Malpedia Library

Click here to download all references as Bib-File.•

2020-10-29 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
KnSpy

2020-10-29 ⋅ CERT-FR ⋅ CERT-FR
LE MALWARE-AS-A-SERVICE EMOTET
Dridex Emotet ISFB QakBot

2020-10-29 ⋅ Mandiant ⋅ Andrew Moore, Genevieve Stark
FIN11: A Widespread Ransomware and Extortion Operation (Webinar)
FIN11

2020-10-29 ⋅ Twitter (@anthomsec) ⋅ Andrew Thompson
Tweet on UNC1878 activity
BazarBackdoor Ryuk TrickBot UNC1878

2020-10-29 ⋅ RiskIQ ⋅ RiskIQ
Ryuk Ransomware: Extensive Attack Infrastructure Revealed
Cobalt Strike Ryuk

2020-10-29 ⋅ US-CERT ⋅ US-CERT
Malware Analysis Report (AR20-303B): ZEBROCY Backdoor
Zebrocy

2020-10-29 ⋅ FBI ⋅ FBI
Alert Number ME-000138-TT: Indicators of Compromise Pertaining to Iranian Interference in the 2020 US Presidential Election

2020-10-29 ⋅ Cofense ⋅ Cofense
Online Leader Invites You to This Webex Phish

2020-10-29 ⋅ Twitter (@SophosLabs) ⋅ SophosLabs
Tweet on similarities between BUER in-memory loader & RYUK in-memory loader
Buer Ryuk

2020-10-29 ⋅ Red Canary ⋅ The Red Canary Team
A Bazar start: How one hospital thwarted a Ryuk ransomware outbreak
Cobalt Strike Ryuk TrickBot

2020-10-29 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan, Brittany Barbehenn, Doel Santos
Threat Assessment: Ryuk Ransomware and Trickbot Targeting U.S. Healthcare and Public Health Sector
Anchor BazarBackdoor Ryuk TrickBot

2020-10-29 ⋅ McAfee ⋅ McAfee Labs
McAfee Labs Threat Advisory Ransom-Ryuk
Ryuk

2020-10-29 ⋅ Palo Alto Networks Unit 42 ⋅ Janos Szurdi, Jingwei Fan, Ruian Duan, Seokkyung Chung, Zhanhao Chen
Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee
Emotet

2020-10-29 ⋅ US-CERT ⋅ US-CERT
Malware Analysis Report (AR20-303A): PowerShell Script: ComRAT
Agent.BTZ

2020-10-29 ⋅ Github (Swisscom) ⋅ Swisscom CSIRT
List of CobaltStrike C2's used by RYUK
Cobalt Strike

2020-10-29 ⋅ CNN ⋅ Alex Marquardt, Lauren Mascarenhas, Vivian Salama
Several hospitals targeted in new wave of ransomware attacks
Ryuk

2020-10-29 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hacking group is targeting US hospitals with Ryuk ransomware
Ryuk

2020-10-29 ⋅ Reuters ⋅ Christopher Bing, Joseph Menn
Building wave of ransomware attacks strike U.S. hospitals
Ryuk

2020-10-29 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Maze ransomware is shutting down its cybercrime operation
Egregor Maze

2020-10-29 ⋅ Bleeping Computer ⋅ Ionut Ilascu
REvil ransomware gang claims over $100 million profit in a year
REvil