Malpedia Library

Click here to download all references as Bib-File.•

2021-04-17 ⋅ YouTube (Worcester DEFCON Group) ⋅ Joel Snape, Nettitude
Inside IcedID: Anatomy Of An Infostealer
IcedID

2021-04-17 ⋅ Advanced Intelligence ⋅ Al Calleo, Vitali Kremez, Yelisey Boguslavskiy
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Ryuk

2021-04-13 ⋅ lacework ⋅ Tom Hegel
Carbine Loader Cryptojacking Campaign

2021-04-01 ⋅ Microsoft ⋅ Cole Sodja, Joshua Neil, Justin Carroll, Melissa Turcotte, Microsoft 365 Defender Research Team
Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

2021-03-30 ⋅ F-Secure ⋅ F-Secure Labs
Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks

2021-03-26 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Ransomware gang urges victims’ customers to demand a ransom payment
Clop

2021-03-25 ⋅ Microsoft ⋅ Tom McElroy
Web Shell Threat Hunting with Azure Sentinel
CHINACHOPPER

2021-03-22 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Lazarus Attack Activities Targeting Japan (VSingle/ValeforBeta)
VSingle

2021-03-18 ⋅ ⋅ Poliisi ⋅ Poliisi
Eduskunnan tietojärjestelmiin kohdistuneen tietomurron tutkinnassa selvitetään yhteyttä APT31-toimijaan
APT31

2021-03-17 ⋅ GoggleHeadedHacker Blog ⋅ Jacob Pimental
Automatic Gobfuscator Deobfuscation with EKANS Ransomware
Snake

2021-03-15 ⋅ MinervaLabs ⋅ Tom Roter
Taurus Stealer's Evolution
Taurus Stealer

2021-03-02 ⋅ Microsoft ⋅ Tom Burt
New nation-state cyberattacks (HAFNIUM)

2021-02-16 ⋅ Cybereason ⋅ Tom Fakterman
Cybereason vs. NetWalker Ransomware
Mailto

2021-02-12 ⋅ InfoSec Handlers Diary Blog ⋅ Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla

2021-02-08 ⋅ CrowdStrike ⋅ Seb Walla, Tom Henry, Tom Simpson
Blocking SolarMarker Backdoor
solarmarker

2021-01-26 ⋅ Twitter (@swisscom_csirt) ⋅ Swisscom CSIRT
Tweet on Cring Ransomware groups using customized Mimikatz sample followed by CobaltStrike and dropping Cring rasomware
Cobalt Strike Cring MimiKatz

2021-01-26 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Operation Dream Job by Lazarus
LCPDot Torisma Lazarus Group

2021-01-20 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Commonly Known Tools Used by Lazarus
Lazarus Group

2021-01-19 ⋅ HP ⋅ Patrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex

2021-01-19 ⋅ ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Tools used within the network invaded by attack group Lazarus