Malpedia Library

Click here to download all references as Bib-File.•

2021-02-25 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Research Team
TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations
scanbox Sepulcher Lucky Cat

2021-02-16 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Q4 2020 Threat Report: A Quarterly Analysis of Cybersecurity Trends, Tactics and Themes
Emotet Ryuk NARWHAL SPIDER TA800

2021-02-11 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
A Baza Valentine’s Day
BazarBackdoor

2021-02-11 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise

2021-02-06 ⋅ ⋅ Clairvoyance Security Lab ⋅ Advanced threat research team
Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises
Ave Maria

2021-02-04 ⋅ ClearSky ⋅ ClearSky Research Team
CONTI Modus Operandi and Bitcoin Tracking
Conti Ryuk

2021-02-01 ⋅ ⋅ Microstep Intelligence Bureau ⋅ Microstep online research response team
Analysis of the attack activity organized by Konni APT using the topic of North Korean epidemic materials as bait
Amadey

2021-01-30 ⋅ ⋅ Microstep Intelligence Bureau ⋅ Microstep online research response team
Analysis of Lazarus attacks against security researchers
ComeBacker

2021-01-28 ⋅ ClearSky ⋅ ClearSky Research Team
“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Volatile Cedar

2021-01-27 ⋅ ThreatConnect ⋅ ThreatConnect Research Team
CrimsonIAS: Listening for an 3v1l User
CrimsonIAS

2021-01-26 ⋅ ZecOps ⋅ ZecOps Research Team
North Korea APT Might Have Used a Mobile 0day Too?

2021-01-22 ⋅ Zscaler ⋅ ThreatLabZ research team
DreamBus Botnet - Technical Analysis

2021-01-20 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP

2021-01-07 ⋅ ClearSky ⋅ ClearSky Research Team
Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)

2021-01-04 ⋅ Congressional Research Service ⋅ Congressional Research Service
Russian Cyber Units

2020-12-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-17 ⋅ ClearSky ⋅ ClearSky Research Team
Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten
Pay2Key

2020-12-15 ⋅ ThreatConnect ⋅ ThreatConnect Research Team
Infrastructure Research and Hunting: Boiling the Domain Ocean

2020-12-11 ⋅ Blackberry ⋅ BlackBerry Research and Intelligence team
MountLocker Ransomware-as-a-Service Offers Double Extortion Capabilities to Affiliates
Cobalt Strike Mount Locker

2020-12-10 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team
Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers