Malpedia Library

Click here to download all references as Bib-File.•

2021-07-07 ⋅ Trustwave ⋅ Nikita Kazymirskyi, Rodel Mendrez
Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
Cobalt Strike REvil

2021-07-07 ⋅ Kaspersky ⋅ Denis Legezo
WildPressure targets the macOS platform
Guard Milum WildPressure

2021-07-06 ⋅ Zscaler ⋅ Zscaler
Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload
REvil

2021-07-06 ⋅ Twitter (@_alex_il_) ⋅ Alex Ilgayev
Tweet on REvil ransomware actor using vulnerable defender executable in its infection flow in early may before Kaseya attack
REvil

2021-07-06 ⋅ 0ffset Blog ⋅ 0verfl0w_, Daniel Bunce
New TA402/MOLERATS Malware – Decrypting .NET Reactor Strings
SharpStage

2021-07-06 ⋅ The Record ⋅ Catalin Cimpanu
Moroccan hacker Dr HeX arrested for phishing attacks, malware distribution

2021-07-06 ⋅ Twitter (@MBThreatIntel) ⋅ Malwarebytes Threat Intelligence
Tweet on a malspam campaign that is taking advantage of Kaseya VSA ransomware attack to drop CobaltStrike
Cobalt Strike

2021-07-06 ⋅ paloalto Networks Unit 42 ⋅ John Martineau
Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
Gandcrab REvil

2021-07-05 ⋅ ⋅ Antiy CERT ⋅ Antiy CERT
Analysis of "Bitter Elephant" organization's attack activities against my country in the first half of the year

2021-07-05 ⋅ Morphisec ⋅ Morphisec
Real-Time Prevention of the Kaseya VSA Supply Chain REvil Ransomware Attack
REvil

2021-07-05 ⋅ Trend Micro ⋅ Abraham Camba, Buddy Tancio, Catherine Loveria, Ryan Maglaque
Tracking Cobalt Strike: A Trend Micro Vision One Investigation
Cobalt Strike

2021-07-05 ⋅ ⋅ Antiy ⋅ Antiy CERT
Analysis of "Bitter Elephant" organization's attacks against country in the first half of the year

2021-07-05 ⋅ ⋅ S2W LAB Inc. ⋅ S2W LAB INTELLIGENCE TEAM
Kaseya supply chain attack delivers mass ransomware
REvil

2021-07-05 ⋅ Kaspersky ⋅ Kaspersky
REvil ransomware attack against MSPs and its clients around the world
REvil

2021-07-05 ⋅ Github (f0wl) ⋅ Marius Genheimer
REvil Linux Configuration Extractor
REvil

2021-07-04 ⋅ Sophos ⋅ Anand Ajjan, Mark Loman, Sean Gallagher
Independence Day: REvil uses supply chain exploit to attack hundreds of businesses
REvil

2021-07-04 ⋅ Twitter (@svch0st) ⋅ Zach
Tweet on #Kaseya detection tool for detecting REvil
REvil

2021-07-04 ⋅ TRUESEC ⋅ Fabio Viggiani
Kaseya supply chain attack targeting MSPs to deliver REvil ransomware
REvil

2021-07-04 ⋅ CISA ⋅ US-CERT
CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil

2021-07-03 ⋅ Medium Doublepulsar ⋅ Kevin Beaumont
Kaseya supply chain attack delivers mass ransomware event to US companies
REvil