Malpedia Library

Click here to download all references as Bib-File.•

2021-11-08 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus

2021-11-08 ⋅ nccgroup ⋅ Fox IT
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
TiltedTemple

2021-11-08 ⋅ KrebsOnSecurity ⋅ Brian Krebs
REvil Ransom Arrest, $6M Seizure, and $10M Reward
REvil REvil

2021-11-08 ⋅ Bitdefender ⋅ Silviu Stahie
Popular NPM Repositories Compromised in Man-in-the-Middle Attack
DanaBot

2021-11-08 ⋅ The Record ⋅ Catalin Cimpanu
US arrests and charges Ukrainian man for Kaseya ransomware attack
REvil REvil

2021-11-08 ⋅ FBI ⋅ FBI
WANTED poster for Yevhgyeniy Polyanin (REvil affiliate)
REvil REvil

2021-11-08 ⋅ Department of Justice ⋅ Department of Justice
Ukrainian Arrested and Charged with Ransomware Attack on Kaseya
REvil REvil

2021-11-08 ⋅ Department of Justice ⋅ Department of Justice
Indictment of Yevgeniy Polyanin, one off the REvil affliates
REvil REvil

2021-11-08 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments
REvil REvil

2021-11-08 ⋅ KELA ⋅ KELA Cyber Intelligence Center
Ain’t No Actor Trustworthy Enough: The importance of validating sources

2021-11-08 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Treasury Continues to Counter Ransomware as Part of Whole-of-Government Effort; Sanctions Ransomware Operators and Virtual Currency Exchange (Yaroslav Vasinskyi & Yevgeniy Polyanin)
REvil REvil

2021-11-08 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access

2021-11-08 ⋅ ⋅ DIICOT (Romanian Directorate for Investigating Organized Crime and Terrorism) ⋅ DIICOT (Romanian Directorate for Investigating Organized Crime and Terrorism)
Press release 2 08.11.2021
REvil REvil

2021-11-08 ⋅ Europol ⋅ Europol
Five Affiliates to Sodinokibi/REvil Unplugged
REvil

2021-11-08 ⋅ CitizenLab ⋅ CitizenLab
Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware
Chrysaor

2021-11-07 ⋅ Palo Alto Networks Unit 42 ⋅ Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite

2021-11-07 ⋅ ChinaTalk ⋅ Maggie Baughman
Selling China's Story

2021-11-07 ⋅ McAfee ⋅ John Fokker, Raj Samani
Who Will Bend the Knee in RaaS Game of Thrones in 2022?

2021-11-07 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
CONTI Ransomware: Cheat Sheet
Conti

2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops
BazarBackdoor Cobalt Strike