Malpedia Library

2021-05-11 ⋅ tisiphone.net blog ⋅ Lesley Carhart
Reasonable IR Team Expectations

2021-05-11 ⋅ Sophos ⋅ Ferenc László Nagy, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Suriya Natarajan, Szabolcs Lévai, Yusuf Arslan Polat
A defender’s view inside a DarkSide ransomware attack
DarkSide

2021-05-11 ⋅ CISA ⋅ US-CERT
Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
DarkSide

2021-05-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla
Agent Tesla AsyncRAT

2021-05-11 ⋅ KrebsOnSecurity ⋅ Brian Krebs
A Closer Look at the DarkSide Ransomware Gang
DarkSide

2021-05-11 ⋅ Qianxin ⋅ Qi'anxin Threat Intelligence
Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait

2021-05-10 ⋅ Cleafy ⋅ Federico Valentini, Francesco Iubatti
TeaBot: a new Android malware emerged in Italy, targets banks in Europe
Anatsa

2021-05-10 ⋅ MALWATION ⋅ malwation
IcedID Malware Technical Analysis Report
IcedID

2021-05-10 ⋅ ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks
DarkSide

2021-05-10 ⋅ University College London ⋅ Alex Wilkinson, Emily Lewis, Toni Mlinarević
Machine Learning for Static Malware Analysis

2021-05-10 ⋅ TEAMT5 ⋅ Charles Li
APT Threat Landscape of Taiwan in 2020

2021-05-10 ⋅ POLITICO ⋅ Andrew Desiderio, Lara Seligman
Russian spy unit suspected of directed-energy attacks on U.S. personnel

2021-05-10 ⋅ DarkTracer ⋅ DarkTracer
Intelligence Report on Ransomware Gangs on the DarkWeb: List of victim organizations attacked by ransomware gangs released on the DarkWeb
RansomEXX Avaddon Babuk Clop Conti Cuba DarkSide DoppelPaymer Egregor Hades LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker Nefilim Nemty Pay2Key PwndLocker RagnarLocker Ragnarok RansomEXX REvil Sekhmet SunCrypt ThunderX

2021-05-10 ⋅ Mal-Eats ⋅ mal_eats
Overview of Campo, a new attack campaign targeting Japan
AnchorDNS BazarBackdoor Cobalt Strike ISFB Phobos TrickBot Zloader

2021-05-10 ⋅ Intel 471 ⋅ Intel 471
Here’s what we know about DarkSide ransomware
DarkSide

2021-05-10 ⋅ Stratosphere Lab ⋅ Kamila Babayeva, Sebastian García
Dissecting a RAT. Analysis of the HawkShaw.
HawkShaw

2021-05-10 ⋅ SecurityIntelligence ⋅ Limor Kessem
Shedding Light on the DarkSide Ransomware Attack
DarkSide

2021-05-08 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on CyberChef recipe to extract Revil Ransomware configuration
REvil

2021-05-08 ⋅ Australian Signals Directorate ⋅ Australian Cyber Security Centre (ACSC)
2021-003: Ongoing campaign using Avaddon Ransomware
Avaddon

2021-05-08 ⋅ Reuters ⋅ Christopher Bing, Stephanie Kelly
Cyber attack shuts down top U.S. fuel pipeline network
DarkSide