Malpedia Library

Click here to download all references as Bib-File.•

2021-05-21 ⋅ ⋅ LAC ⋅ Yoshihiro Ishikawa
Targeted attack by 'Cobalt Strike loader' that exploits Microsoft's digital signature-Attacker group APT41
Cobalt Strike DUSTPAN

2021-05-21 ⋅ ⋅ НКЦКИ - Главная, Ростелеком-Солар
Research report of the series of attacks on the state authorities of the Russian Federation
Mail-O

2021-05-21 ⋅ The Record ⋅ Catalin Cimpanu
FSB NKTsKI: Foreign ‘cyber mercenaries’ breached Russian federal agencies
Mail-O

2021-05-21 ⋅ Bleeping Computer ⋅ Ionut Ilascu
DarkSide affiliates claim gang's bitcoins in deposit on hacker forum
DarkSide

2021-05-21 ⋅ 360 Total Security ⋅ kate
DarkSide’s Targeted Ransomware Analysis Report for Critical U.S. Infrastructure
DarkSide

2021-05-20 ⋅ SubexSecure ⋅ Hussain Kathawala
CyberGate Threat Report
CyberGate

2021-05-20 ⋅ CrowdStrike ⋅ joshua fraser
Response When Minutes Matter: When Good Tools Are Used for (R)Evil
REvil

2021-05-20 ⋅ FBI ⋅ FBI
Alert Number CP-000147-MW: Conti Ransomware Attacks Impact Healthcare and First Responder Networks
Conti

2021-05-20 ⋅ Digital Shadows ⋅ Stefano De Blasi
Ransomware-as-a-Service, Rogue Affiliates, and What’s Next
DarkSide DarkSide REvil

2021-05-20 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex

2021-05-20 ⋅ RiskIQ ⋅ Jennifer Grob
Analysis of Infrastructure used by DarkSide Affiliates
DarkSide

2021-05-20 ⋅ Github (microsoft) ⋅ Microsoft
Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares
STRRAT OceanLotus BabyShark Elise Revenge RAT WastedLocker Zebrocy

2021-05-20 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on Java-based STRRAT malware campaign distributed via email
STRRAT

2021-05-19 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike

2021-05-19 ⋅ Nozomi Networks ⋅ Alexey Kleymenov
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
DarkSide

2021-05-19 ⋅ The Record ⋅ Adam Janofsky
SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019

2021-05-19 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
May Android security updates patch 4 zero-days exploited in the wild

2021-05-19 ⋅ Youtube (OALabs) ⋅ Sergei Frankoff
Reverse Engineering Warzone RAT - Part 1
Ave Maria

2021-05-19 ⋅ The Wall Street Journal ⋅ Collin Eaton
Colonial Pipeline CEO Tells Why He Paid Hackers a $4.4 Million Ransom
DarkSide DarkSide

2021-05-19 ⋅ Twitter (@ThreatFabric) ⋅ ThreatFabric
Tweet on Anatsa android banking trojan targeting 7 more italian banks
Anatsa