Malpedia Library

Click here to download all references as Bib-File.•

2021-06-04 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist
TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations

2021-06-03 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam, Secureworks Adversary Group
OAuth’s Device Code Flow Abused in Phishing Attacks

2021-06-02 ⋅ TEAMT5 ⋅ TeamT5
Introducing The Most Profitable Ransomware REvil
Gandcrab REvil

2021-06-01 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
New sophisticated email-based attack from NOBELIUM
Cobalt Strike

2021-05-25 ⋅ Trend Micro ⋅ David Fiser, Magno Logan
TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack

2021-05-25 ⋅ lacework ⋅ Lacework Labs
Taking TeamTNT’s Docker Images Offline

2021-05-24 ⋅ AhnLab ⋅ ASEC Analysis Team
Vidar Info-Stealer Abusing Game Platform
Vidar

2021-05-21 ⋅ blackarrow ⋅ Pablo Ambite
Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic
Cobalt Strike

2021-05-20 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex

2021-05-19 ⋅ Team Cymru ⋅ Andy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID

2021-05-18 ⋅ Blackberry ⋅ BlackBerry Threat Research and Intelligence Team
Strong ARMing with MacOS: Adventures in Cross-Platform Emulation

2021-05-18 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software

2021-05-18 ⋅ Digital Shadows ⋅ Photon Research Team
Examining Russian-language Cybercriminal Marketplaces

2021-05-17 ⋅ splunk ⋅ Splunk Threat Research Team
DarkSide Ransomware: Splunk Threat Update and Detections
DarkSide

2021-05-14 ⋅ Blue Team Blog ⋅ Auth 0r
DarkSide Ransomware Operations – Preventions and Detections.
Cobalt Strike DarkSide

2021-05-13 ⋅ ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
APT attack for domestic companies using library files
ImprudentCook

2021-05-13 ⋅ BI. ZONE Cyber Threats Research Team ⋅ BI.ZONE
From pentest to APT attack: cybercriminal group FIN7 disguises its malware as an ethical hacker’s toolkit
DICELOADER

2021-05-13 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
Ransomware Groups Use Tor-Based Backdoor for Persistent Access
DarkSide Snatch GOLD WATERFALL

2021-05-13 ⋅ Blackberry ⋅ BlackBerry Threat Research and Intelligence Team
Threat Thursday: SombRAT — Always Leave Yourself a Backdoor
SombRAT

2021-05-11 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait
BISTROMATH TigerLite