Malpedia Library

Click here to download all references as Bib-File.•

2021-05-20 ⋅ Github (microsoft) ⋅ Microsoft
Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares
STRRAT OceanLotus BabyShark Elise Revenge RAT WastedLocker Zebrocy

2021-05-19 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike

2021-05-18 ⋅ Blackberry ⋅ BlackBerry Threat Research and Intelligence Team
Strong ARMing with MacOS: Adventures in Cross-Platform Emulation

2021-05-17 ⋅ splunk ⋅ Splunk Threat Research Team
DarkSide Ransomware: Splunk Threat Update and Detections
DarkSide

2021-05-13 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
Ransomware Groups Use Tor-Based Backdoor for Persistent Access
DarkSide Snatch GOLD WATERFALL

2021-05-13 ⋅ Blackberry ⋅ BlackBerry Threat Research and Intelligence Team
Threat Thursday: SombRAT — Always Leave Yourself a Backdoor
SombRAT

2021-05-13 ⋅ Anomali ⋅ Gage Mele, Tara Gould
Threat Actors Use MSBuild to Deliver RATs Filelessly
Remcos

2021-05-13 ⋅ DomainTools ⋅ John “Turbo” Conwell, Tim Helming
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors

2021-05-12 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 1
Cobalt Strike

2021-05-11 ⋅ VMRay ⋅ Mateusz Lukaszewski, VMRay Labs Team
Threat Bulletin: Exploring the Differences and Similarities of Agent Tesla v2 & v3
Agent Tesla

2021-05-11 ⋅ Qianxin ⋅ Qi'anxin Threat Intelligence
Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait

2021-05-10 ⋅ ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks
DarkSide

2021-05-10 ⋅ TEAMT5 ⋅ Charles Li
APT Threat Landscape of Taiwan in 2020

2021-05-06 ⋅ Black Hat ⋅ Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment

2021-05-06 ⋅ Blackberry ⋅ BlackBerry Research and Intelligence team
Threat Thursday: Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics
REvil

2021-05-05 ⋅ Symantec ⋅ Threat Hunter Team
Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques
CHINACHOPPER

2021-05-03 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Financially Motivated Aggressive Group Carrying Out Ransomware Campaigns – Active IOCs
FiveHands SombRAT UNC2447

2021-05-03 ⋅ splunk ⋅ Splunk Threat Research Team
Clop Ransomware Detection: Threat Research Release, April 2021
Clop

2021-05-03 ⋅ Proofpoint ⋅ Bryan Campbell, Kelsey Merriman, Proofpoint Threat Research Team, Selena Larson
New Variant of Buer Loader Written in Rust
Buer

2021-04-29 ⋅ NTT ⋅ Threat Detection NTT Ltd.
The Operations of Winnti group
Cobalt Strike ShadowPad Spyder Winnti Earth Lusca