Malpedia Library

Click here to download all references as Bib-File.•

2021-12-22 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, Computer Emergency Response Team New Zealand (CERT NZ), FBI, New Zealand National Cyber Security Centre (NZ NCSC), NSA, United Kingdom’s National Cyber Security Centre (NCSC-UK)
Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

2021-12-02 ⋅ CISA ⋅ US-CERT
Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
KDC Sponge NGLite

2021-12-02 ⋅ Cisco ⋅ Tiago Pereira
Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension
Azorult RedLine Stealer

2021-11-20 ⋅ Youtube (HEXORCIST) ⋅ Nicolas Brulez
Unpacking Emotet and Reversing Obfuscated Word Document
Emotet

2021-11-18 ⋅ Cisco ⋅ Josh Pyorre
BlackMatter, LockBit, and THOR
BlackMatter LockBit PlugX

2021-11-17 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-17 ⋅ CISA ⋅ CISA
Cybersecurity Incident & Vulnerability Response Playbooks

2021-11-16 ⋅ Cisco ⋅ Asheer Malhotra, Chetan Raghuprasad, Vanja Svajcer
Attackers use domain fronting technique to target Myanmar with Cobalt Strike
Cobalt Strike

2021-11-10 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Kendall McKay
North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon

2021-11-09 ⋅ Cisco Talos ⋅ Claudio Bozzato, Lilith Wyatt
Cisco Talos finds 10 vulnerabilities in Azure Sphere’s Linux kernel, Security Monitor and Pluton

2021-11-03 ⋅ Cisco Talos ⋅ Caitlin Huey, Chetan Raghuprasad, Vanja Svajcer
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Babuk CHINACHOPPER

2021-10-26 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Mariano Graziano, Nick Mavis
SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle

2021-10-19 ⋅ Cisco Talos ⋅ Asheer Malhotra
Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India
DCRat Quasar RAT

2021-10-19 ⋅ Cisco ⋅ Artsiom Holub
STRRAT, ZLoader, and HoneyGain
STRRAT Zloader

2021-10-18 ⋅ NortonLifeLock ⋅ Norton Labs
Operation Exorcist - 7 Years of Targeted Attacks against the Roman Catholic Church
NewBounce PlugX Zupdax

2021-10-18 ⋅ CISA ⋅ US-CERT
Alert (AA21-291A): BlackMatter Ransomware
BlackMatter BlackMatter

2021-10-14 ⋅ CISA ⋅ US-CERT
Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems

2021-10-07 ⋅ Kaspersky ⋅ Fedor Sinitsyn, Yanis Zinchenko
Ransomware in the CIS
Cryakl Dharma Hakbit Phobos Void

2021-10-04 ⋅ Cisco ⋅ Tiago Pereira
Threat hunting in large datasets by clustering security events
BazarBackdoor TrickBot

2021-09-30 ⋅ Cisco ⋅ Arnaud Zobec, Vitor Ventura
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus