Malpedia Library

Click here to download all references as Bib-File.•

2021-04-18 ⋅ YouTube (dist67) ⋅ Didier Stevens
Decoding Cobalt Strike Traffic
Cobalt Strike

2021-04-18 ⋅ Twitter (@ViriBack) ⋅ ViriBack
Tweet on Seth Loader

2021-04-17 ⋅ Gru.gq ⋅ thegrugq
SVR snaps back at Biden

2021-04-17 ⋅ Advanced Intelligence ⋅ Al Calleo, Vitali Kremez, Yelisey Boguslavskiy
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Ryuk

2021-04-16 ⋅ Trend Micro ⋅ Ariel Neimond Lazaro, Dechao Zhao, Luis Magisa, Steven Du
XCSSET Quickly Adapts to macOS 11 and M1-based Macs
XCSSET

2021-04-16 ⋅ InQuest ⋅ Dmitry Melikov
Unearthing Hancitor Infrastructure
Hancitor

2021-04-16 ⋅ IBM ⋅ Koen Van Impe
Combating Sleeper Threats With MTTD

2021-04-16 ⋅ npr ⋅ Dina Temple-Raston
A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack

2021-04-16 ⋅ Medium (Bank Security) ⋅ Bank_Security
Are the hackers all Russian? Results of a 1 year espionage operation in the Top-tier Russian underground communities

2021-04-16 ⋅ Associated Press ⋅ Frank Bajak
How the Kremlin provides a safe harbor for ransomware

2021-04-16 ⋅ US Department of Justice ⋅ U.S. Attorney’s Office, Western District of Washington
High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards

2021-04-16 ⋅ Associated Press ⋅ Frank Bajak, Matt O'Brien
Sanctioned Russian IT firm was partner with Microsoft, IBM

2021-04-16 ⋅ Zero Day ⋅ Kim Zetter
Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program — MAPP

2021-04-15 ⋅ Ministry of foreign affairs of the Republic of Latvia ⋅ Ministry of foreign affairs of the Republic of Latvia
Latvia’s statement following the announcement by the United States of actions to respond to the Russian Federation’s destabilizing activities (Deadlink)
SUNBURST

2021-04-15 ⋅ Medium BI.ZONE ⋅ Anton Medvedev, Demyan Sokolin, Vadim Khrykov
Hunting Down MS Exchange Attacks. Part 1. ProxyLogon (CVE-2021–26855, 26858, 27065, 26857)

2021-04-15 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
Operation Dream Job Targeting Job Seekers in South Korea
LCPDot Torisma

2021-04-15 ⋅ nao_sec blog ⋅ nao_sec
Exploit Kit still sharpens a sword
PurpleFox

2021-04-15 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials
CHINACHOPPER

2021-04-15 ⋅ Avast Decoded ⋅ Romana Tesařová
HackBoss: A cryptocurrency-stealing malware distributed through Telegram

2021-04-15 ⋅ U.S. Department of State ⋅ Antony J. Blinken
Holding Russia To Account