Malpedia Library

Click here to download all references as Bib-File.•

2021-07-06 ⋅ AT&T ⋅ Fernando Martinez
Lazarus campaign TTPs and evolution

2021-07-06 ⋅ 0ffset Blog ⋅ 0verfl0w_, Daniel Bunce
New TA402/MOLERATS Malware – Decrypting .NET Reactor Strings
SharpStage

2021-07-06 ⋅ The Record ⋅ Catalin Cimpanu
Moroccan hacker Dr HeX arrested for phishing attacks, malware distribution

2021-07-06 ⋅ Group-IB ⋅ Dmitry Volkov, Stephen Kavanagh
Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

2021-07-06 ⋅ Twitter (@MBThreatIntel) ⋅ Malwarebytes Threat Intelligence
Tweet on a malspam campaign that is taking advantage of Kaseya VSA ransomware attack to drop CobaltStrike
Cobalt Strike

2021-07-06 ⋅ paloalto Networks Unit 42 ⋅ John Martineau
Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
Gandcrab REvil

2021-07-05 ⋅ ⋅ Antiy CERT ⋅ Antiy CERT
Analysis of "Bitter Elephant" organization's attack activities against my country in the first half of the year

2021-07-05 ⋅ Twitter (@R3MRUM) ⋅ R3MRUM
Twitter thread with additional context on C2 domains found in REvil configuration
REvil

2021-07-05 ⋅ Twitter (@SophosLabs) ⋅ SophosLabs
Tweet with a REvil ransomware execution demo
REvil

2021-07-05 ⋅ splunk ⋅ Ryan Kovar
Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt
REvil

2021-07-05 ⋅ Morphisec ⋅ Morphisec
Real-Time Prevention of the Kaseya VSA Supply Chain REvil Ransomware Attack
REvil

2021-07-05 ⋅ Trend Micro ⋅ Abraham Camba, Buddy Tancio, Catherine Loveria, Ryan Maglaque
Tracking Cobalt Strike: A Trend Micro Vision One Investigation
Cobalt Strike

2021-07-05 ⋅ Lab52 ⋅ Th3spis
Quick review of Babuk ransomware builder
Babuk

2021-07-05 ⋅ ⋅ Antiy ⋅ Antiy CERT
Analysis of "Bitter Elephant" organization's attacks against country in the first half of the year

2021-07-05 ⋅ ⋅ S2W LAB Inc. ⋅ S2W LAB INTELLIGENCE TEAM
Kaseya supply chain attack delivers mass ransomware
REvil

2021-07-05 ⋅ Kaspersky ⋅ Kaspersky
REvil ransomware attack against MSPs and its clients around the world
REvil

2021-07-05 ⋅ Github (f0wl) ⋅ Marius Genheimer
REvil Linux Configuration Extractor
REvil

2021-07-04 ⋅ Sophos ⋅ Anand Ajjan, Mark Loman, Sean Gallagher
Independence Day: REvil uses supply chain exploit to attack hundreds of businesses
REvil

2021-07-04 ⋅ Twitter (@svch0st) ⋅ Zach
Tweet on #Kaseya detection tool for detecting REvil
REvil

2021-07-04 ⋅ TRUESEC ⋅ Fabio Viggiani
Kaseya supply chain attack targeting MSPs to deliver REvil ransomware
REvil