Malpedia Library

Click here to download all references as Bib-File.•

2020-12-17 ⋅ ESET Research ⋅ Ignacio Sanmillan, Matthieu Faou
Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
SManager

2020-12-16 ⋅ Pastebin ⋅ Anonymous
Paste of subdomain & DGA domain names used in SolarWinds attack
SUNBURST UNC2452

2020-12-16 ⋅ Cyborg Security ⋅ Josh Meltzer
SUNBURST: SolarWinds Supply-Chain Attack
SUNBURST

2020-12-16 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on 3 key actions SUNBURST performs as soon as it's invoked
SUNBURST

2020-12-16 ⋅ Click All the Things! Blog ⋅ Jamie
Snake/404 Keylogger, BIFF, and Covering Tracks?: An unusual maldoc

2020-12-16 ⋅ Cloudflare ⋅ Jesse Kipp, Malavika Balachandran Tadeusz
Trend data on the SolarWinds Orion compromise
SUNBURST

2020-12-16 ⋅ Bleeping Computer ⋅ Lawrence Abrams
FireEye, Microsoft create kill switch for SolarWinds backdoor
SUNBURST

2020-12-16 ⋅ Dragos ⋅ Camille Singleton, IBM SECURITY X-FORCE, Selena Larson
Assessing Ransomware and Extortion Activities Impacting Industrial Organizations: Ransomware in ICS Environments
REvil

2020-12-16 ⋅ Reuters ⋅ Raphael Satter
Exclusive-Suspected Chinese hackers stole camera footage from African Union - memo

2020-12-16 ⋅ Lookout ⋅ Apurva Kumar, Diane Wee, Justin Albrecht, Robert Nickle
Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users
goontact

2020-12-16 ⋅ Accenture ⋅ Paul Mansfield
Tracking and combatting an evolving danger: Ransomware extortion
DarkSide Egregor Maze Nefilim RagnarLocker REvil Ryuk SunCrypt

2020-12-16 ⋅ SophosLabs Uncut ⋅ Sean Gallagher, Sivagnanam Gn
Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor
SystemBC

2020-12-15 ⋅ Prevasio ⋅ Sergei Shevchenko
Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware (Broken link)
SUNBURST

2020-12-15 ⋅ Cyborg Security ⋅ Austin Jackson
Threat Hunt Deep Dives: SolarWinds Supply Chain Compromise (Solorigate / SUNBURST Backdoor)
SUNBURST

2020-12-15 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Unpacking an Android malware with Dexcalibur and JEB

2020-12-15 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Operation Falling Eagle-the secret of the most influential supply chain attack in history
SUNBURST

2020-12-15 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on some more capabilties of SUNBURST backdoor
SUNBURST

2020-12-15 ⋅ Facebook ⋅ David Agranovich, Nathaniel Gleicher
Removing Coordinated Inauthentic Behavior from France and Russia

2020-12-15 ⋅ Trend Micro ⋅ Buddy Tancio, Gilbert Sison, Lenart Bermejo
Finding APTX: Attacks via MITRE TTPs
Chinoxy

2020-12-15 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on CyberChef recipe to extract and decode strings from #SolarWinds malware binaries.
SUNBURST