Malpedia Library

Click here to download all references as Bib-File.•

2022-08-25 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
MimiKatz

2022-08-24 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC)
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone

2022-08-22 ⋅ Medium (Katie’s Five Cents) ⋅ Katie Nickels
A Cyber Threat Intelligence Self-Study Plan: Part 2

2022-08-17 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT

2022-08-15 ⋅ Malwarebytes ⋅ Threat Intelligence Team
JSSLoader: the shellcode edition
JSSLoader

2022-08-15 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Threat Intelligence - JSSLoader: the shellcode edition
JSSLoader

2022-08-15 ⋅ Microsoft ⋅ Digital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
Callisto

2022-08-15 ⋅ Microsoft ⋅ Digital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations

2022-08-13 ⋅ YoutTube (Blue Team Village) ⋅ Seongsu Park
Attribution and Bias: My terrible mistakes in threat intelligence attribution
AppleJeus Olympic Destroyer

2022-08-04 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage
Stealer0x3401 YaRAT

2022-07-29 ⋅ RiskIQ ⋅ Jordan Herman
Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief)

2022-07-27 ⋅ Microsoft ⋅ Microsoft Security Response Center (MSRC), Microsoft Threat Intelligence Center (MSTIC), RiskIQ
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero Denim Tsunami

2022-07-20 ⋅ Freebuf ⋅ Qi Anxin Threat Intelligence Center
Abused Slack Service: Analysis of APT29's Attack on Italy
Unidentified 098 (APT29 Slack Downloader)

2022-07-20 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Google Ads Lead to Major Malvertising Campaign

2022-07-20 ⋅ Mandiant ⋅ Mandiant Threat Intelligence
Evacuation and Humanitarian Documents used to Spear Phish Ukrainian Entities
Cobalt Strike GraphSteel GrimPlant MicroBackdoor

2022-07-14 ⋅ Microsoft ⋅ Microsoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware
SiennaBlue SiennaPurple Storm-0530

2022-07-12 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

2022-07-05 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Hive ransomware gets upgrades in Rust
Hive

2022-06-28 ⋅ Mandiant ⋅ Mandiant Threat Intelligence
Pro-PRC DRAGONBRIDGE Influence Campaign Targets Rare Earths Mining Companies in Attempt to Thwart Rivalry to PRC Market Dominance

2022-06-21 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine