Malpedia Library

Click here to download all references as Bib-File.•

2021-05-20 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on Java-based STRRAT malware campaign distributed via email
STRRAT

2021-05-19 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike

2021-05-19 ⋅ Nozomi Networks ⋅ Alexey Kleymenov
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
DarkSide

2021-05-19 ⋅ The Record ⋅ Adam Janofsky
SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019

2021-05-19 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
May Android security updates patch 4 zero-days exploited in the wild

2021-05-19 ⋅ Youtube (OALabs) ⋅ Sergei Frankoff
Reverse Engineering Warzone RAT - Part 1
Ave Maria

2021-05-19 ⋅ The Wall Street Journal ⋅ Collin Eaton
Colonial Pipeline CEO Tells Why He Paid Hackers a $4.4 Million Ransom
DarkSide DarkSide

2021-05-19 ⋅ Twitter (@ThreatFabric) ⋅ ThreatFabric
Tweet on Anatsa android banking trojan targeting 7 more italian banks
Anatsa

2021-05-18 ⋅ RECON INFOSEC ⋅ Andrew Cook
An Encounter With TA551/Shathak
IcedID

2021-05-18 ⋅ Sophos ⋅ Greg Iddon, John Shier, Mat Gangwer, Peter Mackenzie
The Active Adversary Playbook 2021
Cobalt Strike MimiKatz

2021-05-18 ⋅ Blackberry ⋅ BlackBerry Threat Research and Intelligence Team
Strong ARMing with MacOS: Adventures in Cross-Platform Emulation

2021-05-18 ⋅ Elastic ⋅ Apoorva Joshi, Craig Chamberlain, Disha Dasgupta
ProblemChild: Detecting living-off-the-land attacks using the Elastic Stack

2021-05-18 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
A native packer for Android/MoqHao
MoqHao

2021-05-18 ⋅ The Record ⋅ Catalin Cimpanu
Darkside gang estimated to have made over $90 million from ransomware attacks
DarkSide DarkSide Mailto Maze REvil Ryuk

2021-05-18 ⋅ Bitdefender ⋅ Aron Radu, Bogdan Botezatu, George Mihali, Mihai Neagu, Ștefan Trifescu
New WastedLoader Campaign Delivered Through RIG Exploit Kit
WastedLoader WastedLocker

2021-05-17 ⋅ Medium s2wlab ⋅ Denise Dasom Kim, Hyunmin Suh, Jungyeon Lim, YH Jeong
W3 May | EN | Story of the week: Code Signing Certificate on the Darkweb
Stuxnet

2021-05-17 ⋅ Talos ⋅ Brad Garnett
Case Study: Incident Response is a relationship-driven business
Cobalt Strike

2021-05-17 ⋅ Dragos ⋅ Kent Backman
Investigating the Watering Hole Linked to the Oldsmar Water Treatment Facility Breach
Tofsee

2021-05-17 ⋅ Fortinet ⋅ Fred Gutierrez, Gayathri Thirugnanasambandam, Val Saengphaibul
Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions
DarkSide

2021-05-17 ⋅ The Record ⋅ Catalin Cimpanu
Three major hacking forums ban ransomware ads as some ransomware gangs shut down