Malpedia Library

Click here to download all references as Bib-File.•

2021-11-04 ⋅ CrowdStrike ⋅ Eric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 2
BlackMatter Griffon BlackMatter DarkSide HiddenTear JSSLoader

2021-10-27 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Tales From the Cryptojacking Front Lines

2021-10-25 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
OverWatch Elite In Action: Prompt Call Escalation Proves Vital to Containing Attack
MimiKatz

2021-10-25 ⋅ CrowdStrike ⋅ Mihai Maganu
WebAssembly Is Abused by eCriminals to Hide Malware

2021-10-21 ⋅ CrowdStrike ⋅ Alex Clinton, Tasha Robinson
Stopping GRACEFUL SPIDER: Falcon Complete’s Fast Response to Recent SolarWinds Serv-U Exploit Campaign
Cobalt Strike FlawedGrace TinyMet

2021-10-19 ⋅ CrowdStrike ⋅ Dan Meyer, Jamie Harris
LightBasin: A Roaming Threat to Telecommunications Companies
LightBasin

2021-10-12 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team
ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity
Babuk BlackMatter DarkSide REvil Avaddon Babuk BlackMatter DarkSide LockBit Mailto REvil

2021-09-30 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Hunting for the Confluence Exploitation: When Falcon OverWatch Becomes the First Line of Defense
Cobalt Strike

2021-09-17 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Falcon OverWatch Hunts Down Adversaries Where They Hide
BazarBackdoor Cobalt Strike

2021-09-15 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Shining a Light on DarkOxide

2021-09-14 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil

2021-09-08 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
2021 Threat Hunting Report

2021-08-31 ⋅ CrowdStrike ⋅ Alexander Hanel
Sidoh: WIZARD SPIDER’s Mysterious Exfiltration Tool
Ryuk Stealer

2021-08-30 ⋅ CrowdStrike ⋅ Eric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 1
Bateleur Griffon Carbanak DarkSide JSSLoader PILLOWMINT REvil

2021-08-30 ⋅ CrowdStrike ⋅ Michael Dawson
Hypervisor Jackpotting, Part 2: eCrime Actors Increase Targeting of ESXi Servers with Ransomware
Babuk HelloKitty REvil

2021-08-26 ⋅ CrowdStrike ⋅ Yaron Zinar
NTLM Keeps Haunting Microsoft

2021-08-11 ⋅ CrowdStrike ⋅ Liviu Arsene
Teaching an Old Dog New Tricks: 2017 Magniber Ransomware Uses PrintNightmare Vulnerability to Infect Victims in South Korea
Magniber

2021-08-04 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team, CrowdStrike IR, Falcon OverWatch Team
PROPHET SPIDER Exploits Oracle WebLogic to Facilitate Ransomware Activity
Cobalt Strike Egregor Mount Locker Prophet Spider

2021-08-03 ⋅ CrowdStrike ⋅ Eric Loui, Josh Reynolds, Michael DeCristofaro
Squashing SPIDERS: Threat Intelligence, Threat Hunting and Rapid Response Stops SQL Injection Campaign

2021-07-19 ⋅ CrowdStrike ⋅ Aspen Lindblom, Chris Sheldon, Joseph Godwin
Shlayer Malvertising Campaigns Still Using Flash Update Disguise
Shlayer