Malpedia Library

Click here to download all references as Bib-File.•

2022-02-03 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)
Pteranodon Gamaredon Group

2022-02-03 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine
Pteranodon Gamaredon Group

2022-01-27 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Amanda Tanner, Doel Santos
Threat Assessment: BlackCat Ransomware
BlackCat

2022-01-25 ⋅ Palo Alto Networks Unit 42 ⋅ Yaron Samuel
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies
Agent Tesla

2022-01-20 ⋅ Palo Alto Networks Unit 42 ⋅ Josh Grunzweig, Mike Harbison, Robert Falcone
Threat Brief: Ongoing Russia and Ukraine Cyber Conflict
WhisperGate

2021-12-29 ⋅ Palo Alto Networks Unit 42 ⋅ Daiping Liu, Jielong Xu, Wanjin Li, Zhanhao Chen
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
Chrysaor SUNBURST

2021-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ Peter Renals, Robert Falcone
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
Godzilla Webshell

2021-11-10 ⋅ Randori ⋅ Randori Attack Team
Zero-Day Disclosure: Palo Alto Networks GlobalProtect VPN CVE-2021-3064

2021-11-07 ⋅ Palo Alto Networks Unit 42 ⋅ Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite

2021-10-14 ⋅ Palo Alto Networks Unit 42 ⋅ Daiping Liu, Jin Chen, Leo Olson, Wayne Xin, Yue Guan
Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes

2021-10-07 ⋅ Palo Alto Networks Unit 42 ⋅ Peter Renals
SilverTerrier – Nigerian Business Email Compromise

2021-09-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brady Stout
Credential Harvesting at Scale Without Malware

2021-09-15 ⋅ Palo Alto Networks Unit 42 ⋅ Anna Chung, Swetha Balla
Phishing Eager Travelers
Dridex

2021-09-10 ⋅ Palo Alto Networks Unit 42 ⋅ Lucas Hu
PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection

2021-08-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brock Mammen, Haozhe Zhang
New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)
Mirai

2021-08-24 ⋅ Palo Alto Networks Unit 42 ⋅ Doel Santos, Ruchna Nigam
Ransomware Groups to Watch: Emerging Threats
HelloKitty AvosLocker HelloKitty Hive LockBit

2021-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Mike Harbison
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX

2021-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Mark Lim
Evade Sandboxes With a Single Bit – the Trap Flag
lampion

2021-07-15 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Quinn Cooke, Robert Falcone
Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools
Gasket Mespinoza

2021-07-03 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Kaseya VSA Ransomware Attack
REvil