Malpedia Library

Click here to download all references as Bib-File.•

2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops
BazarBackdoor Cobalt Strike

2021-10-14 ⋅ Palo Alto Networks Unit 42 ⋅ Daiping Liu, Jin Chen, Leo Olson, Wayne Xin, Yue Guan
Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes

2021-10-07 ⋅ Palo Alto Networks Unit 42 ⋅ Peter Renals
SilverTerrier – Nigerian Business Email Compromise

2021-09-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brady Stout
Credential Harvesting at Scale Without Malware

2021-09-15 ⋅ Palo Alto Networks Unit 42 ⋅ Anna Chung, Swetha Balla
Phishing Eager Travelers
Dridex

2021-09-10 ⋅ Palo Alto Networks Unit 42 ⋅ Lucas Hu
PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection

2021-08-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brock Mammen, Haozhe Zhang
New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)
Mirai

2021-08-24 ⋅ Palo Alto Networks Unit 42 ⋅ Doel Santos, Ruchna Nigam
Ransomware Groups to Watch: Emerging Threats
HelloKitty AvosLocker HelloKitty Hive LockBit

2021-07-30 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability
BazarBackdoor Cobalt Strike

2021-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Mike Harbison
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX

2021-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Mark Lim
Evade Sandboxes With a Single Bit – the Trap Flag
lampion

2021-07-15 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Quinn Cooke, Robert Falcone
Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools
Gasket Mespinoza

2021-07-06 ⋅ paloalto Networks Unit 42 ⋅ John Martineau
Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
Gandcrab REvil

2021-07-03 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Kaseya VSA Ransomware Attack
REvil

2021-06-18 ⋅ Palo Alto Networks Unit 42 ⋅ Richard Hickman
Conti Ransomware Gang: An Overview
Conti

2021-06-16 ⋅ Palo Alto Networks Unit 42 ⋅ Jeff White, Kyle Wilhoit
Matanbuchus: Malware-as-a-Service with Demonic Intentions
Matanbuchus BelialDemon

2021-06-09 ⋅ Palo Alto Networks Unit 42 ⋅ Doel Santos
Prometheus Ransomware Gang: A Group of REvil?
Hakbit Prometheus REvil

2021-06-08 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist
TeamTNT Using WatchDog TTPs to Expand Its Cryptojacking Footprint

2021-06-07 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Prizmant
Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments

2021-06-04 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist
TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations