Malpedia Library

Click here to download all references as Bib-File.•

2022-01-18 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Bren Matthew Ebriega, Don Ovid Ladores, Mary Yambao
New Ransomware Spotted: White Rabbit and Its Evasion Tactics

2022-01-14 ⋅ Trend Micro ⋅ Bren Matthew Ebriega
Ransom.Win32.WHITERABBIT.YACAET
WhiteRabbit

2022-01-14 ⋅ Mandiant ⋅ Bryan Turner, Daniel Smith, Matthew McWhirt, Omar Toor
Proactive Preparation and Hardening to Protect Against Destructive Attacks

2021-12-15 ⋅ Mandiant ⋅ John Hultquist, Matthew McWhirt
Log4Shell Initial Exploitation and Mitigation Recommendations

2021-10-19 ⋅ Proofpoint ⋅ Axel F, Brandon Murphy, Crista Giering, Georgi Mladenov, Matthew Mesa, Zydeca Cass
Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
FlawedGrace MirrorBlast

2021-08-17 ⋅ Huntress Labs ⋅ Matthew Brennan
Snakes on a Domain: An Analysis of a Python Malware Loader

2021-08-17 ⋅ Volatility Labs ⋅ Damien Cash, Josh Grunzweig, Matthew Meltzer, Steven Adair, Thomas Lancaster
North Korean APT37 / InkySquid Infects Victims Using Browser Exploits
BLUELIGHT APT37

2021-06-24 ⋅ Proofpoint ⋅ Crista Giering, Dennis Schwarz, Matthew Mesa
JSSLoader: Recoded and Reloaded
JSSLoader Storm-0324

2021-06-15 ⋅ NCC Group ⋅ Michael Matthews, NCC RIFT, William Backhouse
Handy guide to a new Fivehands ransomware variant
FiveHands

2021-05-27 ⋅ Volexity ⋅ Damien Cash, Josh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns
Cobalt Strike

2021-05-25 ⋅ Huntress Labs ⋅ Matthew Brennan
Cobalt Strikes Again: An Analysis of Obfuscated Malware
Cobalt Strike

2021-05-06 ⋅ Sophos Labs ⋅ Bill Kearney, Kyle Link, Matthew Sharf, Peter Mackenzie, Tilly Travers
MTR in Real Time: Pirates pave way for Ryuk ransomware
Ryuk

2021-03-14 ⋅ DAILY BEAST ⋅ Matthew Brazil
How China’s Devastating Microsoft Hack Puts Us All at Risk
HAFNIUM

2021-03-10 ⋅ Proofpoint ⋅ Dennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike

2021-03-08 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Durgesh Sangvikar, Matthew Tennis, Rongbo Shao, Yanhui Jia
Attack Chain Overview: Emotet in December 2020 and January 2021
Emotet

2021-03-02 ⋅ Volexity ⋅ Josh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
CHINACHOPPER HAFNIUM

2021-01-19 ⋅ Mandiant ⋅ Douglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)

2021-01-19 ⋅ FireEye ⋅ Douglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

2021-01-06 ⋅ Mimecast ⋅ Matthew Gardiner
How to Slam a Door on the Cutwail Botnet: Enforce DMARC
Cutwail

2020-12-18 ⋅ Trend Micro ⋅ Junestherry Salvador, Matthew Camacho, Raphael Centeno
Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware
Agent Tesla Dharma