Malpedia Library

2020-12-15 ⋅ Medium 0xthreatintel ⋅ 0xthreatintel
Reversing Conti Ransomware
Conti

2020-12-14 ⋅ Symantec ⋅ Threat Hunter Team
Sunburst: Supply Chain Attack Targets SolarWinds Users
SUNBURST TEARDROP

2020-12-14 ⋅ Cisco Talos ⋅ Nick Biasini
Threat Advisory: SolarWinds supply chain attack
SUNBURST TEARDROP

2020-12-14 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: SolarStorm and SUNBURST Customer Coverage
Cobalt Strike SUNBURST

2020-12-14 ⋅ Volexity ⋅ Damien Cash, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster, Volexity Threat Research
Dark Halo Leverages SolarWinds Compromise to Breach Organizations
SUNBURST

2020-12-13 ⋅ SlideShare (ChiEnAshleyShen) ⋅ Chi-en Shen, Steve Su
From ThreatHunting to Campaign Tracking
Xtreme RAT

2020-12-12 ⋅ Medium 0xthreatintel ⋅ 0xthreatintel
Reversing QakBot [ TLP: White]
QakBot

2020-12-10 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Threat Brief: FireEye Red Team Tool Breach
Cobalt Strike

2020-12-08 ⋅ Red Canary ⋅ Matt Graeber
The why, what, and how of threat research

2020-12-08 ⋅ Palo Alto Networks Unit 42 ⋅ Brittany Barbehenn, Doel Santos, Robert Falcone
Threat Assessment: Egregor Ransomware
Egregor

2020-12-07 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Commodity .NET Packers use Embedded Images to Hide Payloads
Agent Tesla Loki Password Stealer (PWS) Remcos

2020-12-03 ⋅ Kaspersky ⋅ GReAT
APT annual review: What the world’s threat actors got up to in 2020
TwoSail Junk

2020-12-02 ⋅ Aqua Nautilus ⋅ Assaf Morag, Idan Revivo
Threat Alert: Fileless Malware Executing in Containers
TeamTNT

2020-12-02 ⋅ Sansec ⋅ Sansec Threat Research Team
Persistent parasite in EOL Magento 2 stores wakes at Black Friday
magecart

2020-12-02 ⋅ Aqua ⋅ Assaf Morag, Idan Revivo
Threat Alert: Fileless Malware Executing in Containers
Tsunami

2020-12-01 ⋅ Qianxin ⋅ Qi Anxin Threat Intelligence Center
Blade Eagle Group - Targeted attack group activities circling the Middle East and West Asia's cyberspace revealed
SpyNote BladeHawk

2020-12-01 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-336A): Advanced Persistent Threat Actors Targeting U.S. Think Tanks

2020-11-30 ⋅ Yoroi ⋅ Antonio Pirozzi, Luca Mella, Luigi Martire
Shadows From The Past Threaten Italian Enterprises
Rekoobe LaZagne Responder MimiKatz win.rekoobe

2020-11-30 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them
APT32

2020-11-30 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Threat actor (BISMUTH) leverages coin miner techniques to stay under the radar – here’s how to spot them
Cobalt Strike