Malpedia Library

2020-06-24 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
BRONZE VINEWOOD Uses HanaLoader to Target Government Supply Chain
APT31

2020-06-24 ⋅ Counter Threat Unit ResearchTeam
BRONZE VINEWOOD Targets Supply Chains
MimiKatz Trochilus RAT APT31

2020-06-23 ⋅ Symantec ⋅ Critical Attack Discovery and Intelligence Team
Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike
Cobalt Strike REvil

2020-06-22 ⋅ Team Cymru ⋅ Dave Munson
Quick Wins with Network Flow Analysis

2020-06-22 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team, Sherrod DeGrippo
Hakbit Ransomware Campaign Against Germany, Austria, Switzerland
CloudEyE Hakbit

2020-06-18 ⋅ Microsoft ⋅ Microsoft Threat Protection Intelligence Team
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint (APT33/HOLMIUM)
POWERTON

2020-06-17 ⋅ Twitter (@VK_intel) ⋅ malwrhunterteam, Vitali Kremez
Tweet on signed Tinymet payload (V.02) used by TA505
TinyMet

2020-06-16 ⋅ Microsoft ⋅ Microsoft Threat Protection Intelligence Team
Exploiting a crisis: How cybercriminals behaved during the outbreak

2020-06-15 ⋅ Sansec ⋅ Sansec Threat Research Team
Magecart strikes amid Corona lockdown
magecart

2020-06-13 ⋅ REDTEAM.PL ⋅ Adam Ziaja
Black Kingdom ransomware (TTPs & IOC)
BlackKingdom Ransomware

2020-06-12 ⋅ ThreatConnect ⋅ ThreatConnect Research Team
Probable Sandworm Infrastructure
Avaddon Emotet Kimsuky

2020-06-09 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Honda and Enel impacted by cyber attack suspected to be ransomware
Snake

2020-06-08 ⋅ Medium shantanukhande ⋅ Shantanu Khandelwal
Red Team: Using SharpChisel to exfil internal network

2020-06-08 ⋅ Proofpoint ⋅ Dennis Schwarz, Georgi Mladenov, Michael Raggi, Proofpoint Threat Research Team
TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware
FlowCloud Lookback APT10 TA410

2020-06-05 ⋅ Votiro ⋅ Votiro’s Research Team
Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19
Dridex

2020-06-02 ⋅ Fox-IT ⋅ NCC RIFT, Nikolaos Pantazopoulos, Stefano Antenucci
In-depth analysis of the new Team9 malware family
BazarBackdoor

2020-06-02 ⋅ NCC Group ⋅ Nikolaos Pantazopoulos, Stefano Antenucci
In-depth analysis of the new Team9 malware family
BazarBackdoor

2020-05-28 ⋅ CrowdStrike ⋅ The Crowdstrike Intel Team
DarkSide Pipeline Attack Shakes Up the Ransomware-as-a-Service Landscape
DarkSide DarkSide

2020-05-26 ⋅ CrowdStrike ⋅ The Falcon Complete Team
Falcon Complete Disrupts Malvertising Campaign Targeting AnyDesk

2020-05-25 ⋅ ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
Hangul malware distributed in real estate investment related emails (using EPS)