Malpedia Library

2022-10-27 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Microsoft links Raspberry Robin worm to Clop ransomware attacks
Clop Raspberry Robin

2022-10-27 ⋅ ANY.RUN ⋅ ANY.RUN
STRRAT: Malware Analysis of a JAR archive
STRRAT

2022-10-25 ⋅ Microsoft ⋅ Microsoft Security Threat Intelligence
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
BlackCat Mount Locker PortStarter Zeppelin Vanilla Tempest

2022-10-25 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Brute Ratel Config Decoding update
Brute Ratel C4

2022-10-25 ⋅ VMware Threat Analysis Unit ⋅ Takahiro Haruyama
Tracking the entire iceberg: long-term APT malware C2 protocol emulation and scanning
ShadowPad Winnti

2022-10-25 ⋅ U.S. Department of Justice
Newly Unsealed Indictment Charges Ukrainian National with International Cybercrime Operation
Raccoon

2022-10-24 ⋅ Youtube (Virus Bulletin) ⋅ Google Threat Analysis Group, Luca Nagy
Uncovering a broad criminal ecosystem powered by one of the largest botnets
Glupteba

2022-10-24 ⋅ ⋅ AhnLab ⋅ ASEC Analysis Team
Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique
FudModule LazarDoor Racket Downloader

2022-10-23 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries
ROMCOM RAT RomCom

2022-10-22 ⋅ Microsoft ⋅ Microsoft Security Threat Intelligence
DEV-0952 deploys Daixin ransomware at hospitals

2022-10-21 ⋅ Symantec ⋅ Threat Hunter Team
Exbyte: BlackByte Ransomware Attackers Deploy New Exfiltration Tool
ExByte

2022-10-20 ⋅ Bleeping Computer ⋅ Bill Toulas
Hacking group updates Furball Android spyware to evade detection
FurBall

2022-10-18 ⋅ Logpoint ⋅ Anish Bogati, Nilaa Maharjan
Hunting Lockbit Variation
LockBit

2022-10-18 ⋅ Intrinsec ⋅ CERT Intrinsec, Intrinsec
APT27 – One Year To Exfiltrate Them All: Intrusion In-Depth Analysis
HyperBro MimiKatz

2022-10-17 ⋅ Atlantic Council ⋅ Bulelani Jili
China’s surveillance ecosystem and the global spread of its tools

2022-10-17 ⋅ SPUR ⋅ Sean S.
I Don’t Like Big Gateways (and I Cannot Lie) - How IP Reputation Gets Large Gateways Wrong

2022-10-17 ⋅ ⋅ Malverse ⋅ greenplan
Stack String Decryption with Ghidra Emulator (Orchard)
Orchard

2022-10-14 ⋅ Microsoft ⋅ Microsoft Security Threat Intelligence
New “Prestige” ransomware impacts organizations in Ukraine and Poland
Prestige

2022-10-13 ⋅ Syrion ⋅ Raffaele Sabato
QAKBOT BB Configuration and C2 IPs List
QakBot

2022-10-13 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Trend Micro warns of actively exploited Apex One RCE vulnerability (CVE-2022-40139)