Malpedia Library

2023-08-01 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm

2023-08-01 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
BatLoader Continues Signed MSIX App Package Abuse
BATLOADER

2023-08-01 ⋅ LinkedIn (PRODAFT) ⋅ PRODAFT
An organic relationship between the #Rhysida and #ViceSociety ransomware teams
Rhysida

2023-08-01 ⋅ AhnLab ⋅ ASEC
Sliver C2 Being Distributed Through Korean Program Development Company
Sliver

2023-08-01 ⋅ SentinelOne ⋅ Tom Hegel
Illicit Brand Impersonation | A Threat Hunting Approach

2023-07-31 ⋅ Github (Im4wasp) ⋅ Im4wasp
Github Repo for W4SP-Stealer-V2
W4SP Stealer

2023-07-31 ⋅ Cado Security ⋅ Matt Muir, Nate Bill
Cado Security Labs Encounter Novel Malware, Redis P2Pinfect
P2Pinfect

2023-07-31 ⋅ Medium (csg-govtech) ⋅ Greg Jefferson
China-Backed Hackers Threaten Texas Military Sites, Utilities

2023-07-31 ⋅ Proofpoint ⋅ Kelsey Merriman, Pim Trouerbach
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion
ISFB WikiLoader

2023-07-31 ⋅ d01a ⋅ Mohamed Adel
Pikabot deep analysis
Pikabot QakBot

2023-07-31 ⋅ Cleafy ⋅ Francesco Iubatti
SpyNote continues to attack financial institutions
SpyNote

2023-07-31 ⋅ OALabs ⋅ Sergei Frankoff
Bandit Stealer Garbled
Bandit Stealer

2023-07-29 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Unknown powershell backdoor with ties to new Zloader
Zloader

2023-07-29 ⋅ BleepingComputer ⋅ Lawrence Abrams
Linux version of Abyss Locker ransomware targets VMware ESXi servers
Abyss Locker

2023-07-29 ⋅ Google ⋅ Google Cybersecurity Action Team
Threat Horizons August 2023 Threat Horizons Report
SharkBot Cobalt Strike

2023-07-28 ⋅ Quorum Cyber ⋅ Quorum Cyber
Scattered Spider Threat Actor Profile
Cuba KillAV POORTRY

2023-07-28 ⋅ YouTube (SANS Cyber Defense) ⋅ Stef Rand
Drop It Like It's Qbot: Separating malicious droppers, loaders, and crypters from their payloads
CloudEyE QakBot

2023-07-28 ⋅ Red Canary ⋅ Stef Rand
Drop It Like It's Qbot: Separating malicious droppers, loaders, and crypters from their payloads
CloudEyE QakBot

2023-07-28 ⋅ CISA ⋅ CISA
CISA Releases Malware Analysis Reports on Barracuda Backdoors
SEASPY

2023-07-28 ⋅ Team Cymru ⋅ S2 Research Team
Inside the IcedID BackConnect Protocol (Part 2)
IcedID