Malpedia Library

Click here to download all references as Bib-File.•

2021-02-01 ⋅ AhnLab ⋅ ASEC Analysis Team
BlueCrab ransomware, CobaltStrike hacking tool installed in corporate environment
Cobalt Strike REvil

2021-02-01 ⋅ Twitter (@IntelAdvanced) ⋅ Advanced Intelligence
Tweet on Active Directory Exploitation by RYUK "one" group
Ryuk

2021-02-01 ⋅ Atlantic Council ⋅ Benjamin Schechter, Nina Kollars
Pathologies of Obfuscation:Nobody Understands Cyber Operations or Wargaming

2021-02-01 ⋅ pkb1s.github.io ⋅ Petros Koutroumpis
Relay Attacks via Cobalt Strike Beacons
Cobalt Strike

2021-02-01 ⋅ ⋅ Microstep Intelligence Bureau ⋅ Microstep online research response team
Analysis of the attack activity organized by Konni APT using the topic of North Korean epidemic materials as bait
Amadey

2021-02-01 ⋅ Kryptos Logic ⋅ Kryptos Logic Vantage Team
Trickbot masrv Module
TrickBot

2021-02-01 ⋅ SonicWall ⋅ SonicWall
Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability

2021-02-01 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot

2021-02-01 ⋅ GoSecure ⋅ Lilly Chalupowski
BazarLoader Mocks Researchers in December 2020 Malspam Campaign
BazarBackdoor

2021-02-01 ⋅ One Night in Norfolk ⋅ Kevin Perlow
DPRK Targeting Researchers II: .Sys Payload and Registry Hunting
ComeBacker

2021-02-01 ⋅ ⋅ EST Security ⋅ Alyac
Thallium organization conducts elaborate cyber attack against Russian researchers working in the North Korean economyPerforming sophisticated cyber attacks against researchers

2021-02-01 ⋅ Medium 0xthreatintel ⋅ 0xthreatintel
Uncovering APT-C-41 (StrongPity) Backdoor
StrongPity

2021-01-31 ⋅ s3cur3th1ssh1t.github.io ⋅ Fabian Mosch
A tale of EDR bypass methods

2021-01-31 ⋅ Twitter (@NCCGroupInfosec) ⋅ NCCGroup
Tweet on ITW exploitation of 0-day in SonicWall SMA 100 series

2021-01-31 ⋅ The DFIR Report ⋅ The DFIR Report
Bazar, No Ryuk?
BazarBackdoor Cobalt Strike Ryuk

2021-01-31 ⋅ KELA ⋅ Victoria Kivilevich
$1 Million is Just the Beginning: Q4 2020 in Network Access Sales

2021-01-30 ⋅ Twiiter (@pmelson) ⋅ Paul Melson
Tweet on HorusEyes RAT

2021-01-30 ⋅ ⋅ Microstep Intelligence Bureau ⋅ Microstep online research response team
Analysis of Lazarus attacks against security researchers
ComeBacker

2021-01-29 ⋅ ⋅ NSFOCUS ⋅ Fuying Laboratory
认识STUMBzarus——APT组织Lazarus近期定向攻击组件深入分析
ComeBacker DRATzarus Torisma

2021-01-29 ⋅ Aon ⋅ Alex Parsons, Carly Battaile, Partha Alwar
Cloudy with a Chance of Persistent Email Access
SUNBURST