Malpedia Library

Click here to download all references as Bib-File.•

2021-05-20 ⋅ Github (microsoft) ⋅ Microsoft
Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares
STRRAT OceanLotus BabyShark Elise Revenge RAT WastedLocker Zebrocy

2021-05-19 ⋅ Team Cymru ⋅ Andy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID

2021-05-19 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike

2021-05-19 ⋅ Nozomi Networks ⋅ Alexey Kleymenov
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
DarkSide

2021-05-19 ⋅ The Record ⋅ Adam Janofsky
SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019

2021-05-19 ⋅ The Wall Street Journal ⋅ Collin Eaton
Colonial Pipeline CEO Tells Why He Paid Hackers a $4.4 Million Ransom
DarkSide DarkSide

2021-05-18 ⋅ Sophos ⋅ Greg Iddon, John Shier, Mat Gangwer, Peter Mackenzie
The Active Adversary Playbook 2021
Cobalt Strike MimiKatz

2021-05-18 ⋅ Blackberry ⋅ BlackBerry Threat Research and Intelligence Team
Strong ARMing with MacOS: Adventures in Cross-Platform Emulation

2021-05-18 ⋅ Elastic ⋅ Apoorva Joshi, Craig Chamberlain, Disha Dasgupta
ProblemChild: Detecting living-off-the-land attacks using the Elastic Stack

2021-05-18 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Malware Analysis: Agent Tesla Part 1/2 Extraction of final payload from dropper.
Agent Tesla

2021-05-18 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
A native packer for Android/MoqHao
MoqHao

2021-05-18 ⋅ Digital Shadows ⋅ Photon Research Team
Examining Russian-language Cybercriminal Marketplaces

2021-05-18 ⋅ The Record ⋅ Catalin Cimpanu
Darkside gang estimated to have made over $90 million from ransomware attacks
DarkSide DarkSide Mailto Maze REvil Ryuk

2021-05-17 ⋅ Back Engineering ⋅ _xeroxz
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture

2021-05-17 ⋅ Dragos ⋅ Kent Backman
Investigating the Watering Hole Linked to the Oldsmar Water Treatment Facility Breach
Tofsee

2021-05-17 ⋅ The Record ⋅ Catalin Cimpanu
Three major hacking forums ban ransomware ads as some ransomware gangs shut down

2021-05-17 ⋅ Kaspersky ⋅ GReAT
Bizarro banking Trojan expands its attacks to Europe
Bizzaro

2021-05-17 ⋅ Gigamon ⋅ Joe Slowik
Tracking DarkSide and Ransomware: The Network View
DarkSide DarkSide

2021-05-16 ⋅ Nikkei Asia ⋅ Yuichi Sakaguchi
Japan lashes out against alleged Chinese military cyberattacks

2021-05-16 ⋅ NCSC Ireland ⋅ NCSC Ireland
Ransomware Attack on Health Sector - UPDATE 2021-05-16
Cobalt Strike Conti