Malpedia Library

Click here to download all references as Bib-File.•

2020-12-13 ⋅ FireEye ⋅ Alex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-13 ⋅ Microsoft ⋅ John Lambert
Important steps for customers to protect themselves from recent nation-state cyberattacks

2020-12-01 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Ron Deibert, Siddharth Prakash Rao, Siena Anstis
Running in Circles Uncovering the Clients of Cyberespionage Firm Circles

2020-11-17 ⋅ Salesforce Engineering ⋅ John Althouse
Easily Identify Malicious Servers on the Internet with JARM
Cobalt Strike TrickBot

2020-10-28 ⋅ Twitter (@BitsOfBinary) ⋅ John
Tweet on macOS version of Manuscrypt
Manuscrypt

2020-10-28 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Cedric Pernet, Daniel Lunghi, Elliot Cao, Jaromír Hořejší, John Zhang, Joseph C Chen, William Gamazo Sanchez
Operation Earth Kitsune: A Dance of Two New Backdoors
AgfSpy DneSpy SLUB Earth Kitsune

2020-10-19 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Cedric Pernet, Daniel Lunghi, Eliot Cao, Jaromír Hořejší, John Zhang, Joseph C. Chen, Nelson William Gamazo Sanchez
Operation Earth Kitsune: Tracking SLUB’s Current Operations
SLUB

2020-07-23 ⋅ The Daily Swig ⋅ John Leyden
Who is behind APT29? What we know about this nation-state cybercrime group

2020-07-10 ⋅ ReversingLabs ⋅ Christiaan Beek, Cooper Quintin, Hilko Bengen, Jo Johnson, Tom Ueltschi, Tomislav Pericin, Vitali Kremez, Wyatt Roersma
YARA Rules talks and presentation of REVERSING 2020

2020-07-08 ⋅ COLUMBIA | SIPA ⋅ Jennifer Keltz, John Patrick Dees, John Sakellariadis, Katherine von Ofenheim, Lan Pelekis, Matthew Armelli, Max Egar, Neal Pollard, Stuart Caudill, Vipratap Vikram Singh
Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations?

2020-07-01 ⋅ VMRay ⋅ John Faria
Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba
CollectorGoomba

2020-07-01 ⋅ VMRay ⋅ John Faria
Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba

2020-06-18 ⋅ Medium Huntress Labs ⋅ John Ferrell
Hiding In Plain Sight

2020-06-09 ⋅ CitizenLab ⋅ Adam Hulcoop, Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Dark Basin Uncovering a Massive Hack-For-Hire Operation
Dark Basin

2020-04-22 ⋅ FireEye ⋅ Ben Read, Gabby Roncone, John Hultquist, Sarah Jones, Scott Henderson
Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
METALJACK

2020-01-28 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Masashi Crete-Nishihata, Ron Deibert, Siena Anstis
Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator
Chrysaor

2020-01-21 ⋅ CrowdStrike ⋅ Johnny Shaw
Herpaderping: Security Risk or Unintended Behavior?

2019-12-18 ⋅ US District Court for the Eastern District of Virginia
MICROSOFT CORPORATION, Plaintiff, v. JOHN DOES 1-2, CONTROLLING A COMPUTER NETWORK THEREBY INJURING PLAINTIFF AND ITS CUSTOMERS
BabyShark Kimsuky

2019-11-01 ⋅ Virus Bulletin ⋅ Alexandre Mundo Alguacil, John Fokker
VB2019 paper: Different ways to cook a crab: GandCrab ransomware-as-a-service (RaaS) analysed in depth
Gandcrab