Malpedia Library

Click here to download all references as Bib-File.•

2021-03-16 ⋅ Elastic ⋅ Joe Desimone
Detecting Cobalt Strike with memory signatures
Cobalt Strike

2021-03-16 ⋅ The Record ⋅ Catalin Cimpanu
France’s lead cybercrime investigator on the Egregor arrests, cybercrime
Egregor

2021-03-16 ⋅ FBI ⋅ FBI
Alert Number CP-000142-MW: Increase in PYSA Ransomware Targeting Education Institutions
Mespinoza

2021-03-16 ⋅ McAfee ⋅ McAfee ATR
Technical Analysis of Operation Diànxùn
Cobalt Strike

2021-03-16 ⋅ Microsoft ⋅ MSRC Team
Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 ⋅ Department of Homeland Security ⋅ CISA, Department of Homeland Security, Department of Justice
Foreign Interference Targeting Election Infrastructure or Political Organization, Campaign, or Candidate InfrastructureRelated to the 2020 US Related to the 2020 US Federal Elections

2021-03-16 ⋅ National Intelligence Council ⋅ National Intelligence Council
Foreign Threats to the 2020 US Federal Elections

2021-03-15 ⋅ Sophos Labs ⋅ Mark Loman
DearCry ransomware attacks exploit Exchange server vulnerabilities
dearcry WannaCryptor

2021-03-15 ⋅ Modern War Institute ⋅ Christopher Marsh, Mark Grzegorzewski
Incorporating the Cyberspace Domain: How Russia and China Exploit Asymmetric Advantages in Great Power Competition

2021-03-15 ⋅ Microsoft ⋅ Microsoft Security Response Center
One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021

2021-03-15 ⋅ Council on Foreign Relations ⋅ Omree Wechsler
The Iran-Russia Cyber Agreement and U.S. Strategy in the Middle East

2021-03-15 ⋅ Team Cymru ⋅ Josh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH

2021-03-14 ⋅ DAILY BEAST ⋅ Matthew Brazil
How China’s Devastating Microsoft Hack Puts Us All at Risk
HAFNIUM

2021-03-13 ⋅ YouTube (0xc7a) ⋅ 0xca7, Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x01
dearcry

2021-03-13 ⋅ YouTube (0xc7a) ⋅ Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x02
dearcry

2021-03-13 ⋅ YouTube (0xc7a) ⋅ Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x00
dearcry

2021-03-12 ⋅ Kaspersky Labs ⋅ Ilya Mogilin
Good old malware for the new Apple Silicon platform
XCSSET

2021-03-12 ⋅ 360 netlab ⋅ Alex.Turing, liuyang, YANG XU
New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims
ZHtrap

2021-03-12 ⋅ splunk ⋅ Amy Heng, Dave Herrald, Derek King, James Brodsky, John Stoner, Jose Hernandez, Marcus LaFerrera, Michael Haag, Mick Baccio, Ryan Kovar, Shannon Davis
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later…

2021-03-11 ⋅ Qurium ⋅ Qurium
Myanmar – Multi-stage malware attack targets elected lawmakers
Cobalt Strike