Malpedia Library

Click here to download all references as Bib-File.•

2021-01-26 ⋅ Twitter (@swisscom_csirt) ⋅ Swisscom CSIRT
Tweet on Cring Ransomware groups using customized Mimikatz sample followed by CobaltStrike and dropping Cring rasomware
Cobalt Strike Cring MimiKatz

2021-01-26 ⋅ Cybereason ⋅ Daniel Frank
Cybereason vs. RansomEXX Ransomware
RansomEXX RansomEXX

2021-01-26 ⋅ Medium s2wlab ⋅ Hyunmin Suh
W4 Jan | EN | Story of the week: Ransomware on the Darkweb
Avaddon Babuk LockBit

2021-01-26 ⋅ IBM ⋅ Nir Shwarts
TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?
TrickBot

2021-01-26 ⋅ Comae ⋅ Matt Suiche
PANDORABOX - North Koreans target security researchers
ComeBacker

2021-01-26 ⋅ Fidelis ⋅ Chris Kubic
Ongoing Analysis of SolarWinds Impacts
SUNBURST

2021-01-26 ⋅ One Night in Norfolk ⋅ Kevin Perlow
DPRK Malware Targeting Security Researchers
ComeBacker

2021-01-26 ⋅ Mimecast ⋅ Mimecast Contributing Writer
Important Security Update
SUNBURST

2021-01-26 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Mimecast links security breach to SolarWinds hackers
SUNBURST

2021-01-26 ⋅ Twitter (@RedDrip7) ⋅ RedDrip Team
Tweet on DPRK malware used to target security researchers

2021-01-26 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Operation Dream Job by Lazarus
LCPDot Torisma Lazarus Group

2021-01-26 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret

2021-01-26 ⋅ ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Undefeated, hackers use Visual Studio compiler features to target binary vulnerabilities security researcher

2021-01-26 ⋅ Trend Micro ⋅ Trend Micro Research
Examining a Sodinokibi Attack
REvil

2021-01-26 ⋅ Medium 0xthreatintel ⋅ 0xthreatintel
Reversing APT Tool : SManager (Unpacked)
SManager

2021-01-26 ⋅ Proofpoint ⋅ Axel F., Brandon Murphy, Dennis Schwarz
New Year, New Version of DanaBot
DanaBot

2021-01-26 ⋅ Kaspersky Labs ⋅ Kaspersky Lab ICS CERT
SunBurst industrial victims
SUNBURST

2021-01-25 ⋅ Google ⋅ Adam Weidemann
New campaign targeting security researchers
ComeBacker DRATzarus

2021-01-25 ⋅ ⋅ Cert-AgID ⋅ Cert-AgID
Individuato sito che veicola in Italia un APK malevolo
Oscorp

2021-01-25 ⋅ xorl %eax ⋅ Anastasios Pingios
On attribution: APT28, APT29…Turla: No, they are NOT the same