Malpedia Library

Click here to download all references as Bib-File.•

2021-01-21 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria

2021-01-20 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP

2021-01-14 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Higaisa or Winnti? APT41 backdoors, old and new
Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad

2021-01-08 ⋅ Reaqta ⋅ ReaQta Threat Intelligence Team
Leonardo S.p.A. Data Breach Analysis

2020-12-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-16 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
旺刺组织（APT-C-47）使用ClickOnce技术的攻击活动披露

2020-12-15 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Operation Falling Eagle-the secret of the most influential supply chain attack in history
SUNBURST

2020-12-01 ⋅ Qianxin ⋅ Qi Anxin Threat Intelligence Center
Blade Eagle Group - Targeted attack group activities circling the Middle East and West Asia's cyberspace revealed
SpyNote BladeHawk

2020-11-30 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them
APT32

2020-11-30 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Threat actor (BISMUTH) leverages coin miner techniques to stay under the radar – here’s how to spot them
Cobalt Strike

2020-11-16 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Malsmoke operators abandon exploit kits in favor of social engineering scheme
Zloader Malsmoke

2020-11-15 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
BRUNHILDA - DaaS Malware Analysis Report
Alien Brunhilda

2020-11-12 ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Operation Gold Hunting: Targeting the Cutting-Edge Technology Industry

2020-11-09 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
Analysis of the latest targeted attacks by Lugansk against Ukraine

2020-10-30 ⋅ ⋅ 360 ⋅ Threat Intelligence Center
蓝色魔眼（APT-C-41）组织首次针对我国重要机构定向攻击活动披露
StrongPity

2020-10-30 ⋅ ⋅ Qianxin ⋅ Threat Intelligence Center
攻击武器再升级：Donot组织利用伪造签名样本的攻击活动分析

2020-10-26 ⋅ ⋅ Qianxin ⋅ Threat Intelligence Center
Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait
SideWinder

2020-10-23 ⋅ F-Secure Labs ⋅ Guillaume Couchard, Qimin Wang, Thiam Loong Siew
Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two
MimiKatz

2020-10-23 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析
Zebrocy

2020-10-14 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Silent Librarian APT right on schedule for 20/21 academic year