Malpedia Library

Click here to download all references as Bib-File.•

2021-03-09 ⋅ Microsoft ⋅ MSRC Team
Microsoft Exchange Server Vulnerabilities Mitigations – updated March 9, 2021
HAFNIUM

2021-03-08 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
FluBot - Malware Analysis Report
FluBot

2021-03-08 ⋅ The Record ⋅ Catalin Cimpanu
FluBot Malware Gang Arrested in Barcelona
FluBot

2021-03-08 ⋅ Symantec ⋅ Threat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz

2021-03-08 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Durgesh Sangvikar, Matthew Tennis, Rongbo Shao, Yanhui Jia
Attack Chain Overview: Emotet in December 2020 and January 2021
Emotet

2021-03-08 ⋅ Youtube (SANS Digital Forensics and Incident Response) ⋅ Adam Pennington, Jen Burns, Katie Nickels
STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)
Cobalt Strike SUNBURST TEARDROP

2021-03-08 ⋅ DeepEnd REsearch ⋅ DeepEnd Research
Renewed SideWinder Activity in South Asia

2021-03-08 ⋅ x0r19x91.gitlab.io ⋅ Suvaditya Sur
Sunshuttle Malware
GoldMax

2021-03-08 ⋅ Palo Alto Networks Unit 42 ⋅ Jeff White
Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells
CHINACHOPPER

2021-03-08 ⋅ Microsoft ⋅ Yonit Glozshtein
Investigating the Print Spooler EoP exploitation

2021-03-08 ⋅ Sentinel LABS ⋅ Jim Walter
HelloKitty Ransomware Lacks Stealth, But Still Strikes Home
HelloKitty

2021-03-08 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL

2021-03-08 ⋅ The DFIR Report ⋅ The DFIR Report
Bazar Drops the Anchor
Anchor BazarBackdoor Cobalt Strike

2021-03-07 ⋅ TRUESEC ⋅ Rasmus Grönlund
Tracking Microsoft Exchange Zero-Day ProxyLogon and HAFNIUM
CHINACHOPPER

2021-03-07 ⋅ KELA ⋅ Sharon Bitton, Victoria Kivilevich
Australian Mining Companies and Cybercriminals Digging for the Gold

2021-03-07 ⋅ InfoSec Handlers Diary Blog ⋅ Didier Stevens
PCAPs and Beacons
Cobalt Strike

2021-03-07 ⋅ The Wall Street Journal ⋅ Dustin Volz, Michael R. Gordon
Russian Disinformation Campaign Aims to Undermine Confidence in Pfizer, Other Covid-19 Vaccines, U.S. Officials Say

2021-03-06 ⋅ Blue Team Blog ⋅ Auth 0r
Microsoft Exchange Zero Day’s – Mitigations and Detections.

2021-03-06 ⋅ BLUEHEXAGON ⋅ Rohit Kashi
Blue Hexagon Security Advisory: Microsoft Exchange Server 0-days

2021-03-06 ⋅ Click All the Things! Blog ⋅ Jamie Arndt
oleObject1.bin – OLe10nATive – shellcode
CloudEyE