Malpedia Library

2022-05-07 ⋅ DoublePulsar ⋅ Kevin Beaumont
BPFDoor — an active Chinese global surveillance tool
BPFDoor

2021-09-16 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot

2021-07-03 ⋅ Medium Doublepulsar ⋅ Kevin Beaumont
Kaseya supply chain attack delivers mass ransomware event to US companies
REvil

2021-06-27 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
Tweet on babuk ransomware builder
Babuk

2020-12-19 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity

2020-10-16 ⋅ Medium Doublepulsar ⋅ Kevin Beaumont
Second Zerologon attacker seen exploiting internet honeypot
RemCom

2019-03-21 ⋅ DoublePulsar ⋅ Kevin Beaumont
How Lockergoga took down Hydro — ransomware used in targeted attacks aimed at big business
LockerGoga