Malpedia Library

Click here to download all references as Bib-File.•

2020-12-28 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Home appliance giant Whirlpool hit in Nefilim ransomware attack
Nefilim

2020-12-27 ⋅ Github (arsium) ⋅ arsium
HorusEyesRat
HorusEyes RAT

2020-12-26 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
Analyzing APT19 malware using a step-by-step method
Derusbi

2020-12-26 ⋅ CERT.org ⋅ Solarwind
SolarWinds Orion API authentication bypass allows remote comand execution (CVE-2020-10148)

2020-12-26 ⋅ Twitter (@MalwareRE) ⋅ Ramin Nafisi
Tweet on active exploitation of 0day vulnerability in the SolarWinds Orion
SUPERNOVA

2020-12-26 ⋅ The Washington Post ⋅ Ellen Nakashima
Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk

2020-12-26 ⋅ Medium grimminck ⋅ Stefan Grimminck
Spoofing JARM signatures. I am the Cobalt Strike server now!
Cobalt Strike

2020-12-25 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE018-2] Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 2
SManager

2020-12-25 ⋅ Comae ⋅ Matt Suiche
SUNBURST & Memory Analysis
SUNBURST

2020-12-24 ⋅ InfoSec Handlers Diary Blog ⋅ Xavier Mertens
Malicious Word Document Delivering an Octopus Backdoor
Octopus

2020-12-24 ⋅ IronNet ⋅ Adam Hlavek
China cyber attacks: the current threat landscape
PLEAD TSCookie FlowCloud Lookback PLEAD PlugX Quasar RAT Winnti

2020-12-24 ⋅ Twitter (@TheEnergyStory) ⋅ Dominik Reichel
Tweet on TEARDROP sample
TEARDROP

2020-12-24 ⋅ K7 Security ⋅ K7 Labs, Partheeban J
Dark Side Of BlackNET RAT
BlackNET RAT

2020-12-24 ⋅ FireEye ⋅ Jay Smith, Stephen Eckels, William Ballenthin
SUNBURST Additional Technical Details
SUNBURST

2020-12-23 ⋅ Kaspersky Labs ⋅ Seongsu Park
Lazarus covets COVID-19-related intelligence
BookCodes RAT wAgentTea

2020-12-23 ⋅ Sentinel LABS ⋅ James Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA BRONZE SPIRAL

2020-12-23 ⋅ Dissecting Malware ⋅ Marius Genheimer
Between a rock and a hard place - Exploring Mount Locker Ransomware
Mount Locker

2020-12-23 ⋅ Prevasio ⋅ Sergei Shevchenko
DNS Tunneling In The SolarWinds Supply Chain Attack
SUNBURST

2020-12-23 ⋅ CrowdStrike ⋅ Michael Sentonas
CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory
SUNBURST

2020-12-23 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
A Timeline Perspective of the SolarStorm Supply-Chain Attack
SUNBURST TEARDROP