Malpedia Library

2021-10-19 ⋅ NTT ⋅ Threat Detection Team Security division of NTT
The layered infrastructure operated by APT29
elf.wellmess

2021-10-19 ⋅ CrowdStrike ⋅ Dan Meyer, Jamie Harris
LightBasin: A Roaming Threat to Telecommunications Companies
LightBasin

2021-10-18 ⋅ 360 ⋅ 360Cert
Global Advanced Persistent Threat (APT) Research Report for the First Half of 2021
APT-C-60

2021-10-18 ⋅ Symantec ⋅ Threat Hunter Team
Harvester: Nation-state-backed group uses new toolset to target victims in South Asia
Cobalt Strike Graphon

2021-10-18 ⋅ SentinelOne ⋅ Antonis Terefos
Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree
Karma Nemty

2021-10-14 ⋅ Symantec ⋅ Threat Hunter Team
New Yanluowang ransomware used in targeted attacks
Yanluowang

2021-10-14 ⋅ CISA ⋅ US-CERT
Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems

2021-10-14 ⋅ Google ⋅ Ajax Bash, Google Threat Analysis Group
Countering threats from Iran (APT35)

2021-10-13 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
BlackBerry Shines Spotlight on Evolving Cobalt Strike Threat in New Book
Cobalt Strike

2021-10-13 ⋅ Anchored Narratives on Threat Intelligence and Geopolitics ⋅ RJM
Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor.
Crimson RAT

2021-10-12 ⋅ IronNet ⋅ Brett Fitzpatrick, IronNet Threat Research, Joey Fitzpatrick, Morgan Demboski, Peter Rydzynski
Continued Exploitation of CVE-2021-26084

2021-10-11 ⋅ Secureworks ⋅ SecureWorks
2021 State of the Threat: A Year in Review

2021-10-11 ⋅ Accenture ⋅ Accenture Cyber Threat Intelligence
Moving Left of the Ransomware Boom
REvil Cobalt Strike MimiKatz RagnarLocker REvil

2021-10-11 ⋅ Microsoft ⋅ Microsoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors

2021-10-07 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard, Google Threat Analysis Group
Tweet on IOCs related to APT28

2021-10-07 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: BluStealer Infostealer
BluStealer

2021-10-07 ⋅ Mandiant ⋅ Adam Brunner, Genevieve Stark, Jennifer Brooks, Jeremy Kennelly, Joshua Shilko, Kimberly Goody, Zach Riddle
FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets
BazarBackdoor GRIMAGENT Ryuk

2021-10-05 ⋅ ESET Research ⋅ Anton Cherepanov, Martin Smolár
UEFI threats moving to the ESP: Introducing ESPecter bootkit
ESPecter

2021-10-05 ⋅ EXPMON ⋅ EXPMON's Blog
Regarding the Threats Posed by Encrypted Office Files

2021-10-04 ⋅ Cisco ⋅ Tiago Pereira
Threat hunting in large datasets by clustering security events
BazarBackdoor TrickBot