Malpedia Library

Click here to download all references as Bib-File.•

2021-11-10 ⋅ Microsoft ⋅ John Lambert
The hunt for NOBELIUM, the most sophisticated nation-state attack in history

2021-11-07 ⋅ McAfee ⋅ John Fokker, Raj Samani
Who Will Bend the Knee in RaaS Game of Thrones in 2022?

2021-10-24 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Breaking the News New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts
Chrysaor

2021-09-22 ⋅ YouTube (John Hammond) ⋅ John Hammond
Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS
DCRat

2021-09-14 ⋅ Fortinet ⋅ John Simmons
More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks

2021-09-13 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)

2021-09-08 ⋅ McAfee ⋅ John Fokker, Max Kersten, Thibault Seret
How Groove Gang is Shaking up the Ransomware-as-a-Service Market to Empower Affiliates
Babuk BlackMatter Babuk BlackMatter CTB Locker

2021-09-03 ⋅ IBM ⋅ Andrew Gorecki, Camille Singleton, John Dwyer
Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight
Valak QakBot REvil

2021-09-03 ⋅ FireEye ⋅ Adrian Sanchez Hernandez, Alex Pennino, Andrew Rector, Brendan McKeague, Govand Sinjari, Harris Ansari, John Wolfram, Joshua Goddard, Yash Gupta
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers
CHINACHOPPER HTran

2021-08-24 ⋅ CitizenLab ⋅ Ali Abdulemam, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits
Chrysaor

2021-08-19 ⋅ Huntress Labs ⋅ John Hammond
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit

2021-07-27 ⋅ Youtube (SANS Institute) ⋅ John Hammond, Katie Nickels
SANS Threat Analysis Rundown - Kaseya VSA attack
REvil

2021-07-20 ⋅ Huntress Labs ⋅ John Hammond
Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident
REvil

2021-07-19 ⋅ Washington Post ⋅ Ellen Nakashima, John Hudson
U.S., allies accuse China of hacking Microsoft and condoning other cyberattacks (APT40)

2021-07-18 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware
Chrysaor

2021-07-15 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Ron Deibert
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot

2021-07-14 ⋅ Medium TowardsDataScience ⋅ John “Turbo” Conwell
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors

2021-07-13 ⋅ YouTube (John Hammond) ⋅ John Hammond
JScript Deobfuscation - More WSHRAT (Malware Analysis)
Houdini

2021-07-06 ⋅ paloalto Networks Unit 42 ⋅ John Martineau
Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
Gandcrab REvil

2021-06-01 ⋅ SpecterOps ⋅ Jonathan Johnson
Evadere Classifications