Below you will find reports with the tag of “Downloader” ESET Threat Report Q4 2020 This report reflects on the key threats that emerged or expanded in the 4th quarter of 2020. Added: February 24, 2021 FIN11: A Widespread Ransomware and Extortion Operation This report provides a look into FIN11, a financially motivated threat group that has conducted some of the largest and longest running malware distribution campaigns to date. (more available) Added: October 18, 2020 An Insider View to the Increasingly Complex Kingminer Botnet A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components. Added: June 9, 2020 Threat Landscape Report Q4 2019 This is the threat landscape report from Fortinet for the 4th quarter of 2019. It goes into changes in this quarter, including threat detection changes and attack changes. (more available) Added: March 15, 2020 Operation Sharpshooter This report takes a look at a new global campaign targeting nuclear, defense, energy, and financial companies. Added: December 29, 2018 Cobalt Group Fidelis Threat Research analysts have discovered a new version of ThreadKit, malware notorious for it’s use by the cybercrime organization known as Cobalt Group. (more available) Added: December 14, 2018 Magic Hound Campaign Attacks Saudi Targets Unit 42 has discovered a persistent attack campaign operating primarily in the Middle East dating back to at least mid-2016 which we have named Magic Hound. (more available) Added: November 15, 2018 The Gamaredon Group Toolset Evolution Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. (more available) Added: November 15, 2018 Dimnie: Hiding In Plain Sight This post discusses the reports of open-source developers receiving malicious emails. Added: November 15, 2018 MM Core In-Memory Backdoor Returns as "BigBoss" and "SillyGoose" In this blog we will detail our discovery of the next two versions of MM Core, namely “BigBoss” (2.2-LNK) and “SillyGoose” (2. (more available) Added: November 15, 2018 Operation BugDrop: CyberX Discovers Large-Scale Cyber-Reconnaissance Operation Targeting Ukrainian Organizations CyberX has discovered a new, large-scale cyber-reconnaissance operation targeting a broad range of targets in the Ukraine. Because it eavesdrops on sensitive conversations by remotely controlling PC microphones – in order to surreptitiously “bug” its targets – and uses Dropbox to store exfiltrated data, CyberX has named it “Operation BugDrop. (more available) Added: November 15, 2018 Operation Electric Powder - Who is Targeting Israel Electric Company From April 2016 until at least February 2017, attackers have been spreading malware via fake Facebook profiles and pages, breached websites, self-hosted and cloud based websites. (more available) Added: November 15, 2018 Minerva's 2016 Year In Review Released in 2017, this report details the cyberthreats that Minerva dealt with in 2016. Added: October 25, 2018 Blackmoon Banking Trojan Overview The Blackmoon Banking Trojan was thought to be shut down in 2016. However, it has re-emerged. This paper provides a brief analysis of the revamped trojan. (more available) Added: October 24, 2018 ISTR Email Threats 2017 This special report analyzes Email and the threats that occur in that environment. Added: October 22, 2018 Threat Actor - APT28 This report takes a look at ATP28 a recognized state sponsored threat actor operating out of Russia. Added: October 22, 2018 APT37 (Reaper) The Overlooked North Korean Actor This report takes a look at a North Korean CyberEspionage Groub. Added: October 21, 2018 Cyber Threats To The High Tech And IT Industry Get a threat outlook for high tech and IT sectors as their relevance to economic, intelligence and security concerns make them more valuable targets. (more available) Added: October 18, 2018 ASEC Report Volume 86 Q1 2017 This report from the Ahn Lab Security Emergency Response Center provides a review of various Cyber events that took place in the 1st QTR of 2017. (more available) Added: October 17, 2018 GTIC Monthly Threat Report January 2018 This monthly threat report takes a look at the month of January 2018. Specifically, it looks at two VULNS, the hacking of nuclear weapons, and the increase in suspected Chinese Cyber activity. (more available) Added: October 17, 2018 Joao Malware Analysis This report provides analysis and information related to Joao Malware which has attacked video gamers. Added: October 16, 2018 «« « 1 2 » »»
ESET Threat Report Q4 2020 This report reflects on the key threats that emerged or expanded in the 4th quarter of 2020. Added: February 24, 2021
FIN11: A Widespread Ransomware and Extortion Operation This report provides a look into FIN11, a financially motivated threat group that has conducted some of the largest and longest running malware distribution campaigns to date. (more available) Added: October 18, 2020
An Insider View to the Increasingly Complex Kingminer Botnet A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components. Added: June 9, 2020
Threat Landscape Report Q4 2019 This is the threat landscape report from Fortinet for the 4th quarter of 2019. It goes into changes in this quarter, including threat detection changes and attack changes. (more available) Added: March 15, 2020
Operation Sharpshooter This report takes a look at a new global campaign targeting nuclear, defense, energy, and financial companies. Added: December 29, 2018
Cobalt Group Fidelis Threat Research analysts have discovered a new version of ThreadKit, malware notorious for it’s use by the cybercrime organization known as Cobalt Group. (more available) Added: December 14, 2018
Magic Hound Campaign Attacks Saudi Targets Unit 42 has discovered a persistent attack campaign operating primarily in the Middle East dating back to at least mid-2016 which we have named Magic Hound. (more available) Added: November 15, 2018
The Gamaredon Group Toolset Evolution Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. (more available) Added: November 15, 2018
Dimnie: Hiding In Plain Sight This post discusses the reports of open-source developers receiving malicious emails. Added: November 15, 2018
MM Core In-Memory Backdoor Returns as "BigBoss" and "SillyGoose" In this blog we will detail our discovery of the next two versions of MM Core, namely “BigBoss” (2.2-LNK) and “SillyGoose” (2. (more available) Added: November 15, 2018
Operation BugDrop: CyberX Discovers Large-Scale Cyber-Reconnaissance Operation Targeting Ukrainian Organizations CyberX has discovered a new, large-scale cyber-reconnaissance operation targeting a broad range of targets in the Ukraine. Because it eavesdrops on sensitive conversations by remotely controlling PC microphones – in order to surreptitiously “bug” its targets – and uses Dropbox to store exfiltrated data, CyberX has named it “Operation BugDrop. (more available) Added: November 15, 2018
Operation Electric Powder - Who is Targeting Israel Electric Company From April 2016 until at least February 2017, attackers have been spreading malware via fake Facebook profiles and pages, breached websites, self-hosted and cloud based websites. (more available) Added: November 15, 2018
Minerva's 2016 Year In Review Released in 2017, this report details the cyberthreats that Minerva dealt with in 2016. Added: October 25, 2018
Blackmoon Banking Trojan Overview The Blackmoon Banking Trojan was thought to be shut down in 2016. However, it has re-emerged. This paper provides a brief analysis of the revamped trojan. (more available) Added: October 24, 2018
ISTR Email Threats 2017 This special report analyzes Email and the threats that occur in that environment. Added: October 22, 2018
Threat Actor - APT28 This report takes a look at ATP28 a recognized state sponsored threat actor operating out of Russia. Added: October 22, 2018
APT37 (Reaper) The Overlooked North Korean Actor This report takes a look at a North Korean CyberEspionage Groub. Added: October 21, 2018
Cyber Threats To The High Tech And IT Industry Get a threat outlook for high tech and IT sectors as their relevance to economic, intelligence and security concerns make them more valuable targets. (more available) Added: October 18, 2018
ASEC Report Volume 86 Q1 2017 This report from the Ahn Lab Security Emergency Response Center provides a review of various Cyber events that took place in the 1st QTR of 2017. (more available) Added: October 17, 2018
GTIC Monthly Threat Report January 2018 This monthly threat report takes a look at the month of January 2018. Specifically, it looks at two VULNS, the hacking of nuclear weapons, and the increase in suspected Chinese Cyber activity. (more available) Added: October 17, 2018
Joao Malware Analysis This report provides analysis and information related to Joao Malware which has attacked video gamers. Added: October 16, 2018