Malpedia Library

Click here to download all references as Bib-File.•

2021-03-04 ⋅ CrowdStrike ⋅ The Falcon Complete Team
Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits
CHINACHOPPER HAFNIUM

2021-03-04 ⋅ Elastic ⋅ Devon Kerr
Detection and Response for HAFNIUM Activity
HAFNIUM

2021-03-04 ⋅ FireEye ⋅ Andrew Thompson, Chris DiGiamo, Matt Bromiley, Robert Wallace
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
CHINACHOPPER HAFNIUM

2021-03-04 ⋅ Microsoft ⋅ Andrea Lelli, Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
GoldMax

2021-03-04 ⋅ Microsoft ⋅ Andrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452

2021-03-04 ⋅ FireEye ⋅ Ben Read, Jonathan Leathery, Lindsay Smith
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452
UNC2452

2021-03-04 ⋅ WMC Global ⋅ WMC Global Threat Intelligence Team
The Compact Campaign

2021-03-04 ⋅ 360 netlab ⋅ Jinye
Gafgtyt_tor and Necro are on the move again
Bashlite N3Cr0m0rPh Keksec

2021-03-04 ⋅ Huntress Labs ⋅ Huntress Labs
Operation Exchange Marauder
CHINACHOPPER

2021-03-04 ⋅ F5 ⋅ Dor Nizar, Roy Moshailov
IcedID Banking Trojan Uses COVID-19 Pandemic to Lure New Victims
IcedID

2021-03-04 ⋅ Flashpoint ⋅ Flashpoint
Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker

2021-03-03 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Renewal of cyber attacks using the Pterodo hacker group Armageddon/Gamaredon
Pteranodon

2021-03-03 ⋅ ⋅ GTSC ⋅ GTSC
'Mild' update on Microsoft Exchange 0day security vulnerability being used to attack organizations in Vietnam
ToddyCat

2021-03-03 ⋅ MITRE ⋅ MITRE ATT&CK
HAFNIUM
CHINACHOPPER HAFNIUM

2021-03-03 ⋅ CISA ⋅ US-CERT
Mitigate Microsoft Exchange On-Premises Product Vulnerabilities

2021-03-03 ⋅ Dubex ⋅ Dubex Incident Response Team
Please leave an exploit after the beep

2021-03-03 ⋅ Huntress Labs ⋅ John Hammond
Rapid Response: Mass Exploitation of On-Prem Exchange Servers
CHINACHOPPER HAFNIUM

2021-03-03 ⋅ CISA ⋅ CISA
Alert (AA21-062A): Mitigate Microsoft Exchange Server Vulnerabilities
HAFNIUM

2021-03-03 ⋅ Huntress Labs ⋅ Huntress Labs
Mass exploitation of on-prem Exchange servers :(
CHINACHOPPER HAFNIUM

2021-03-03 ⋅ splunk ⋅ Ryan Kovar
Detecting HAFNIUM Exchange Server Zero-Day Activity in Splunk
HAFNIUM