Malpedia Library

Click here to download all references as Bib-File.•

2021-01-22 ⋅ InfoSec Handlers Diary Blog ⋅ Xavier Mertens
Another File Extension to Block in your MTA: .jnlp

2021-01-22 ⋅ DomainTools ⋅ Joe Slowik
Change in Perspective on the Utility of SUNBURST-related Network Indicators
SUNBURST

2021-01-22 ⋅ Symantec ⋅ Threat Hunter Team
SolarWinds: How Sunburst Sends Data Back to the Attackers
SUNBURST

2021-01-21 ⋅ NetbyteSEC ⋅ Fareed Fauzi
Solarwinds Attack: Sunburst's DLL Technical Analysis
SUNBURST

2021-01-21 ⋅ DENEXUS ⋅ Markel Picado
Spear Phishing Targeting ICS Supply Chain - Analysis
Agent Tesla

2021-01-21 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria

2021-01-21 ⋅ Sophos Labs ⋅ Andrew Brandt, Gabor Szappanos
MrbMiner: Cryptojacking to bypass international sanctions

2021-01-21 ⋅ ESET Research ⋅ ESET Research
Vadokrist: A wolf in sheep’s clothing
Vadokrist

2021-01-20 ⋅ Team Cymru ⋅ Andy Kraus
MoqHao Part 1: Identifying Phishing Infrastructure
MoqHao

2021-01-20 ⋅ Trend Micro ⋅ Abraham Camba, Gilbert Sison, Ryan Maglaque
XDR investigation uncovers PlugX, unique technique in APT attack
PlugX

2021-01-20 ⋅ FireEye ⋅ Andrew Davis
Emulation of Kernel Mode Rootkits With Speakeasy
Winnti

2021-01-20 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Commonly Known Tools Used by Lazarus
Lazarus Group

2021-01-19 ⋅ Twitter (@ConfiantIntel) ⋅ ConfiantIntel
Tweet on WizardUpdate macOS backdoor
Vigram

2021-01-19 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Wireshark Tutorial: Examining Emotet Infection Traffic
Emotet GootKit IcedID QakBot TrickBot

2021-01-19 ⋅ HP ⋅ Patrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex

2021-01-19 ⋅ Malwarebytes ⋅ Marcin Kleczynski
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments

2021-01-19 ⋅ Mandiant ⋅ Douglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)

2021-01-19 ⋅ FireEye ⋅ Douglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

2021-01-19 ⋅ Checkpoint ⋅ Omer Ventura, Ori Hamama
FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet
N3Cr0m0rPh

2021-01-19 ⋅ Medium elis531989 ⋅ Eli Salem
Funtastic Packers And Where To Find Them
Get2 IcedID QakBot