Malpedia Library

Click here to download all references as Bib-File.•

2021-05-08 ⋅ Australian Signals Directorate ⋅ Australian Cyber Security Centre (ACSC)
2021-003: Ongoing campaign using Avaddon Ransomware
Avaddon

2021-05-08 ⋅ Reuters ⋅ Christopher Bing, Stephanie Kelly
Cyber attack shuts down top U.S. fuel pipeline network
DarkSide

2021-05-08 ⋅ The Record ⋅ Catalin Cimpanu
SolarWinds says fewer than 100 customers were impacted by supply chain attack
SUNBURST

2021-05-07 ⋅ NCSC UK ⋅ NCSC UK
Further TTPs associated with SVR cyber actors
Sliver

2021-05-07 ⋅ Cisco Talos ⋅ Andrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck

2021-05-07 ⋅ SolarWinds ⋅ Solarwind
An Investigative Update of the Cyberattack
SUNBURST

2021-05-07 ⋅ Department of Justice ⋅ Office of Public Affairs
Four Individuals Plead Guilty to RICO Conspiracy Involving “Bulletproof Hosting” for Cybercriminals
Citadel SpyEye Zeus

2021-05-07 ⋅ GCHQ ⋅ CISA, FBI, NCSC UK, NSA
Further TTPs associated with SVR cyber actors: Use of multiple publicly available exploits and Sliver framework to target organisations globally

2021-05-07 ⋅ Medium svch0st ⋅ svch0st
Stats from Hunting Cobalt Strike Beacons
Cobalt Strike

2021-05-07 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Data leak marketplaces aim to take over the extortion economy
Babuk Maze

2021-05-07 ⋅ Group-IB ⋅ Oleg Skulkin, Semyon Rogachev
Connecting the Bots Hancitor fuels Cuba Ransomware Operations
Cuba Hancitor

2021-05-06 ⋅ Black Hat ⋅ Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment

2021-05-06 ⋅ Black Hat ⋅ Christian Doerr, Tsuyoshi Taniguchi
How Did the Adversaries Abusing Bitcoin Blockchain Evade Our Takeover
Cerber Pony

2021-05-06 ⋅ Group-IB ⋅ Viktor Okorokov
GrelosGTM group abuses Google Tag Manager to attack e-commerce websites

2021-05-06 ⋅ Sophos Labs ⋅ Bill Kearney, Kyle Link, Matthew Sharf, Peter Mackenzie, Tilly Travers
MTR in Real Time: Pirates pave way for Ryuk ransomware
Ryuk

2021-05-06 ⋅ Facebook ⋅ Facebook
April 2021 Coordinated Inauthentic Behavior Report

2021-05-06 ⋅ Cyborg Security ⋅ Brandon Denker
Ransomware: Hunting for Inhibiting System Backup or Recovery
Avaddon Conti DarkSide LockBit Mailto Maze Mespinoza Nemty PwndLocker RagnarLocker RansomEXX REvil Ryuk Snatch ThunderX

2021-05-06 ⋅ Twitter (@SyscallE) ⋅ NtUnmapViewOfSection
Tweet on short analysis of Nebulae Backdoor
Nebulae

2021-05-06 ⋅ Blackberry ⋅ BlackBerry Research and Intelligence team
Threat Thursday: Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics
REvil

2021-05-06 ⋅ MIT Technology Review ⋅ Patrick Howell O'Neill
How China turned a prize-winning iPhone hack against the Uyghurs