Malpedia Library

Click here to download all references as Bib-File.•

2021-04-01 ⋅ SentinelOne ⋅ Jim Walter
Avaddon RaaS | Breaks Public Decryptor, Continues On Rampage
Avaddon

2021-03-17 ⋅ Recorded Future ⋅ Insikt Group®
China-linked TA428 Continues to Target Russia and Mongolia IT Companies
PlugX Poison Ivy TA428

2021-03-09 ⋅ Cisco Talos ⋅ Cisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation

2021-03-05 ⋅ Trend Micro ⋅ Adi Peretz, Erick Thek, Trend Micro Research
Earth Vetala – MuddyWater Continues to Target Organizations in the Middle East
MuddyWater

2021-02-11 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise

2021-01-08 ⋅ splunk ⋅ James Brodsky, John Stoner, Lily Lee, Marcus LaFerrera, Ryan Kovar
A Golden SAML Journey: SolarWinds Continued
SUNBURST

2021-01-04 ⋅ splunk ⋅ John Stoner
Detecting Supernova Malware: SolarWinds Continued
SUPERNOVA

2020-12-17 ⋅ splunk ⋅ John Stoner
Onboarding Threat Indicators into Splunk Enterprise Security: SolarWinds Continued
SUNBURST

2020-11-25 ⋅ SentinelOne ⋅ Jim Walter
Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone
Cobalt Strike Egregor

2020-11-17 ⋅ cyble ⋅ Cyble
OceanLotus Continues With Its Cyber Espionage Operations
Cobalt Strike Meterpreter

2020-10-21 ⋅ Symantec ⋅ Threat Hunter Team
Seedworm: Iran-Linked Group Continues to Target Organizations in the Middle East
PowGoop

2020-09-14 ⋅ KELA ⋅ Sharon Bitton, Victoria Kivilevich
Back to School: Why Cybercriminals Continue to Target the Education Sector | Part Two

2020-09-02 ⋅ sonatype ⋅ Akshay 'Ax' Sharma
Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software

2020-08-03 ⋅ KELA ⋅ Sharon Bitton, Victoria Kivilevich
https://ke-la.com/back-to-school-why-cybercriminals-continue-to-target-the-education-sector/

2020-06-18 ⋅ Quick Heal ⋅ Preksha Saxena
Maze ransomware continues to be a threat to the consumers
Maze

2020-06-09 ⋅ RiskIQ ⋅ Jordan Herman
Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code
magecart

2020-04-28 ⋅ Microsoft ⋅ Microsoft Threat Protection Intelligence Team
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
LockBit Mailto Maze MedusaLocker Paradise RagnarLocker REvil RobinHood

2020-04-14 ⋅ SecurityIntelligence ⋅ Melissa Frydrych
TA505 Continues to Infect Networks With SDBbot RAT
SDBbot TinyMet TA505

2020-02-28 ⋅ Financial Security Institute ⋅ Financial Security Institute
Profiling of TA505 Threat Group That Continues to Attack the Financial Sector
Amadey Clop FlawedAmmyy Rapid Ransom SDBbot TinyMet

2020-02-07 ⋅ RiskIQ ⋅ Jordan Herman
Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign
magecart