Malpedia Library

Click here to download all references as Bib-File.•

2020-12-30 ⋅ Recorded Future ⋅ John Wetzel
SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution
SUNBURST

2020-12-29 ⋅ Uptycs ⋅ Abhijit Mohanta
Revenge RAT targeting users in South America
Revenge RAT

2020-12-29 ⋅ Youtube (Guided Hacking) ⋅ Guided Hacking
How to Unpack Ramnit Dropper - Malware Unpacking Tutorial 2
Ramnit

2020-12-29 ⋅ Intezer ⋅ Avigayil Mechtinger
Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers

2020-12-29 ⋅ CyberArk ⋅ Shaked Reiner
Golden SAML Revisited: The Solorigate Connection
SUNBURST

2020-12-29 ⋅ Netresec ⋅ Erik Hjelmvik
Extracting Security Products from SUNBURST DNS Beacons
SUNBURST

2020-12-28 ⋅ ⋅ Swanscan ⋅ Pierguido Iezzi, Swascan Cyber Incident Response Team
Avaddon Ransomware: Incident Response Analysis
Avaddon

2020-12-28 ⋅ ⋅ Antiy CERT ⋅ Antiy CERT
"Civerids" organization vs. Middle East area attack activity analysis report
Quasar RAT

2020-12-28 ⋅ Microsoft ⋅ Microsoft 365 Defender Team
Using Microsoft 365 Defender to protect against Solorigate
SUNBURST TEARDROP

2020-12-28 ⋅ 0xC0DECAFE ⋅ Thomas Barabosch
Never upload ransomware samples to the Internet
Ryuk

2020-12-28 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Home appliance giant Whirlpool hit in Nefilim ransomware attack
Nefilim

2020-12-27 ⋅ Github (arsium) ⋅ arsium
HorusEyesRat
HorusEyes RAT

2020-12-26 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
Analyzing APT19 malware using a step-by-step method
Derusbi

2020-12-26 ⋅ CERT.org ⋅ Solarwind
SolarWinds Orion API authentication bypass allows remote comand execution (CVE-2020-10148)

2020-12-26 ⋅ Twitter (@MalwareRE) ⋅ Ramin Nafisi
Tweet on active exploitation of 0day vulnerability in the SolarWinds Orion
SUPERNOVA

2020-12-26 ⋅ The Washington Post ⋅ Ellen Nakashima
Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk

2020-12-26 ⋅ Medium grimminck ⋅ Stefan Grimminck
Spoofing JARM signatures. I am the Cobalt Strike server now!
Cobalt Strike

2020-12-25 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE018-2] Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 2
SManager

2020-12-25 ⋅ Comae ⋅ Matt Suiche
SUNBURST & Memory Analysis
SUNBURST

2020-12-24 ⋅ InfoSec Handlers Diary Blog ⋅ Xavier Mertens
Malicious Word Document Delivering an Octopus Backdoor
Octopus