Malpedia Library

Click here to download all references as Bib-File.•

2024-05-05 ⋅ Github (VenzoV) ⋅ VenzoV
Latrodectus "littlehw"
Unidentified 111 (Latrodectus)

2024-05-04 ⋅ Medium MITRE-Engenuity ⋅ Lex Crumpton
Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion
WIREFIRE

2024-05-01 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
SSHDoor

2024-04-30 ⋅ Trellix ⋅ Max Kersten
Pouring Acid Rain
AcidPour AcidRain

2024-04-30 ⋅ 0x0d4y ⋅ 0x0d4y
Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement?
Unidentified 111 (Latrodectus)

2024-04-29 ⋅ ThreatMon ⋅ Kerime Gencay, MalwareR&DTeam
Understanding the 'Kapeka' Backdoor: Detailed Analysis by APT44 (paywall)
Kapeka

2024-04-29 ⋅ Twitter (@sekoia_io) ⋅ sekoia
@sekoia_io's tweet about the (not so) new infostealer, named ACR Stealer
win.acr_stealer

2024-04-29 ⋅ Zscaler ⋅ Santiago Vicente
Zloader Learns Old Tricks
Zloader

2024-04-29 ⋅ The DFIR Report ⋅ The DFIR Report
From IcedID to Dagon Locker Ransomware in 29 Days
IcedID Mount Locker

2024-04-25 ⋅ Microsoft ⋅ Microsoft Incident Response Team
Guidance for Incident Responders

2024-04-24 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Qakbot 5.0 – Decrypt strings and configuration
QakBot

2024-04-24 ⋅ Cisco ⋅ Cisco Talos
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
ArcaneDoor Storm-1849

2024-04-24 ⋅ NCSC UK ⋅ NCSC UK
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices.

2024-04-24 ⋅ NCSC UK ⋅ NCSC UK
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices.

2024-04-24 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover
Cobalt Strike SSLoad