Malpedia Library

Click here to download all references as Bib-File.•

2020-12-14 ⋅ Cisco Talos ⋅ Nick Biasini
Threat Advisory: SolarWinds supply chain attack
SUNBURST TEARDROP

2020-12-13 ⋅ CISA ⋅ CISA
Active Exploitation of SolarWinds Software
SUNBURST

2020-12-09 ⋅ Cisco ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Fall 2020
Cobalt Strike IcedID Maze RansomEXX Ryuk

2020-11-18 ⋅ Cisco ⋅ Edmund Brumaghin, Jaeson Schultz, Nick Biasini
Back from vacation: Analyzing Emotet’s activity in 2020
Emotet

2020-11-17 ⋅ Cisco Talos ⋅ Nikhil Hegde
Nibiru ransomware variant decryptor
Nibiru

2020-11-09 ⋅ Digital14 ⋅ Ahmed Al Hashmi, Joseph Francis, Mylene Villacorte
The Exploitation of CVE-2020-0688 in the UAE

2020-10-29 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
KnSpy

2020-10-28 ⋅ CISA ⋅ CISA, FBI, HHS
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
AnchorDNS Anchor BazarBackdoor Ryuk

2020-09-30 ⋅ Virus Bulletin ⋅ Francis Labelle, Matthieu Faou
XDSPY: STEALING GOVERNMENT SECRETS SINCE 2011
XDSpy XDSpy

2020-09-29 ⋅ Cisco Talos ⋅ Chris Neal
LodaRAT Update: Alive and Well
Loda

2020-09-21 ⋅ Cisco Talos ⋅ Joe Marshall, JON MUNSHAW, Nick Mavis
The art and science of detecting Cobalt Strike
Cobalt Strike

2020-09-02 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink
Salfram: Robbing the place without removing your name tag
Ave Maria ISFB SmokeLoader Zloader

2020-09-01 ⋅ Cisco Talos ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends in Summer 2020
Cobalt Strike LockBit Mailto Maze Ryuk

2020-08-26 ⋅ CISA ⋅ CISA, FBI, U.S. Cyber Command, U.S. Department of the Treasury
Alert (AA20-239A): FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks
FastCash

2020-08-26 ⋅ CISA ⋅ CISA
MAR-10301706-1.v1 - North Korean Remote Access Tool: ECCENTRICBANDWAGON
PSLogger

2020-08-26 ⋅ CISA ⋅ CISA
MAR-10301706-2.v1 - North Korean Remote Access Tool: VIVACIOUSGIFT
NACHOCHEESE

2020-08-19 ⋅ CISA ⋅ CISA
MAR-10295134-1.v1 - North Korean Remote Access Trojan: BLINDINGCAN
BLINDINGCAN

2020-08-03 ⋅ US-CERT ⋅ CISA, US-CERT
MAR-10292089-1.v1 – Chinese Remote Access Trojan: TAIDOOR
taidoor

2020-07-27 ⋅ CISA ⋅ CISA, NCSC UK
Alert (AA20-209A): Potential Legacy Risk from Malware Targeting QNAP NAS Devices
QSnatch

2020-07-27 ⋅ NCSC UK ⋅ CISA, NCSC UK
Alert: Potential legacy risk from malware targeting QNAP NAS devices
QSnatch