cyber ring that infected millions of computers dismantled
+
http://www.fbi.gov/news/stories/2011/november/malware 110911/malware 110911
+
Internet Census 2012, port scanning /0 using insecure embedded devices
+
http://census2012.sourceforge.net/paper.html
+
Introducing Ponmocup-Finder
+
http://c-apt-ure.blogspot.fr/2012/06/introducing-ponmocup-finder.html c-apt-ure.blogspot.fr
+
It’s 2012 and Armageddon has arrived
+
http://ddos.arbornetworks.com/uploads/2012/03/Crypto-Armageddon-Blog.pdf arbornetworks.com (pdf)
+
It’s not the end of the world: DarkComet misses by a mile
+
http://ddos.arbornetworks.com/2012/03/its-not-the-end-of-the-world-darkcomet-misses-by-a-mile/
+
J
Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor
+
http://blog.trendmicro.com/java-runtime-environment-1-7-zero-day-exploit-delivers-backdoor/
+
Java Signed Applet Social Engineering Code Execution
+
http://www.rapid7.com/db/modules/exploit/multi/browser/java signed applet
+
Java Zero-Days and the Blackhole Exploit Kit
+
http://blog.trendmicro.com/java-zero-days-and-the-blackhole-exploit-kit/
+
Joint strike force against Dorifel
+
http://hitmanpro.wordpress.com/2012/08/11/joint-strike-force-against-dorifel/ hitmanpro.wordpress.com
+
K
Kaptoxa point-of-sale compromise
+
http://www.isightpartners.com/2014/01/kaptoxa-pos-report-faq/
+
Karagny.L unpack
+
http://code.google.com/p/malware-lu/wiki/en unpack Karagny L
+
Kaspersky Lab et Seculert annoncent la récente découverte de « Madi », une nouvelle attaque de cyberespionnage au Moyen‑Orient
+
http://www.globalsecuritymag.fr/Kaspersky-Lab-et-Seculert,20120717,31426.html www.globalsecuritymag.fr
+
Kaspersky Securelist
+
https://securelist.com/
+
Kaspersky security bulletin 2015. Overall statistics for 2015
+
https://securelist.com/analysis/kaspersky-security-bulletin/73038/kaspersky-security-bulletin-2015-overall-statistics-for-2015/
+
Kelihos back in town using Fast Flux
+
http://www.abuse.ch/?p=3658 abuse.ch
+
Kelihos botnet appears again with new variant
+
http://secureconnexion.wordpress.com/2013/02/11/kelihos-botnet-appears-again-with-new-variant/ secureconnexion.wordpress.com
+
Kelihos botnet trying to expand by harnessing Russian national sentiments
+
http://community.websense.com/blogs/securitylabs/archive/2014/08/22/kelihos-botnet-trying-to-expand-by-harnessing-russian-national-sentiments.aspx community.websense.com
+
Kelihos is dead. Long live Kelihos
+
http://blog.damballa.com/?p=1571 blog.damballa.com
+
Kelihos is dead… No wait… Long live Kelihos! Again!
+
http://blog.spiderlabs.com/2013/03/kelihos-is-dead-no-wait-long-live-kelihos-again.html blog.spiderlabs.com
+
Kelihos/Hlux botnet returns with new techniques
+
http://www.securelist.com/en/blog/655/Kelihos Hlux botnet returns with new techniques
+
Kelihos: not alien resurrection, more attack of the clones
+
http://blog.eset.com/2012/03/10/kelihos-not-alien-resurrection-more-attack-of-the-clones blog.eset.com
+
King of spam:Festi botnet analysis
+
http://blog.eset.com/wp-content/media files/king-of-spam-festi-botnet-analysis.pdf blog.eset.com (PDF)
+
Know your enemy: tracking botnets
+
http://www.honeynet.org/papers/bots/
+
Koobface botnet master KrotReal back in business, distributes ransomware and promotes BHSEO service/product
+
http://ddanchev.blogspot.fr/2012/11/koobface-botnet-master-krotreal-back-in.html ddanchev.blogspot.fr
+
Koobface, un écosystème cybercriminel ou le conte des Mille et une nuits ?
+
http://blog.crimenumerique.fr/2010/02/24/koobface-un-ecosysteme-cybercriminel-ou-le-conte-des-mille-et-une-nuits/
+
Kore exploit kit
+
http://www.kahusecurity.com/2013/kore-exploit-kit/
+
Kraken botnet infiltration
+
http://dvlabs.tippingpoint.com/blog/2008/04/28/kraken-botnet-infiltration dvlabs.tippingpoint.com
+
Krebs on Security
+
http://krebsonsecurity.com/
+
L
Large-scale analysis of malware downloaders
+
http://www.christian-rossow.de/publications/downloaders-dimva12.pdf
+
Latest Kelihos botnet shut down live at RSA Conference 2013
+
http://threatpost.com/en us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613
+
Latest SpyEye botnet active and cheaper
+
http://blogs.mcafee.com/mcafee-labs/latest-spyeye-botnet-active-and-cheaper
+
Latin American banks under fire from the Mexican VOlk-botnet
+
http://www.securelist.com/en/blog/208193160/Latin American banks under fire from the Mexican VOlk Botnet
+
Le dropper de CTB-Locker
+
http://christophe.rieunier.name/securite/CTB-Locker/CTB-Locker analysis.php
+
Learning stateful models for network honeypots
+
http://user.informatik.uni-goettingen.de/~krieck/docs/2012a-aisec.pdf user.informatik.uni-goettingen.de
+
Legal implications of countering botnets
+
http://www.ccdcoe.org/articles/2012/LegalImplicationsOfCounteringBotnets.pdf www.ccdcoe.org
+
Leouncia - Yet another backdoor
+
http://blog.fireeye.com/research/2010/12/leouncia-yet-another-backdoor.html
+
Leouncia - Yet another backdoor - Part 2
+
http://blog.fireeye.com/research/2010/12/leouncia-yet-another-backdoor-part-2.html
+
Library file in certain Android apps connects to C&C servers
+
http://blog.trendmicro.com/library-file-in-certain-android-apps-connects-to-cc-servers/
+
Lifting the lid on the Redkit exploit kit (Part 1)
+
http://nakedsecurity.sophos.com/2013/05/03/lifting-the-lid-on-the-redkit-exploit-kit-part-1/
+
Lights Out: Dragonfly is on the move
+
http://www.cyactive.com/lights-dragonfly-move/
+
Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole
+
http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/
+
Live Coronavirus Map Used to Spread Malware
+
https://krebsonsecurity.com/2020/03/live-coronavirus-map-used-to-spread-malware/
+
Locky Ransomware switches to the Lukitus extension for Encrypted Files
+
https://www.bleepingcomputer.com/news/security/locky-ransomware-switches-to-the-lukitus-extension-for-encrypted-files/
+
LogPOS - new point of sale malware using mailslots
+
http://morphick.com/blog/2015/2/27/mailslot-pos
+
Long life to Kelihos!
+
http://community.websense.com/blogs/securitylabs/archive/2012/02/17/long-life-to-kelihos.aspx
+
Look what I found: it's a Pony!
+
http://blog.spiderlabs.com/2013/06/look-what-i-found-its-a-pony-1.html blog.spiderlabs.com
+
M
MDK: the largest mobile botnet in China
+
http://www.symantec.com/connect/ko/blogs/mdk-largest-mobile-botnet-china
+
MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled
+
http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html
+
MP-DDoser: A rapidly improving DDoS threat
+
https://asert.arbornetworks.com/mp-ddoser-a-rapidly-improving-ddos-threat/
+
MP-DDoser:Monitoring a rapidly improving DDoS threat
+
https://asert.arbornetworks.com/wp-content/uploads/2012/06/Crypto-MPDDOS-Report1.pdf
+
MSIE 0-day exploit CVE-2014-0322 - Possibly targeting French aerospace association
+
http://community.websense.com/blogs/securitylabs/archive/2014/02/13/msie-0-day-exploit-cve-2014-0322-possibly-targeting-french-aerospace-organization.aspx community.websense.com
+
MSRT April 2012: Win32/Claretore
+
http://blogs.technet.com/b/mmpc/archive/2012/04/10/msrt-april-2012-win32-claretore.aspx blog.technet.com
+
MSRT April 2014 – Ramdo
+
http://blogs.technet.com/b/mmpc/archive/2014/04/08/msrt-april-2014-ramdo.aspx
+
MSRT June '12 - cleanup on aisle one
+
http://blogs.technet.com/b/mmpc/archive/2012/06/12/msrt-june-12-cleanup-on-aisle-one.aspx
+
MSRT March 2012: breaking bad
+
http://blogs.technet.com/b/mmpc/archive/2012/03/13/msrt-march-2012-breaking-bad.aspx
+
MSRT November '12 - Weelsof around the world
+
http://blogs.technet.com/b/mmpc/archive/2012/12/04/msrt-november-12-weelsof-around-the-world.aspx
+
MSRT September '12 - Medfos, hijacking your daily search
+
http://blogs.technet.com/b/mmpc/archive/2012/09/10/msrt-september-12-medfos-hijacking-your-daily-search.aspx
+
MSRT march: three hioles in one
+
http://blogs.technet.com/b/mmpc/archive/2012/03/15/msrt-march-three-hioles-in-one.aspx
+
Maazben: best of both worlds
+
http://www.m86security.com/labs/i/Maazben-Best-of-Both-Worlds,trace.1090~.asp www.m86security.com
+
Mac BackDoor.Wirenet.1 config extractor
+
http://code.google.com/p/malware-lu/wiki/en malware wirenet
+
Mac Flashback exploiting unpatched Java vulnerability
+
https://www.f-secure.com/weblog/archives/00002341.html
+
Mac spyware found at Oslo Freedom Forum
+
http://www.f-secure.com/weblog/archives/00002554.html
+
Madi is back - New Tricks and a new Command&Control server
+
http://www.securelist.com/en/blog/208193696/Madi is back New Tricks and a New Command Control Server
+
Mahdi malware finds 150 new targets including U.S. and Germany, gets more evasive
+
http://www.securityweek.com/mahdi-malware-finds-150-new-targets-including-us-and-germany-gets-more-evasive
+
Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode
+
http://nakedsecurity.sophos.com/2012/06/06/zeroaccess-rootkit-usermode/
+
Malicious Apache module injects Iframes
+
http://blog.unmaskparasites.com/2012/09/10/malicious-apache-module-injects-iframes/ blog.unmaskparasites.com
+
Malicious Apache module used for content injection: Linux/Chapro.A
+
http://blog.eset.com/2012/12/18/malicious-apache-module-used-for-content-injection-linuxchapro-a blog.eset.com
+
Malware 2 - from infection to persistence
+
http://www.contextis.com/research/blog/malware2/
+
Malware Memory Analysis - Volatility
+
http://blog.basementpctech.com/2012/04/in-acquiring-memory-blog-list-of-tools.html blog.basementpctech.com
+
Malware Uses Google Go Language
+
http://www.symantec.com/connect/blogs/malware-uses-google-go-language
+
Malware analysis Rannoh/Matsnu
+
http://malware.lu/Pro/RAP001 malware rannoh matsnu 1.1.pdf (PDF)
+
Malware analysis of the Lurk downloader
+
http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/
+
Malware analysis tutorial 32: exploration of botnet client
+
http://fumalwareanalysis.blogspot.kr/2012/08/malware-analysis-tutorial-32.html fumalwareanalysis.blogspot.kr
+
Malware attacking POS systems
+
http://www.hexacorn.com/blog/2012/12/19/malware-attacking-pos-systems/
+
Malware discovered developed with Google's "Go" programming language
+
http://www.securityweek.com/malware-discovered-developed-googles-go-programming-language
+
Malware evolving to defeat anti-DDoS services like CloudFlare?
+
http://www.welivesecurity.com/2013/02/13/malware-evolving-to-defeat-anti-ddos-services-like-cloudflare/
+
Malware for everyone - Aldi Bot at a discount price
+
http://www.h-online.com/security/news/item/Malware-for-everyone-Aldi-Bot-at-a-discount-price-1346594.html www.h-online.com
+
Malware hunting with the Sysinternals tools
+
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/SIA302 channel9.msdn.com
+
Malware pandemics
+
http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA531166
+
Malware targeting Windows 8 uses Google Docs
+
http://www.symantec.com/connect/blogs/malware-targeting-windows-8-uses-google-docs
+
Malwarebytes
+
https://blog.malwarebytes.com
+
Mariposa botnet 'mastermind' jailed in Slovenia
+
http://www.bbc.co.uk/news/technology-25506016 www.bbc.co.uk
+
Massive Drop in number of active Zeus C&C servers
+
https://www.abuse.ch/?p=2417
+
Massive search fraud botnet seized by Microsoft and Symantec
+
http://arstechnica.com/security/2013/02/massive-search-fraud-botnet-siezed-by-microsoft-and-symantec/
+
Mastermind behind Gozi bank malware charged along with two others
+
http://www.wired.com/threatlevel/2013/01/mastermind-behind-gozi-charged/
+
McAfee Labs threat advisory : W32.Pinkslipbot
+
https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT DOCUMENTATION/22000/PD22960/en US/McAfee-Labs-ThreatAdvisory-Pinkslipbot.pdf
+
Measuring and detecting Fast-Flux service networks
+
http://pi1.informatik.uni-mannheim.de/filepool/publications/fast-flux-ndss08.pdf uni-mannheim.de (pdf)
+
Measuring and detecting malware downloads in live network traffic
+
http://www.perdisci.com/publications/publication-files/amico.pdf
+
Measuring botnet populations
+
https://asert.arbornetworks.com/measuring-botnet-populations/
+
Meet "Red Dot exploit toolkit"
+
http://malware.dontneedcoffee.com/2013/01/meet-red-dot-exploit-toolkit.html
+
Meet CritXPack (Previously Vintage Pack)
+
http://malware.dontneedcoffee.com/2012/11/meet-critxpack-previously-vintage-pack.html
+
Meet ProPack Exploit Pack - yes that's a lot of pack
+
http://malware.dontneedcoffee.com/2012/11/meet-propack-exploit-pack.html
+
Meet ‘Flame’, the massive spy malware infiltrating Iranian computers
+
http://www.wired.com/threatlevel/2012/05/flame/
+
Members of the largest criminal group engaged in online banking fraud are detained
+
http://group-ib.com/news 2012 03 20.html group-ib.com
+
Mexican Twitter-controlled botnet unpicked
+
http://www.theregister.co.uk/2010/09/15/mexican twitter botnet/
+
Microsoft
+
https://www.microsoft.com
+
Microsoft and Symantec take down Bamital botnet that hijacks online searches
+
http://blogs.technet.com/b/microsoft blog/archive/2013/02/06/microsoft-and-symantec-take-down-bamital-botnet-that-hijacks-online-searches.aspx
+
Microsoft and financial services industry leaders target cybercriminal operations from ZeuS botnets
+
http://blogs.technet.com/b/microsoft blog/archive/2012/03/25/microsoft-and-financial-services-industry-leaders-target-cybercriminal-operations-from-zeus-botnets.aspx
+
Microsoft disrupts the emerging Nitol botnet being spread through an unsecure supply chain
+
http://blogs.technet.com/b/microsoft blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx
+
Microsoft neutralizes Kelihos botnet, names defendant in case
+
http://blogs.technet.com/b/microsoft blog/archive/2011/09/27/microsoft-neutralizes-kelihos-botnet-names-defendant-in-case.aspx blog.technet.com
+
Microsoft partners with Interpol, industry to disrupt global malware attack affecting more than 770,000 PCs in past six months
+
http://blogs.technet.com/b/mmpc/archive/2015/04/12/microsoft-partners-with-interpol-industry-to-disrupt-global-malware-attack-affecting-more-than-770-000-pcs-in-past-six-months-39-simda-at-39-designed-to-divert-internet-traffic-to-disseminate-other-types-of-malware.aspx
+
Microsoft security updates January 2016
+
https://securelist.com/blog/software/73284/microsoft-security-updates-january-2016/
+
Miniduke
+
http://blog.crysys.hu/2013/02/miniduke/ blog.crysys.hu
+
MoVP 1.3 Desktops, heaps, and ransomware
+
http://volatility-labs.blogspot.com.es/2012/09/movp-13-desktops-heaps-and-ransomware.html
+
Mocbot spam analysis
+
http://www.secureworks.com/cyber-threat-intelligence/threats/mocbot-spam/
+
Monkif botnet hides commands in JPEGs
+
http://blogs.mcafee.com/mcafee-labs/monkif-botnet-hides-commands-in-jpegs
+
More Flame/Skywiper CNC behavior uncovered
+
http://blog.fireeye.com/research/2012/06/flame-skywiper-cnc-update.html
+
More details of the Dorifel servers
+
http://rickey-g.blogspot.nl/2012/08/more-details-of-dorifel-servers.html blogspot.com
+
Morto worm sets a (DNS) record
+
http://www.symantec.com/connect/blogs/morto-worm-sets-dns-record
+
Mpack installs ultra-invisible trojan
+
http://www.computerworld.com/s/article/9026323/Mpack installs ultra invisible Trojan www.computerworld.com
+
Multitenancy Botnets thwart threat analysis
+
http://ossectools.blogspot.fr/2012/05/multitenancy-botnets-thwart-threat.html ossectools.blogspot.fr
+
Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication
+
http://www.welivesecurity.com/2013/05/01/mysterious-avatar-rootkit-with-api-sdk-and-yahoo-groups-for-cc-communication/
+
N
NASK shuts down dangerous Virut botnet domains
+
https://www.cert.pl/news/6666/langswitch lang/en
+
NGRBot spreads via chat
+
http://blogs.mcafee.com/mcafee-labs/ngrbot-spreads-via-chat
+
Necurs Quick Analysis
+
http://code.google.com/p/malware-lu/wiki/en necurs analysis
+
Neosploit gets Java 0-Day
+
http://www.kahusecurity.com/2012/neosploit-gets-java-0-day/
+
Nepalese government websites compromised to serve Zegost RAT
+
http://community.websense.com/blogs/securitylabs/archive/2012/08/08/nepalese-government-websites-compromised-to-serve-zegost-backdoor.aspx community.websense.com
+
NetTraveler APT gets a makeover for 10th birthday
+
http://securelist.com/blog/research/66272/nettraveler-apt-gets-a-makeover-for-10th-birthday/
+
NetTraveler is back: the 'Red Star' APT returns with new tricks
+
http://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/
+
New Apple Mac trojan called OSX/Crisis discovered
+
http://www.intego.com/mac-security-blog/new-apple-mac-trojan-called-osxcrisis-discovered-by-intego-virus-team/
+
New Chinese exploit pack
+
http://www.kahusecurity.com/2012/new-chinese-exploit-pack/
+
New CryptoLocker spreads via removable drives
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/
+
New Duqu sample found in the wild
+
http://www.symantec.com/connect/blogs/new-duqu-sample-found-wild
+
New GamaPoS malware piggybacks on Andromeda botnet; spreads in 13 US states
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-gamapos-threat-spreads-in-the-us-via-andromeda-botnet/
+
New IE Zero-Day used in targeted attacks
+
http://www.symantec.com/connect/blogs/new-ie-zero-day-used-targeted-attacks
+
New IceIX (ZeuS variant) changes its encryption method (again)
+
http://www.tidos-group.com/blog/?p=447 www.tidos-group.com
+
New Mac malware discovered on attendee computer at anti-surveillance workshop
+
http://threatpost.com/new-mac-malware-discovered-on-attendee-computer-at-anti-surveillance-workshop/
+
New Mahdi updates, new C2 server
+
http://blog.seculert.com/2012/08/new-mahdi-updates.html
+
New POS malware emerges - Punkey
+
https://www.trustwave.com/Resources/SpiderLabs-Blog/New-POS-Malware-Emerges---Punkey/
+
New PoS malware “Backoff” targets US
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-pos-malware-backoff-targets-us/
+
New RATs emerge from leaked Njw0rm source code
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-rats-emerge-from-leaked-njw0rm-source-code/
+
New Thor botnet nearly ready to be sold, price $8,000
+
http://www.spamfighter.com/News-17520-New-THOR-Botnet-Nearly-Ready-to-be-Sold-Price-$8000.htm spamfighter.com
+
New Xtreme RAT attacks US, Israel, and other foreign governments
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-xtreme-rat-attacks-on-usisrael-and-other-foreign-governments/
+
New crimeware attacks LatAm bank users
+
http://www.securelist.com/en/blog/208194103/New crimeware attacks LatAm bank users
+
New crypto-ransomware JIGSAW plays nasty games
+
http://blog.trendmicro.com/trendlabs-security-intelligence/jigsaw-ransomware-plays-games-victims/
+
New crypto-ransomware emerge in the wild
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-crypto-ransomware-emerge-in-the-wild/
+
New point-of-sale malware distributed by Andromeda botnet
+
http://www.cio.com/article/2949334/new-pointofsale-malware-distributed-by-andromeda-botnet.html
+
New ransomware plays its victims an audio file, over and over and over…
+
http://blog.trendmicro.com/trendlabs-security-intelligence/new-ransomware-plays-its-victims-an-audio-file-over-and-over-and-over/
+
New trojan found: Admin.HLP leaks organizations data
+
http://blog.radware.com/security/2012/08/ert-threat-alert-new-trojan-found-admin-hlp-attacks-organization-data/
+
New virus SMSZombie.A discovered by TrustGo Security Labs
+
http://blog.trustgo.com/SMSZombie/
+
NewPosThings has new PoS things
+
http://blog.trendmicro.com/trendlabs-security-intelligence/newposthings-has-new-pos-things/
+
Newly detected Crisis virus infects Windows, Macs and virtual machines
+
http://www.eweek.com/c/a/Security/Newly-Detected-Crisis-Virus-Infects-Windows-Macs-and-Virtual-Machines-217207 www.eweek.com
+
Newly launched ‘HTTP-based botnet setup as a service’ empowers novice cybercriminals with bulletproof hosting capabilities
+
http://www.webroot.com/blog/2013/07/24/newly-launched-http-based-botnet-setup-as-a-service-empowers-novice-cybercriminals-with-bulletproof-hosting-capabilities/
+
Ngrbot steals information and mine Bitcoins
+
https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=391 www.mysonicwall.com
+
NitlovePOS: another new POS malware
+
https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos another.html
+
Nitol DDoS botnet discovered in China
+
http://www.infosecurity-magazine.com/view/25296/nitol-ddos-botnet-discovered-in-china/
+
NjRAT & H-Worm variant infections continue to rise
+
http://research.zscaler.com/2015/03/njrat-h-worm-variant-infections.html
+
Not just a one-trick PonyDOS
+
http://ddos.arbornetworks.com/uploads/2012/03/PonyDOS.pdf arbornetworks.com (pdf)
+
Now you Z-(eus) it, now you don’t: ZeuS bots silently upgraded to Citadel
+
http://blogs.rsa.com/rsafarl/now-you-z-eus-it-now-you-don’t-zeus-bots-silently-upgraded-to-citadel/
+
Nuevo botnet contra Mexico: Karn!v0r3x
+
http://laboratoriomalware.blogspot.com/2012/01/nuevo-botnet-contra-mexico-karnv0r3x.html
+
Nymaim - obfuscation chronicles
+
http://www.welivesecurity.com/2013/08/26/nymaim-obfuscation-chronicles/
+
O
OSX Kitmos analysis
+
http://blog.sbarbeau.fr/2013/05/osx-kitmos-analysis.html blog.sbarbeau.fr
+
OSX.Iservice technical details
+
http://www.symantec.com/security response/writeup.jsp?docid=2009-012216-4245-99&tabid=2
+
OSX.iService its not going to iWork for you
+
http://www.symantec.com/connect/blogs/osxiservice-it-s-not-going-iwork-you
+
OSX/Crisis has been used as part of a targeted attack
+
http://www.intego.com/mac-security-blog/osxcrisis-has-been-used-as-part-of-a-targeted-attack/
+
OSX/Flashback - The first malware to infect hundreds of thousands of Apple Mac
+
http://www.eset.com/us/resources/white-papers/osx flashback.pdf
+
Obama order sped up wave of cyberattacks against Iran
+
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html? r=1 www.nytimes.com
+
Olmasco bootkit: next circle of TDL4 evolution (or not)
+
http://blog.eset.com/2012/10/18/olmasco-bootkit-next-circle-of-tdl4-evolution-or-not blog.eset.com
+
On botnets that use DNS for command and control
+
http://www.cj2s.de/On-Botnets-that-use-DNS-for-Command-and-Control.pdf
+
On the analysis of the ZeuS botnet crimeware toolkit
+
http://www.ncfta.ca/papers/On the Analysis of the ZeuS Botnet Crimeware.pdf www.ncfta.ca
+
One Sinowal trojan + one gang = hundreds of thousands of compromised accountS
+
http://www.rsa.com/blog/blog entry.aspx?id=1378
+
One bot to rule them all
+
http://press.pandasecurity.com/news/one-bot-to-dominate-them-all/ press.pandasecurity.com
+
One-man PoS malware operation captures 22,000 credit card details in Brazil
+
http://blog.trendmicro.com/trendlabs-security-intelligence/fighterpos-fighting-a-new-pos-malware-family/
+
Operation Bot Roast II
+
http://www.fbi.gov/news/stories/2007/november/botnet 112907
+
Operation SnowMan: DeputyDog actor compromises US veterans of foreign wars website
+
http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html www.fireeye.com
+
Operation Socialist The Inside Story Of How British Spies Hacked Belgium’s Largest Telco
+
https://firstlook.org/theintercept/2014/12/13/belgacom-hack-gchq-inside-story/
+
OphionLocker: Joining in the Ransomware Race
+
https://www.f-secure.com/weblog/archives/00002777.html
+
Over 9 million PCs infected - ZeroAccess botnet uncovered
+
http://nakedsecurity.sophos.com/2012/09/19/zeroaccess-botnet-uncovered/
+
Overcoming reputation and proof-of-work systems in botnets
+
http://eprints.qut.edu.au/35657/ eprints.qut.edu.au
+
Overview: inside the ZeuS trojan’s source code
+
http://www.thetechherald.com/articles/Overview-Inside-the-ZeuS-Trojans-source-code www.thetechherald.com
+
Owning Kraken zombies
+
http://dvlabs.tippingpoint.com/blog/2008/04/28/owning-kraken-zombies
+
P
P2P botnet Kelihos.B with 100.000 nodes sinkholed
+
http://blog.crowdstrike.com/2012/03/P2P-botnet-kelihosb-with-100000-nodes.html blog.crowdstrike.com
+
PETYA crypto-ransomware overwrites MBR to lock users out of their computers
+
http://blog.trendmicro.com/trendlabs-security-intelligence/petya-crypto-ransomware-overwrites-mbr-lock-users-computers/
+
Panda Security uncovers bot-killing malware
+
http://www.securityweek.com/panda-security-uncovers-bot-killing-malware
+
Panel Gendarmerie
+
http://www.malekal.com/2012/09/03/panel-gendarmerie/
+
Panel Supern0va et virus gendarmerie
+
http://www.malekal.com/2012/06/05/panel-supern0va-et-virus-gendarmerie/
+
Panel Virus Gendarmerie : Ratio 0.36%
+
http://www.malekal.com/2012/04/18/panel-virus-gendarmerie-ratio-0-36/
+
Part virus, part botnet, spreading fast: Ramnit moves past Facebook passwords
+
http://arstechnica.com/business/news/2012/01/part-virus-part-botnet-spreading-fast-ramnit-moves-past-facebook-passwords.ars
+
Peer-to-peer botnets: overview and case study
+
http://static.usenix.org/event/hotbots07/tech/full papers/grizzard/grizzard.pdf usenix.org
+
PeerRush: mining for unwanted P2P traffic
+
http://www.cs.uga.edu/~kangli/src/dimva2013.pdf www.cs.uga.edu
+
Petya ransomware skips the files and encrypts your hard drive instead
+
http://www.bleepingcomputer.com/news/security/petya-ransomware-skips-the-files-and-encrypts-your-hard-drive-instead/
+
Pitou, The “silent” resurrection of the PITOU notorious Srizbi kernel spambot
+
http://www.f-secure.com/static/doc/labs global/Whitepapers/pitou whitepaper.pdf
+
Playing cops & robbers with banks & browsers
+
http://www.symantec.com/connect/blogs/playing-cops-robbers-banks-browsers
+
PlugX malware: A good hacker is an apologetic hacker
+
https://securelist.com/blog/virus-watch/74150/plugx-malware-a-good-hacker-is-an-apologetic-hacker/
+
Navigation menu
Personal tools
Log in
Namespaces
Property
Discussion
Variants
Views
Read
View source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Upload file
Special pages
Printable version
Permanent link
Page information
Browse properties