Malpedia Library

Click here to download all references as Bib-File.•

2021-04-19 ⋅ Washington Examiner ⋅ Tom Rogan
Inside the CIA and NSA disagreement over Russian bounties story

2021-04-15 ⋅ CISA, FBI, NSA
Russian SVR Targets U.S. and Allied Networks

2021-01-05 ⋅ CISA, FBI, NSA, ODNI
Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA)
SUNBURST

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD MANSARD
Nefilim Nemty GOLD MANSARD

2020-12-17 ⋅ NSA ⋅ NSA
Detecting Abuse of Authentication Mechanisms

2020-12-16 ⋅ Twitter (@0xrb) ⋅ R. Bansal
List of domain infrastructure including DGA domain used by UNC2452
SUNBURST

2020-12-07 ⋅ NSA ⋅ NSA
Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials

2020-08-23 ⋅ Github (Insane-Forensics) ⋅ Insane-Forensics
Dispatches from Drovorub: Network Threat Hunting for Russia GRU GTsSS' Malware at Scale

2020-08-14 ⋅ NSA ⋅ NSA
Drovorub Malware: Fact Sheet & FAQs

2020-08-13 ⋅ NSA ⋅ NSA
NSA and FBI Expose Russian Previously Undisclosed Malware “Drovorub” in Cybersecurity Advisory

2020-08-11 ⋅ FireEye ⋅ Alex Pennino, Brendan McKeague, Harris Ansari, Nick Schroeder, Tim Martin
COOKIEJAR: Tracking Adversaries With FireEye Endpoint Security’s Logon Tracker Module

2020-05-28 ⋅ Wired ⋅ Andy Greenberg
NSA: Russia's Sandworm Hackers Have Hijacked Mail Servers

2019-12-24 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Maze Ransomware Releases Files Stolen from City of Pensacola
Maze

2019-12-11 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Maze Ransomware Behind Pensacola Cyberattack, $1M Ransom Demand
Maze

2019-09-04 ⋅ Trend Micro ⋅ Jaromír Hořejší, Joseph C. Chen
Glupteba Campaign Hits Network Routers and Updates C&C Servers with Data from Bitcoin Transactions
Glupteba

2019-03-05 ⋅ PepperMalware Blog ⋅ Pepper Potts
Quick Analysis of a Trickbot Sample with NSA's Ghidra SRE Framework
TrickBot

2018-12-12 ⋅ Kaspersky Labs ⋅ Anton Ivanov, Boris Larin, Vladislav Stolyarov
Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)
SandCat

2018-11-12 ⋅ ccdcoe ⋅ Ensar Şeker, İhsan Burak Tolga
National Cyber Security Organisation: TURKEY

2018-10-18 ⋅ McAfee ⋅ Asheer Malhotra, Ryan Sherstobitoff
‘Operation Oceansalt’ Attacks South Korea, U.S., and Canada With Source Code From Chinese Hacker Group
Oceansalt APT1

2018-10-17 ⋅ Raj Samani, Ryan Sherstobitoff
‘Operation Oceansalt’ Delivers Wave After Wave
APT1