Malpedia Library

Click here to download all references as Bib-File.•

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD GARDEN
Gandcrab GOLD GARDEN

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD WINTER
Cobalt Strike Hades Meterpreter GOLD WINTER

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD SKYLINE
GOLD SKYLINE

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD BLACKBURN
Buer Dyre TrickBot WIZARD SPIDER

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD EVERGREEN
CryptoLocker Pony Zeus GOLD EVERGREEN

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD SYMPHONY
Buer GOLD SYMPHONY

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD SOUTHFIELD
REvil GOLD SOUTHFIELD

2021-01-01 ⋅ Secureworks ⋅ SecureWorks
Threat Profile: GOLD RIVERVIEW
Necurs GOLD RIVERVIEW

2021-01-01 ⋅ SecureWorks
Threat Profile: GOLD DRAKE
Cobalt Strike Dridex FriedEx Koadic MimiKatz WastedLocker Evil Corp

2020-12-24 ⋅ IronNet ⋅ Adam Hlavek
China cyber attacks: the current threat landscape
PLEAD TSCookie FlowCloud Lookback PLEAD PlugX Quasar RAT Winnti

2020-12-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Mindmap on Russia-linked threat groups

2020-12-22 ⋅ FBI ⋅ FBI
PIN Number 20201222-001: Advanced Persistent Threat Actors Leverage SolarWinds Vulnerabilities
SUNBURST

2020-12-22 ⋅ Symantec ⋅ Threat Hunter Team
SolarWinds Attacks: Stealthy Attackers Attempted To Evade Detection
SUNBURST

2020-12-21 ⋅ Bloomberg ⋅ Threat Hunter Team
SolarWinds Adviser Warned of Lax Security Years Before Hack

2020-12-21 ⋅ SophosLabs Uncut ⋅ SophosLabs Threat Research
How SunBurst malware does defense evasion
SUNBURST UNC2452

2020-12-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-17 ⋅ splunk ⋅ John Stoner
Onboarding Threat Indicators into Splunk Enterprise Security: SolarWinds Continued
SUNBURST

2020-12-17 ⋅ FireEye ⋅ Kelli Vanderlee
DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors

2020-12-17 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-352A): Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
SUNBURST

2020-12-16 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
旺刺组织（APT-C-47）使用ClickOnce技术的攻击活动披露