Malpedia Library

Click here to download all references as Bib-File.•

2021-03-05 ⋅ Wired ⋅ Andy Greenberg
Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims
CHINACHOPPER

2021-03-05 ⋅ Huntress Labs ⋅ Huntress Labs
Operation Exchange Marauder
CHINACHOPPER

2021-03-04 ⋅ Malpedia ⋅ Malpedia
Malpedia Page for family Sidewinder
SideWinder

2021-03-04 ⋅ NCC Group ⋅ Ollie Whitehouse
Deception Engineering: exploring the use of Windows Service Canaries against ransomware
Ryuk

2021-03-04 ⋅ Trend Micro ⋅ Don Ovid Ladores, Junestherry Salvador, Raphael Centeno
New in Ransomware: AlumniLocker, Humble Feature Different Extortion Techniques

2021-03-04 ⋅ CrowdStrike ⋅ The Falcon Complete Team
Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits
CHINACHOPPER HAFNIUM

2021-03-04 ⋅ Elastic ⋅ Devon Kerr
Detection and Response for HAFNIUM Activity
HAFNIUM

2021-03-04 ⋅ FireEye ⋅ Andrew Thompson, Chris DiGiamo, Matt Bromiley, Robert Wallace
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
CHINACHOPPER HAFNIUM

2021-03-04 ⋅ Microsoft ⋅ Andrea Lelli, Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
GoldMax

2021-03-04 ⋅ Microsoft ⋅ Andrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452

2021-03-04 ⋅ FireEye ⋅ Ben Read, Jonathan Leathery, Lindsay Smith
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452
UNC2452

2021-03-04 ⋅ WMC Global ⋅ WMC Global Threat Intelligence Team
The Compact Campaign

2021-03-04 ⋅ 360 netlab ⋅ Jinye
Gafgtyt_tor and Necro are on the move again
Bashlite N3Cr0m0rPh Keksec

2021-03-04 ⋅ Huntress Labs ⋅ Huntress Labs
Operation Exchange Marauder
CHINACHOPPER

2021-03-04 ⋅ F5 ⋅ Dor Nizar, Roy Moshailov
IcedID Banking Trojan Uses COVID-19 Pandemic to Lure New Victims
IcedID

2021-03-04 ⋅ Flashpoint ⋅ Flashpoint
Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker

2021-03-03 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Renewal of cyber attacks using the Pterodo hacker group Armageddon/Gamaredon
Pteranodon

2021-03-03 ⋅ ⋅ GTSC ⋅ GTSC
'Mild' update on Microsoft Exchange 0day security vulnerability being used to attack organizations in Vietnam
ToddyCat

2021-03-03 ⋅ MITRE ⋅ MITRE ATT&CK
HAFNIUM
CHINACHOPPER HAFNIUM

2021-03-03 ⋅ CISA ⋅ US-CERT
Mitigate Microsoft Exchange On-Premises Product Vulnerabilities