Malpedia Library

Click here to download all references as Bib-File.•

2021-01-05 ⋅ CISA, FBI, NSA, ODNI
Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA)
SUNBURST

2020-12-15 ⋅ ⋅ KISA ⋅ KrCERT
Operation MUZABI
Appleseed

2020-12-15 ⋅ ⋅ KISA ⋅ KISA
Operation MUZABI
Kimsuky

2020-12-13 ⋅ CISA ⋅ CISA
Active Exploitation of SolarWinds Software
SUNBURST

2020-12-10 ⋅ US-CERT ⋅ FBI, MS-ISAC, US-CERT
Alert (AA20-345A): Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
PerlBot Shlayer Agent Tesla Cerber Dridex Ghost RAT Kovter Maze MedusaLocker Nanocore RAT Nefilim REvil Ryuk Zeus

2020-12-04 ⋅ Stratosphere Laboratory ⋅ Lisandro Ubiedo, María José Erquiaga, Sebastian García, Thomas O'Hara, Veronica Valeros
Current State of IPv6 Security in IoT

2020-11-27 ⋅ Trend Micro ⋅ Luis Magisa, Steven Du
New MacOS Backdoor Connected to OceanLotus Surfaces
OceanLotus APT32

2020-11-13 ⋅ Youtube (The Standoff) ⋅ Alexey Zakharov, Positive Technologies
FF_202_Eng - From old Higaisa samples to new Winnti backdoors: The story of one research
CROSSWALK Unidentified 076 (Higaisa LNK to Shellcode)

2020-11-02 ⋅ FireEye ⋅ Adrian Pisarczyk, Antonio Monaca, Daniel Caban, Daniel Susin, Justin Moore, Luis Rocha, Sara Rincon, Wojciech Ledzion
Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945
SLAPSTICK STEELCORGI

2020-10-28 ⋅ CISA ⋅ CISA, FBI, HHS
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
AnchorDNS Anchor BazarBackdoor Ryuk

2020-10-27 ⋅ Avast ⋅ Lisandro Ubiedo
Data exfiltration via IPv6

2020-10-23 ⋅ AP News ⋅ Frank Bajak
Report: Ransomware disables Georgia county election database
DoppelPaymer

2020-10-03 ⋅ Trend Micro ⋅ Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Kazuki Fujisawa
Earth Akhlut: Exploring the Tools, Tactics, and Procedures of an Advanced Threat Actor Operating a Large Infrastructure
Dexbia TypeHash

2020-09-25 ⋅ VISA ⋅ Visa Security Alert
Visa Security Alert: New Malware Samples identified in Point-of-Sale Compromises
BlackPOS pwnpos rtpos

2020-09-11 ⋅ ⋅ KISA ⋅ KrCERT
Analysis of attacker's strategy of using malicious code

2020-08-27 ⋅ fmnagisa wordpress ⋅ Facundo M
Revisiting EquationGroup’s FANNY… or is it DEMENTIAWHEEL?
DoubleFantasy Fanny

2020-08-26 ⋅ CISA ⋅ CISA, FBI, U.S. Cyber Command, U.S. Department of the Treasury
Alert (AA20-239A): FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks
FastCash

2020-08-26 ⋅ CISA ⋅ CISA
MAR-10301706-1.v1 - North Korean Remote Access Tool: ECCENTRICBANDWAGON
PSLogger

2020-08-26 ⋅ CISA ⋅ CISA
MAR-10301706-2.v1 - North Korean Remote Access Tool: VIVACIOUSGIFT
NACHOCHEESE

2020-08-19 ⋅ CISA ⋅ CISA
MAR-10295134-1.v1 - North Korean Remote Access Trojan: BLINDINGCAN
BLINDINGCAN