Malpedia Library

Click here to download all references as Bib-File.•

2021-02-11 ⋅ CTI LEAGUE ⋅ CTI LEAGUE
CTIL Darknet Report – 2021
Conti Mailto Maze REvil Ryuk

2021-02-11 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Hancitor Activity followed by cobaltsrike beacon
Cobalt Strike Hancitor

2021-02-11 ⋅ Morphisec ⋅ Morphisec
An Analysis of the Egregor Ransomware
Egregor

2021-02-10 ⋅ Anomali ⋅ Anomali Threat Research, Gage Mele, Winston Marydasan, Yury Polozov
Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies

2021-02-10 ⋅ 360 netlab ⋅ Liu Ya
Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed

2021-02-10 ⋅ Lookout ⋅ Apurva Kumar, Kristin Del Rosso
Lookout Discovers Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict

2021-02-10 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Lampion trojan disseminated in Portugal using COVID-19 template
lampion

2021-02-10 ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Windows kernel zero-day exploit (CVE-2021-1732) is used by BITTER APT in targeted attack

2021-02-10 ⋅ Cado Security ⋅ Christopher Doman
Punk Kitty Ransom - Analysing HelloKitty Ransomware Attacks
HelloKitty

2021-02-09 ⋅ Javier Yuste, Sergio Pastrana
Avaddon ransomware: an in-depth analysis and decryption of infected systems
Avaddon

2021-02-09 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Water, Water Everywhere – But Nary a Hacker to Blame

2021-02-09 ⋅ Twitter (@fwosar) ⋅ Fabian Wosar
Tweet on CD PROJEKT RED targeted by HelloKitty ransomware group
HelloKitty

2021-02-09 ⋅ Medium (@alex.birsan) ⋅ Alex Birsan
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies

2021-02-09 ⋅ Microsoft ⋅ Microsoft
3 Ways to Mitigate Risk When Using Private Package Feeds

2021-02-09 ⋅ Cobalt Strike ⋅ Raphael Mudge
Learn Pipe Fitting for all of your Offense Projects
Cobalt Strike

2021-02-09 ⋅ Microsoft ⋅ MSRC Team
Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1732 (exploited ITW)

2021-02-09 ⋅ Microsoft ⋅ MSRC Team
Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086

2021-02-09 ⋅ Adobe ⋅ Adobe
Adobe Security Bulletin for 0-day CVE-2021-21017 (exploited ITW)

2021-02-09 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Threat actors now target Docker via container escape features

2021-02-09 ⋅ Securehat ⋅ Securehat
Extracting the Cobalt Strike Config from a TEARDROP Loader
Cobalt Strike TEARDROP