Malpedia Library

Click here to download all references as Bib-File.•

2021-08-31 ⋅ ebryx ⋅ Ahmad Muneeb Khan, Syed Hasan Akhtar
Exposing Sidewinder’s Arsenal against Windows

2021-08-31 ⋅ BreakPoint Labs ⋅ BreakPoint Labs
Cobalt Strike and Ransomware – Tracking An Effective Ransomware Campaign
Cobalt Strike

2021-08-31 ⋅ Minerva Labs ⋅ Minerva Labs
BlackMatter - The New Star Of Ransomware
BlackMatter

2021-08-31 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Analysis of suspected Russian-speaking attackers using COVID-19 vaccine bait to attack the Middle East
GRUNT

2021-08-31 ⋅ Yoroi ⋅ Luca Mella, Luigi Martire, Yoroi
Financial Institutions in the Sight of New JsOutProx Attack Waves
JSOutProx

2021-08-31 ⋅ CrowdStrike ⋅ Alexander Hanel
Sidoh: WIZARD SPIDER’s Mysterious Exfiltration Tool
Ryuk Stealer

2021-08-30 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on MercurialGrabber
MercurialGrabber

2021-08-30 ⋅ CrowdStrike ⋅ Eric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 1
Bateleur Griffon Carbanak DarkSide JSSLoader PILLOWMINT REvil

2021-08-30 ⋅ CrowdStrike ⋅ Michael Dawson
Hypervisor Jackpotting, Part 2: eCrime Actors Increase Targeting of ESXi Servers with Ransomware
Babuk HelloKitty REvil

2021-08-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brock Mammen, Haozhe Zhang
New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)
Mirai

2021-08-30 ⋅ CSO Online ⋅ Lucian Constantin
LockFile ransomware uses intermittent encryption to evade detection
LockFile

2021-08-30 ⋅ zero day initiative ⋅ Simon Zuckerbraun
ProxyToken: An Authentication Bypass in Microsoft Exchange Server

2021-08-29 ⋅ Medium Asuna Amawaka ⋅ Asuna Amawaka
Quarians, Turians and…QuickHeal
QuickHeal

2021-08-29 ⋅ The DFIR Report ⋅ The DFIR Report
Cobalt Strike, a Defender’s Guide
Cobalt Strike

2021-08-28 ⋅ YouTube (Kevin Bock) ⋅ Kevin Bock
Even Censors Have a Backup: Examining China’s Double HTTPS Censorship Middleboxes - FOCI 21

2021-08-28 ⋅ The Hacker News ⋅ Ravie Lakshmanan
LockFile Ransomware Bypasses Protection Using Intermittent File Encryption
LockFile

2021-08-27 ⋅ Aon ⋅ Aon’s Cyber Labs, Noah Rubin
Cobalt Strike Configuration Extractor and Parser
Cobalt Strike

2021-08-27 ⋅ University of Maryland ⋅ Dave Levin, Gabriel Naval, Kevin Bock, Kyle Reese
Even Censors Have a Backup: Examining China’s Double HTTPS Censorship Middleboxes

2021-08-27 ⋅ Morphisec ⋅ Morphisec Labs
ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors
Cobalt Strike

2021-08-27 ⋅ Juniper ⋅ Asher Langton
RealTek CVE-2021-35394 Exploited in the Wild