Malpedia Library

Click here to download all references as Bib-File.•

2020-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ CRYPSIS, Drew Schmitt, Ryan Tracey
When Threat Actors Fly Under the Radar: Vatet, PyXie and Defray777
PyXie RansomEXX

2020-11-06 ⋅ Volexity ⋅ Steven Adair, Thomas Lancaster, Volexity Threat Research
OceanLotus: Extending Cyber Espionage Operations Through Fake Websites
Cobalt Strike KerrDown APT32

2020-11-04 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Persistent Actor Targets Ledger Cryptocurrency Wallets

2020-10-30 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-304A): Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

2020-10-30 ⋅ ⋅ 360 ⋅ Threat Intelligence Center
蓝色魔眼（APT-C-41）组织首次针对我国重要机构定向攻击活动披露
StrongPity

2020-10-30 ⋅ ⋅ Qianxin ⋅ Threat Intelligence Center
攻击武器再升级：Donot组织利用伪造签名样本的攻击活动分析

2020-10-29 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan, Brittany Barbehenn, Doel Santos
Threat Assessment: Ryuk Ransomware and Trickbot Targeting U.S. Healthcare and Public Health Sector
Anchor BazarBackdoor Ryuk TrickBot

2020-10-29 ⋅ McAfee ⋅ McAfee Labs
McAfee Labs Threat Advisory Ransom-Ryuk
Ryuk

2020-10-28 ⋅ KrebsOnSecurity ⋅ Brian Krebs
FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals
Ryuk

2020-10-28 ⋅ ESET Research ⋅ ESET Research
THREAT REPORT Q3 2020

2020-10-27 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-301A): North Korean Advanced Persistent Threat Focus: Kimsuky
BabyShark GREASE MECHANICAL Meterpreter Kimsuky

2020-10-27 ⋅ Sophos Managed Threat Response (MTR) ⋅ Greg Iddon
MTR Casebook: An active adversary caught in the act
Cobalt Strike

2020-10-26 ⋅ AWAKE ⋅ Ashish Gahlot
Threat Hunting for Avaddon Ransomware
Avaddon

2020-10-26 ⋅ ⋅ Qianxin ⋅ Threat Intelligence Center
Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait
SideWinder

2020-10-23 ⋅ F-Secure Labs ⋅ Guillaume Couchard, Qimin Wang, Thiam Loong Siew
Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two
MimiKatz

2020-10-23 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析
Zebrocy

2020-10-22 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-296B): Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

2020-10-22 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-296A): Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

2020-10-21 ⋅ Proofpoint ⋅ Cory Altheide, DAnon, Proofpoint Threat Research Team, Sam S.
Media Coverage Doesn’t Deter Actor From Threatening Democratic Voters

2020-10-21 ⋅ Symantec ⋅ Threat Hunter Team
Seedworm: Iran-Linked Group Continues to Target Organizations in the Middle East
PowGoop