Malpedia Library

Click here to download all references as Bib-File.•

2021-05-13 ⋅ Anomali ⋅ Gage Mele, Tara Gould
Threat Actors Use MSBuild to Deliver RATs Filelessly
Remcos

2021-05-13 ⋅ DomainTools ⋅ John “Turbo” Conwell, Tim Helming
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors

2021-05-12 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 1
Cobalt Strike

2021-05-11 ⋅ VMRay ⋅ Mateusz Lukaszewski, VMRay Labs Team
Threat Bulletin: Exploring the Differences and Similarities of Agent Tesla v2 & v3
Agent Tesla

2021-05-11 ⋅ Qianxin ⋅ Qi'anxin Threat Intelligence
Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait

2021-05-10 ⋅ ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks
DarkSide

2021-05-10 ⋅ TEAMT5 ⋅ Charles Li
APT Threat Landscape of Taiwan in 2020

2021-05-06 ⋅ Black Hat ⋅ Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment

2021-05-06 ⋅ Blackberry ⋅ BlackBerry Research and Intelligence team
Threat Thursday: Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics
REvil

2021-05-05 ⋅ Symantec ⋅ Threat Hunter Team
Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques
CHINACHOPPER

2021-05-03 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Financially Motivated Aggressive Group Carrying Out Ransomware Campaigns – Active IOCs
FiveHands SombRAT UNC2447

2021-05-03 ⋅ splunk ⋅ Splunk Threat Research Team
Clop Ransomware Detection: Threat Research Release, April 2021
Clop

2021-05-03 ⋅ Proofpoint ⋅ Bryan Campbell, Kelsey Merriman, Proofpoint Threat Research Team, Selena Larson
New Variant of Buer Loader Written in Rust
Buer

2021-04-29 ⋅ NTT ⋅ Threat Detection NTT Ltd.
The Operations of Winnti group
Cobalt Strike ShadowPad Spyder Winnti Earth Lusca

2021-04-29 ⋅ 360 netlab ⋅ Jinye, Liu Ya, YANG XU
Threat Alert: New update from Sysrv-hello, now infecting victims‘ webpages to push malicious exe to end users

2021-04-29 ⋅ Maltego ⋅ Maltego Team
Investigating TA413 Threat Actor Group Using OpenCTI in Maltego

2021-04-27 ⋅ Positive Technologies ⋅ PT ESC Threat Intelligence
Lazarus Group Recruitment: Threat Hunters vs Head Hunters

2021-04-26 ⋅ Dragos ⋅ Dragos
New ICS Threat Activity Group: TALONITE
FlowCloud Lookback

2021-04-22 ⋅ xorl %eax, %eax ⋅ Anastasios Pingios
A gentle introduction to building a threat intelligence team

2021-04-22 ⋅ Spamhaus ⋅ Spamhaus Malware Labs
Spamhaus Botnet Threat Update Q1 2021
Emotet Ficker Stealer Raccoon