Malpedia Library

2021-03-16 ⋅ Elastic ⋅ Joe Desimone
Detecting Cobalt Strike with memory signatures
Cobalt Strike

2021-03-11 ⋅ Elastic ⋅ Daniel Stepanic
Update - Detection and Response for HAFNIUM Activity

2021-03-09 ⋅ 360 netlab ⋅ JiaYu
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities

2021-03-04 ⋅ Elastic ⋅ Devon Kerr
Detection and Response for HAFNIUM Activity
HAFNIUM

2020-12-18 ⋅ Elastic ⋅ Camilla Montonen, Justin Ibarra
Combining supervised and unsupervised machine learning for DGA detection
SUNBURST

2020-06-30 ⋅ Github (elastic) ⋅ Elastic
Detection Rules by Elastic

2020-06-25 ⋅ Elastic ⋅ Daniel Stepanic, Samir Bousseaden
A close look at the advanced techniques used in a Malaysian-focused APT campaign
DADSTACHE APT40

2020-05-25 ⋅ Elastic ⋅ Brent Murphy, David French, Jamie Butler
The Elastic Guide to Threat Hunting

2020-02-13 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, Seth Goodwin
Playing defense against Gamaredon Group
Pteranodon

2019-12-04 ⋅ Elastic ⋅ David French
Ransomware, interrupted: Sodinokibi and the supply chain
REvil

2017-07-18 ⋅ Elastic ⋅ Ashkan Hosseini
Ten process injection techniques: A technical survey of common and trending process injection techniques
Almanahe Diztakun Ginwui

2017-07-18 ⋅ Elastic ⋅ Ashkan Hosseini
Ten process injection techniques: A technical survey of common and trending process injection techniques
Cryakl CyberGate Dridex FinFisher RAT Locky