Malpedia Library

Click here to download all references as Bib-File.•

2020-12-24 ⋅ IronNet ⋅ Adam Hlavek
China cyber attacks: the current threat landscape
PLEAD TSCookie FlowCloud Lookback PLEAD PlugX Quasar RAT Winnti

2020-12-24 ⋅ Twitter (@TheEnergyStory) ⋅ Dominik Reichel
Tweet on TEARDROP sample
TEARDROP

2020-12-24 ⋅ K7 Security ⋅ K7 Labs, Partheeban J
Dark Side Of BlackNET RAT
BlackNET RAT

2020-12-24 ⋅ FireEye ⋅ Jay Smith, Stephen Eckels, William Ballenthin
SUNBURST Additional Technical Details
SUNBURST

2020-12-23 ⋅ Kaspersky Labs ⋅ Seongsu Park
Lazarus covets COVID-19-related intelligence
BookCodes RAT wAgentTea

2020-12-23 ⋅ Sentinel LABS ⋅ James Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA BRONZE SPIRAL

2020-12-23 ⋅ Dissecting Malware ⋅ Marius Genheimer
Between a rock and a hard place - Exploring Mount Locker Ransomware
Mount Locker

2020-12-23 ⋅ Prevasio ⋅ Sergei Shevchenko
DNS Tunneling In The SolarWinds Supply Chain Attack
SUNBURST

2020-12-23 ⋅ CrowdStrike ⋅ Michael Sentonas
CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory
SUNBURST

2020-12-23 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
A Timeline Perspective of the SolarStorm Supply-Chain Attack
SUNBURST TEARDROP

2020-12-23 ⋅ Sentinel LABS ⋅ James Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA

2020-12-23 ⋅ 0xC0DECAFE ⋅ Thomas Barabosch
Detect RC4 in (malicious) binaries
SmokeLoader Zloader

2020-12-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Mindmap on Russia-linked threat groups

2020-12-23 ⋅ FBI ⋅ FBI
Iranian Cyber Actors Responsible for Website Threatening U.S. Election Officials

2020-12-23 ⋅ Group-IB ⋅ Viktor Okorokov
New attacks by UltraRank group

2020-12-23 ⋅ The Washington Post ⋅ Aaron C. Davis, Amy Gardner, Ellen Nakashima
FBI links Iran to online hit list targeting top officials who’ve refuted Trump’s election fraud claims

2020-12-23 ⋅ ⋅ Qianxin ⋅ Qi AnXin CERT
从Solarwinds供应链攻击（金链熊）看APT行动中的隐蔽作战
SUNBURST

2020-12-22 ⋅ Maple Bacon CTF Team at the University of British Columbia ⋅ Arctic Wyvern
[TrendMicro CTF 2020 Finals] Wildcard-2: Yara exfiltration

2020-12-22 ⋅ Prevasio ⋅ Sergei Shevchenko
Sunburst Backdoor, Part III: DGA & Security Software (Broken Link)
SUNBURST

2020-12-22 ⋅ ⋅ TEAMT5 ⋅ TeamT5
macOS 用戶當心！北韓駭客 Lazarus 將目標瞄準虛擬貨幣交易用戶