Malpedia Library

Click here to download all references as Bib-File.•

2021-03-09 ⋅ YouTube (John Hammond) ⋅ John Hammond
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange
CHINACHOPPER

2021-03-09 ⋅ Malwarebytes ⋅ Pieter Arntz
Microsoft Exchange attacks cause panic as criminals go shell collecting

2021-03-09 ⋅ Check Point Research ⋅ Aviran Hazum, Bohdan Melnykov, Israel Wernik
Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT
Alien

2021-03-09 ⋅ CyberArk ⋅ Aluma Lavi Shaari
Kinsing: The Malware with Two Faces
Kinsing

2021-03-09 ⋅ splunk ⋅ Security Research Team
Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Cobalt Strike

2021-03-09 ⋅ PRAETORIAN ⋅ Anthony Weems, Dallas Kaman, Michael Weber
Reproducing the Microsoft Exchange Proxylogon Exploit Chain
CHINACHOPPER

2021-03-09 ⋅ Red Canary ⋅ Brian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER

2021-03-09 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Remediation Steps for the Microsoft Exchange Server Vulnerabilities
CHINACHOPPER

2021-03-09 ⋅ Cisco Talos ⋅ Cisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation

2021-03-09 ⋅ Attivo NETWORKS ⋅ Anil Gupta, Gorang Joshi, Saravanan Mohan
Hafnium – Active Exploitation of Microsoft Exchange and Lateral Movement

2021-03-09 ⋅ Morphisec ⋅ Alon Groisman
MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
MINEBRIDGE

2021-03-09 ⋅ 360 netlab ⋅ JiaYu
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities

2021-03-09 ⋅ Microsoft ⋅ MSRC Team
Microsoft Exchange Server Vulnerabilities Mitigations – updated March 9, 2021
HAFNIUM

2021-03-08 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
FluBot - Malware Analysis Report
FluBot

2021-03-08 ⋅ The Record ⋅ Catalin Cimpanu
FluBot Malware Gang Arrested in Barcelona
FluBot

2021-03-08 ⋅ Symantec ⋅ Threat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz

2021-03-08 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Durgesh Sangvikar, Matthew Tennis, Rongbo Shao, Yanhui Jia
Attack Chain Overview: Emotet in December 2020 and January 2021
Emotet

2021-03-08 ⋅ Youtube (SANS Digital Forensics and Incident Response) ⋅ Adam Pennington, Jen Burns, Katie Nickels
STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)
Cobalt Strike SUNBURST TEARDROP

2021-03-08 ⋅ DeepEnd REsearch ⋅ DeepEnd Research
Renewed SideWinder Activity in South Asia

2021-03-08 ⋅ x0r19x91.gitlab.io ⋅ Suvaditya Sur
Sunshuttle Malware
GoldMax