Click here to download all references as Bib-File.•
| 2021-05-16
⋅
NCSC Ireland
⋅
Ransomware Attack on Health Sector - UPDATE 2021-05-16 Cobalt Strike Conti |
| 2021-05-14
⋅
CISA
⋅
Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise SUNBURST |
| 2021-05-14
⋅
Advanced Intelligence
⋅
From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution DarkSide |
| 2021-05-14
⋅
Intel 471
⋅
The moral underground? Ransomware operators retreat after Colonial Pipeline hack DarkSide DarkSide |
| 2021-05-14
⋅
Bleeping Computer
⋅
QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day QNAPCrypt |
| 2021-05-13
⋅
⋅
AhnLab
⋅
APT attack for domestic companies using library files ImprudentCook |
| 2021-05-13
⋅
BI. ZONE Cyber Threats Research Team
⋅
From pentest to APT attack: cybercriminal group FIN7 disguises its malware as an ethical hacker’s toolkit DICELOADER |
| 2021-05-13
⋅
Secureworks
⋅
Ransomware Groups Use Tor-Based Backdoor for Persistent Access DarkSide Snatch GOLD WATERFALL |
| 2021-05-13
⋅
Blackberry
⋅
Threat Thursday: SombRAT — Always Leave Yourself a Backdoor SombRAT |
| 2021-05-13
⋅
Anomali
⋅
Threat Actors Use MSBuild to Deliver RATs Filelessly Remcos |
| 2021-05-13
⋅
DomainTools
⋅
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors |
| 2021-05-13
⋅
ABC News
⋅
'Don't panic,' Biden tells Americans facing gasoline shortages from pipeline attack DarkSide |
| 2021-05-13
⋅
Malwarebytes
⋅
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity magecart |
| 2021-05-13
⋅
The Record
⋅
Popular hacking forum bans ransomware ads DarkSide DarkSide |
| 2021-05-13
⋅
Bleeping Computer
⋅
Popular Russian hacking forum XSS bans all ransomware topics DarkSide DarkSide LockBit REvil |
| 2021-05-13
⋅
Bloomberg
⋅
Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom DarkSide |
| 2021-05-12
⋅
Medium Mehmet Ergene
⋅
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 1 Cobalt Strike |
| 2021-05-12
⋅
FBI
⋅
PIN Number 20210512-001: Spear-Phishing Attack Directing Recipients to Download a Fake Windows Application Impersonating a Financial Institution |
| 2021-05-12
⋅
NortonLifeLock
⋅
Encrypted Chat Apps Doubling as Illegal Marketplaces |
| 2021-05-12
⋅
SecurityScorecard
⋅
New Evidence Supports Assessment that DarkSide Likely Responsible for Colonial Pipeline Ransomware Attack; Others Targeted DarkSide DarkSide |