Malpedia Library

Click here to download all references as Bib-File.•

2021-01-20 ⋅ FireEye ⋅ Andrew Davis
Emulation of Kernel Mode Rootkits With Speakeasy
Winnti

2021-01-20 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Commonly Known Tools Used by Lazarus
Lazarus Group

2021-01-19 ⋅ Twitter (@ConfiantIntel) ⋅ ConfiantIntel
Tweet on WizardUpdate macOS backdoor
Vigram

2021-01-19 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Wireshark Tutorial: Examining Emotet Infection Traffic
Emotet GootKit IcedID QakBot TrickBot

2021-01-19 ⋅ HP ⋅ Patrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex

2021-01-19 ⋅ Malwarebytes ⋅ Marcin Kleczynski
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments

2021-01-19 ⋅ Mandiant ⋅ Douglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)

2021-01-19 ⋅ FireEye ⋅ Douglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

2021-01-19 ⋅ Checkpoint ⋅ Omer Ventura, Ori Hamama
FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet
N3Cr0m0rPh

2021-01-19 ⋅ Medium elis531989 ⋅ Eli Salem
Funtastic Packers And Where To Find Them
Get2 IcedID QakBot

2021-01-19 ⋅ ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Tools used within the network invaded by attack group Lazarus

2021-01-18 ⋅ Bleeping Computer ⋅ Lawrence Abrams
IObit forums hacked to spread ransomware to its members
DeroHE

2021-01-18 ⋅ Bleeping Computer ⋅ Lawrence Abrams
IObit forums hacked in widespread DeroHE ransomware attack

2021-01-18 ⋅ Cado Security ⋅ cadolabs
Botnet Deploys Cloud and Container Attack Techniques

2021-01-17 ⋅ a12d404 ⋅ Markus Piéton
Backdooring MSBuild
SUNBURST

2021-01-17 ⋅ Twitter (@AltShiftPrtScn) ⋅ Peter Mackenzie
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders
Cobalt Strike Conti

2021-01-16 ⋅ Medium ⋅ Isha Kudkar
Oski Stealer : A Credential Theft Malware
Oski Stealer

2021-01-16 ⋅ Chuongdong blog ⋅ Chuong Dong
Babuk Ransomware v3
Babuk

2021-01-16 ⋅ Medium christiaanbeek ⋅ Christiaan Beek
VHD Forensics — the sequel

2021-01-15 ⋅ The Hacker News ⋅ Ravie Lakshmaman
Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks
CROSSWALK