Malpedia Library

Click here to download all references as Bib-File.•

2020-10-30 ⋅ Cofense ⋅ The Cofense Intelligence Team
The Ryuk Threat: Why BazarBackdoor Matters Most
BazarBackdoor Ryuk

2020-10-30 ⋅ Reuters ⋅ Christopher Bing, Joel Schectman, Raphael Satter
Russian hackers targeted California, Indiana Democratic parties

2020-10-29 ⋅ Twitter (@anthomsec) ⋅ Andrew Thompson
Tweet on UNC1878 activity
BazarBackdoor Ryuk TrickBot UNC1878

2020-10-29 ⋅ RiskIQ ⋅ RiskIQ
Ryuk Ransomware: Extensive Attack Infrastructure Revealed
Cobalt Strike Ryuk

2020-10-29 ⋅ US-CERT ⋅ US-CERT
Malware Analysis Report (AR20-303B): ZEBROCY Backdoor
Zebrocy

2020-10-29 ⋅ Palo Alto Networks Unit 42 ⋅ Janos Szurdi, Jingwei Fan, Ruian Duan, Seokkyung Chung, Zhanhao Chen
Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee
Emotet

2020-10-29 ⋅ CNN ⋅ Alex Marquardt, Lauren Mascarenhas, Vivian Salama
Several hospitals targeted in new wave of ransomware attacks
Ryuk

2020-10-29 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hacking group is targeting US hospitals with Ryuk ransomware
Ryuk

2020-10-29 ⋅ Reuters ⋅ Christopher Bing, Joseph Menn
Building wave of ransomware attacks strike U.S. hospitals
Ryuk

2020-10-28 ⋅ Twitter (@BitsOfBinary) ⋅ John
Tweet on macOS version of Manuscrypt
Manuscrypt

2020-10-28 ⋅ CISA ⋅ CISA, FBI, HHS
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
AnchorDNS Anchor BazarBackdoor Ryuk

2020-10-28 ⋅ SophosLabs Uncut ⋅ Anand Ajjan, Bill Kearny, Brett Cove, Elida Leite, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Syed Shahram
Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader

2020-10-28 ⋅ Accenture ⋅ Cyber Defense
Turla uses HyperStack, Carbon, and Kazuar to compromise government entity
Cobra Carbon System Kazuar TurlaRPC Turla SilentMoon

2020-10-28 ⋅ Malwarebytes ⋅ hasherezade, Hossein Jazi, Jérôme Segura, Marcelo Rivero
Fake COVID-19 survey hides ransomware in Canadian university attack
Vaggen

2020-10-28 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Cedric Pernet, Daniel Lunghi, Elliot Cao, Jaromír Hořejší, John Zhang, Joseph C Chen, William Gamazo Sanchez
Operation Earth Kitsune: A Dance of Two New Backdoors
AgfSpy DneSpy SLUB Earth Kitsune

2020-10-28 ⋅ Microsoft ⋅ Tom Burt
Cyberattacks target international conference attendees (APT35/PHOSPHORUS)

2020-10-27 ⋅ Cofense ⋅ Adam Martin, Cofense Phishing Defense Center, Kian Buckley Maher, Nathaniel Sagibanda
Purchase Order Phishing, the Everlasting Phishing Tactic

2020-10-27 ⋅ Sophos Managed Threat Response (MTR) ⋅ Greg Iddon
MTR Casebook: An active adversary caught in the act
Cobalt Strike

2020-10-27 ⋅ Dr.Web ⋅ Dr.Web
Study of the ShadowPad APT backdoor and its relation to PlugX
Ghost RAT PlugX ShadowPad

2020-10-27 ⋅ Zscaler ⋅ Sahil Antil, Sudeep Singh
APT-31 leverages COVID-19 vaccine theme and abuses legitimate online services