Malpedia Library

Click here to download all references as Bib-File.•

2020-12-20 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
Chrysaor

2020-12-20 ⋅ Security Magic ⋅ Security Magic
Tracking Jupyter Malware
solarmarker

2020-12-20 ⋅ Twitter (@TychoTithonus) ⋅ Royce Williams
SolarWinds/SunBurst FNV-1a-XOR hashes found in analysis
SUNBURST

2020-12-20 ⋅ Medium Asuna Amawaka ⋅ Asuna Amawaka
A Look into SUNBURST’s DGA
SUNBURST

2020-12-20 ⋅ CBS News ⋅ Face the Nation
Transcript: Kevin Mandia on "Face the Nation," December 20, 2020

2020-12-20 ⋅ Randhome ⋅ Etienne Maynier
Analyzing Cobalt Strike for Fun and Profit
Cobalt Strike

2020-12-19 ⋅ Cyber And Ramen blog ⋅ Mike R
Persistence Pays Off: A Brief Look at BlackTech’s 2020
PLEAD TSCookie PLEAD

2020-12-19 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE018-1] Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 1
SManager

2020-12-19 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE017-2] Phân tích kỹ thuật dòng mã độc mới được sử dụng để tấn công chuỗi cung ứng nhắm vào Ban Cơ yếu Chính phủ Việt Nam của nhóm tin tặc Panda Trung Quốc (Phần 2)
SManager

2020-12-19 ⋅ Bleeping Computer ⋅ Lawrence Abrams
The SolarWinds cyberattack: The hack, the victims, and what we know
SUNBURST

2020-12-19 ⋅ The Washington Post ⋅ Ellen Nakashima
Trump, contradicting Pompeo, downplays gravity of massive cyberattack against U.S. government, as well as Russia’s role

2020-12-19 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity

2020-12-19 ⋅ Yahoo News ⋅ Kim Zetter
Hackers last year conducted a 'dry run' of SolarWinds breach

2020-12-18 ⋅ Silent Push ⋅ Ken
High Value Malicious Domains.

2020-12-18 ⋅ ⋅ Tagesschau ⋅ Hakan Tanriverdi, Philipp Grüll
Nordkorea in Verdacht: Cyberspionage gegen deutsche Rüstungskonzerne

2020-12-18 ⋅ IBM ⋅ Gladys Koskas
SUNBURST indicator detection in QRadar
SUNBURST

2020-12-18 ⋅ Trend Micro ⋅ Junestherry Salvador, Matthew Camacho, Raphael Centeno
Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware
Agent Tesla Dharma

2020-12-18 ⋅ Trend Micro ⋅ David Fiser
TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger
PerlBot TNTbotinger TeamTNT

2020-12-18 ⋅ ⋅ 360Quake ⋅ 360Quake
SolarWinds失陷服务器测绘分析报告
SUPERNOVA

2020-12-18 ⋅ Lawfare Blog ⋅ Benjamin Jensen, Brandon Valeriano, Mark Montgomery
The Strategic Implications of SolarWinds