Malpedia Library

Click here to download all references as Bib-File.•

2021-03-18 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
SilverFish GroupThreat Actor Report
Cobalt Strike Dridex Koadic

2021-03-18 ⋅ SUCURI ⋅ Cesar Anjos
Server Side Data Exfiltration via Telegram API

2021-03-18 ⋅ Varonis ⋅ Snir Ben Shimol
Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
DarkSide

2021-03-18 ⋅ ⋅ CERT-BR ⋅ CERT-BR
Communiqué de presse: 400 systèmes informatique belges infiltrés dans le cadre d'une vulnérabilité des serveurs Microsoft Exchange

2021-03-18 ⋅ CISA ⋅ US-CERT
Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
SUNBURST

2021-03-18 ⋅ ⋅ SUPO Finnish Security Intelligence Service ⋅ SUPO Finnish Security Intelligence Service
Supo identified the cyber espionage operation against the parliament as APT31
APT31

2021-03-18 ⋅ Elastic ⋅ Samir Bousseaden
Hunting for Lateral Movement using Event Query Language

2021-03-18 ⋅ Proofpoint ⋅ Brandon Murphy, Dennis Schwarz, Jack Mott, Proofpoint Threat Research Team
Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft
CopperStealer SmokeLoader

2021-03-18 ⋅ 360 netlab ⋅ Jinye, YANG XU
Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux
N3Cr0m0rPh Keksec

2021-03-17 ⋅ CISA ⋅ US-CERT
SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures (Dead Link)
SUNBURST

2021-03-17 ⋅ Palo Alto Networks Unit 42 ⋅ Haozhe Zhang, Jun Du, Vaibhav Singhal, Zhibin Zhang
Satori: Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE Vulnerability
Satori

2021-03-17 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Ransomware Threat Report 2021
RansomEXX Dharma DoppelPaymer Gandcrab Mailto Maze Phobos RansomEXX REvil Ryuk WastedLocker

2021-03-17 ⋅ GoggleHeadedHacker Blog ⋅ Jacob Pimental
Automatic Gobfuscator Deobfuscation with EKANS Ransomware
Snake

2021-03-17 ⋅ The Record ⋅ Catalin Cimpanu
Missed opportunity: Bug in LockBit ransomware allowed free decryptions
LockBit

2021-03-17 ⋅ HP ⋅ HP Bromium
Threat Insights Report Q4-2020
Agent Tesla BitRAT ComodoSec Dridex Emotet Ficker Stealer Formbook Zloader

2021-03-16 ⋅ Yoroi ⋅ Luca Mella, Luigi Martire
Threatening within Budget: How WSH-RAT is abused by Cyber-Crooks
Houdini

2021-03-16 ⋅ Medium CSIS Techblog ⋅ Aleksejs Kuprins
The Brief Glory of Cabassous/FluBot — a private Android banking botnet
FluBot

2021-03-16 ⋅ Elastic ⋅ Joe Desimone
Detecting Cobalt Strike with memory signatures
Cobalt Strike

2021-03-16 ⋅ The Record ⋅ Catalin Cimpanu
France’s lead cybercrime investigator on the Egregor arrests, cybercrime
Egregor

2021-03-16 ⋅ FBI ⋅ FBI
Alert Number CP-000142-MW: Increase in PYSA Ransomware Targeting Education Institutions
Mespinoza