Malpedia Library

Click here to download all references as Bib-File.•

2020-12-20 ⋅ CBS News ⋅ Face the Nation
Transcript: Kevin Mandia on "Face the Nation," December 20, 2020

2020-12-20 ⋅ Randhome ⋅ Etienne Maynier
Analyzing Cobalt Strike for Fun and Profit
Cobalt Strike

2020-12-19 ⋅ Cyber And Ramen blog ⋅ Mike R
Persistence Pays Off: A Brief Look at BlackTech’s 2020
PLEAD TSCookie PLEAD

2020-12-19 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE018-1] Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 1
SManager

2020-12-19 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE017-2] Phân tích kỹ thuật dòng mã độc mới được sử dụng để tấn công chuỗi cung ứng nhắm vào Ban Cơ yếu Chính phủ Việt Nam của nhóm tin tặc Panda Trung Quốc (Phần 2)
SManager

2020-12-19 ⋅ Bleeping Computer ⋅ Lawrence Abrams
The SolarWinds cyberattack: The hack, the victims, and what we know
SUNBURST

2020-12-19 ⋅ The Washington Post ⋅ Ellen Nakashima
Trump, contradicting Pompeo, downplays gravity of massive cyberattack against U.S. government, as well as Russia’s role

2020-12-19 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity

2020-12-19 ⋅ Yahoo News ⋅ Kim Zetter
Hackers last year conducted a 'dry run' of SolarWinds breach

2020-12-18 ⋅ Silent Push ⋅ Ken
High Value Malicious Domains.

2020-12-18 ⋅ ⋅ Tagesschau ⋅ Hakan Tanriverdi, Philipp Grüll
Nordkorea in Verdacht: Cyberspionage gegen deutsche Rüstungskonzerne

2020-12-18 ⋅ IBM ⋅ Gladys Koskas
SUNBURST indicator detection in QRadar
SUNBURST

2020-12-18 ⋅ ⋅ 360Quake ⋅ 360Quake
SolarWinds失陷服务器测绘分析报告
SUPERNOVA

2020-12-18 ⋅ Lawfare Blog ⋅ Benjamin Jensen, Brandon Valeriano, Mark Montgomery
The Strategic Implications of SolarWinds

2020-12-18 ⋅ Microsoft ⋅ Alex Weinert
Protecting Microsoft 365 from on-premises attacks

2020-12-18 ⋅ THE DISPATCH ⋅ Jack Goldsmith
Self-Delusion on the Russia Hack

2020-12-18 ⋅ Sentinel LABS ⋅ James Haughom
SolarWinds SUNBURST Backdoor: Inside the APT Campaign
SUNBURST

2020-12-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-18 ⋅ Intel 471 ⋅ Intel 471
TA505’s modified loader means new attack campaign could be coming
Get2

2020-12-18 ⋅ ThreatConnect ⋅ ThreatConnect
Tracking Sunburst-Related Activity with ThreatConnect Dashboards
SUNBURST