Malpedia Library

Click here to download all references as Bib-File.•

2021-04-01 ⋅ AhnLab ⋅ ASEC Analysis Team
ASEC REPORT VOL.102 Q1 2021
ComeBacker JessieConTea LCPDot

2021-04-01 ⋅ Microsoft ⋅ Cole Sodja, Joshua Neil, Justin Carroll, Melissa Turcotte, Microsoft 365 Defender Research Team
Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

2021-03-31 ⋅ Sophos ⋅ Michael Heller
Sophos MTR in Real Time: What is Astro Locker Team?
Mount Locker

2021-03-30 ⋅ Proofpoint ⋅ Joshua Miller, Proofpoint Threat Research Team
BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns
TA453

2021-03-26 ⋅ SonicWall ⋅ SonicWall CaptureLabs Threats Research Team
China’s “Winnti” Spyder Module
Spyder

2021-03-26 ⋅ MIT Technology Review ⋅ Patrick Howell O'Neill
Google’s top security teams unilaterally shut down a counterterrorism operation

2021-03-25 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
CHINACHOPPER

2021-03-24 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Software renewal scammers unmasked

2021-03-22 ⋅ ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
대북관련 본문 내용의 External 링크를 이용한 악성 워드 문서

2021-03-18 ⋅ Proofpoint ⋅ Brandon Murphy, Dennis Schwarz, Jack Mott, Proofpoint Threat Research Team
Now You See It, Now You Don’t: CopperStealer Performs Widespread Theft
CopperStealer SmokeLoader

2021-03-16 ⋅ Microsoft ⋅ MSRC Team
Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-15 ⋅ Team Cymru ⋅ Josh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH

2021-03-10 ⋅ Proofpoint ⋅ Dennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike

2021-03-09 ⋅ splunk ⋅ Security Research Team
Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Cobalt Strike

2021-03-09 ⋅ Microsoft ⋅ MSRC Team
Microsoft Exchange Server Vulnerabilities Mitigations – updated March 9, 2021
HAFNIUM

2021-03-08 ⋅ Symantec ⋅ Threat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz

2021-03-08 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL

2021-03-06 ⋅ Blue Team Blog ⋅ Auth 0r
Microsoft Exchange Zero Day’s – Mitigations and Detections.

2021-03-04 ⋅ CrowdStrike ⋅ The Falcon Complete Team
Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits
CHINACHOPPER HAFNIUM

2021-03-04 ⋅ Microsoft ⋅ Andrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452