Malpedia Library

Click here to download all references as Bib-File.•

2021-02-16 ⋅ SophosLabs Uncut ⋅ Peter Mackenzie, Tilly Travers
What to expect when you’ve been hit with Conti ransomware
Conti

2021-02-16 ⋅ SophosLabs Uncut ⋅ Michael Heller
A Conti ransomware attack day-by-day
Conti

2021-02-15 ⋅ Wired ⋅ Andy Greenberg
France Ties Russia's Sandworm to a Multiyear Hacking Spree
Exaramel Exaramel

2021-02-15 ⋅ cyble ⋅ cybleinc
Ngrok Platform Abused by Hackers to Deliver a New Wave of Phishing Attacks

2021-02-15 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Qakbot post infection discovery activity
QakBot

2021-02-12 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
A twitter thread on discussing updated attack chain of EVILNUM group and their use PYVIL malware
PyVil

2021-02-11 ⋅ Cyber And Ramen blog ⋅ Mike R
BlackTech Updates Elf-Plead Backdoor
PLEAD

2021-02-11 ⋅ US-CERT ⋅ CISA, FBI
Alert (AA21-042A): Compromise of U.S. Water Treatment Facility

2021-02-11 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise

2021-02-11 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Hancitor Activity followed by cobaltsrike beacon
Cobalt Strike Hancitor

2021-02-10 ⋅ Anomali ⋅ Anomali Threat Research, Gage Mele, Winston Marydasan, Yury Polozov
Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies

2021-02-10 ⋅ 360 netlab ⋅ Liu Ya
Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed

2021-02-10 ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Windows kernel zero-day exploit (CVE-2021-1732) is used by BITTER APT in targeted attack

2021-02-10 ⋅ Cado Security ⋅ Christopher Doman
Punk Kitty Ransom - Analysing HelloKitty Ransomware Attacks
HelloKitty

2021-02-09 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Water, Water Everywhere – But Nary a Hacker to Blame

2021-02-09 ⋅ Medium (@alex.birsan) ⋅ Alex Birsan
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies

2021-02-09 ⋅ Microsoft ⋅ Microsoft
3 Ways to Mitigate Risk When Using Private Package Feeds

2021-02-09 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Threat actors now target Docker via container escape features

2021-02-09 ⋅ Securehat ⋅ Securehat
Extracting the Cobalt Strike Config from a TEARDROP Loader
Cobalt Strike TEARDROP

2021-02-09 ⋅ Cofense ⋅ Zachary Bailey
BazarBackdoor’s Stealthy Infiltration Evades Multiple SEGs
BazarBackdoor