Malpedia Library

Click here to download all references as Bib-File.•

2022-09-30 ⋅ Microsoft ⋅ Microsoft Security Threat Intelligence
Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-09-30 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 12. Accessibility Features. Simple C++ example.

2022-09-30 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay
Diavol resurfaces
Diavol

2022-09-29 ⋅ Microsoft ⋅ LinkedIn Threat Prevention and Defense, Microsoft Security Threat Intelligence
ZINC weaponizing open-source software
BLINDINGCAN CLOUDBURST miniBlindingCan

2022-09-29 ⋅ BleepingComputer ⋅ Lawrence Abrams
New Royal Ransomware emerges in multi-million dollar attacks
Royal Ransom

2022-09-29 ⋅ NTT ⋅ NTT Security Holdings Corporation
Report on APT Attacks by BlackTech
Bifrost PLEAD TSCookie Flagpro Gh0stTimes SelfMake Loader SPIDERPIG RAT

2022-09-29 ⋅ ⋅ GTSC ⋅ GTSC SECURITY TEAM
Warning Campaign Attack Using Zero Day Vulnerability on Microsoft Exchange Server

2022-09-29 ⋅ Symantec ⋅ Threat Hunter Team
Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East
CHINACHOPPER Lookback MimiKatz PlugX Unidentified 096 (Keylogger) x4 Witchetty

2022-09-29 ⋅ Mandiant ⋅ Alexander Marvi, Jeremy Koppen, Jonathan Lepore, Tufail Ahmed
Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors
UNC3886

2022-09-28 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Securonix Threat Labs Security Advisory: Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors

2022-09-28 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Twitter Thread linking CloudMensis to RokRAT / ScarCruft
CloudMensis RokRAT

2022-09-28 ⋅ vmware ⋅ Giovanni Vigna
ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil

2022-09-28 ⋅ Recorded Future ⋅ Insikt Group®
1 KEY FOR 1 LOCK: The Chinese Communist Party’s Strategy for Targeted Propaganda

2022-09-28 ⋅ Kaspersky ⋅ GReAT
Prilex: the pricey prickle credit card complex

2022-09-28 ⋅ Barracuda ⋅ Tushar Richabadas
Threat Spotlight: Continuing attacks on Atlassian Confluence zero day

2022-09-28 ⋅ Gigamon ⋅ Pavle Culum, Roman Kroshinsky
Investigating Web Shells
Godzilla Webshell Behinder

2022-09-28 ⋅ ArrowRAT ⋅ ArrowRat
ArrowRat
ArrowRAT

2022-09-27 ⋅ Palo Alto Networks Unit 42 ⋅ Mark Lim
More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID
PhotoLoader

2022-09-26 ⋅ Youtube (Virus Bulletin) ⋅ Takahiro Haruyama
Tracking the entire iceberg long term APT malware C2 protocol emulation and scanning
ShadowPad Winnti

2022-09-26 ⋅ SentinelOne ⋅ Dinesh Devadoss, Phil Stokes
Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto
Interception