Malpedia Library

Click here to download all references as Bib-File.•

2021-05-18 ⋅ KEYSIGHT TECHNOLOGIES ⋅ Radu Emanuel Chiscariu
DarkSide Ransomware Behavior and Techniques
DarkSide

2021-05-17 ⋅ Uptycs ⋅ Ashwin Vamshi, Siddartha Sharma
Discovery of Simps Botnet Leads To Ties to Keksec Group
Bashlite Mirai

2021-05-17 ⋅ Fortinet ⋅ Fred Gutierrez, Gayathri Thirugnanasambandam, Val Saengphaibul
Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions
DarkSide

2021-05-07 ⋅ Cisco Talos ⋅ Andrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck

2021-04-23 ⋅ Darktrace ⋅ Max Heinemeyer
APT35 ‘Charming Kitten' discovered in a pre-infected environment

2021-04-22 ⋅ Twitter (@ET_Labs) ⋅ ET Labs
Tweet on Lunar Builder exfiltrating data via Discord webhook

2021-04-20 ⋅ FireEye ⋅ Alex Pennino, Chris DiGiamo, Josh Fleischer
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise

2021-04-18 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Discord Nitro gift codes now demanded as ransomware payments
Nitro

2021-04-07 ⋅ Talos ⋅ Chris Neal, Edmund Brumaghin, Nick Biasini, Paul Eubanks.
Sowing Discord: Reaping the benefits of collaboration app abuse

2021-04-06 ⋅ Github (FrenchCisco) ⋅ FrenchCisco
Github Repository: RATel
RATel

2021-03-26 ⋅ Imperva ⋅ Daniel Johnston
Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures
CHINACHOPPER

2021-03-24 ⋅ Cisco ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Winter 2020-21
Egregor REvil WastedLocker

2021-03-22 ⋅ K7 Security ⋅ Mary Muthu Francisca
MalSpam Campaigns Download njRAT from Paste Sites
NjRAT

2021-03-09 ⋅ Cisco Talos ⋅ Cisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation

2021-03-02 ⋅ Cisco Talos ⋅ Asheer Malhotra
ObliqueRAT returns with new campaign using hijacked websites
Oblique RAT

2021-03-01 ⋅ The Record ⋅ Catalin Cimpanu
First Fully Weaponized Spectre Exploit Discovered Online

2021-02-24 ⋅ ⋅ VMWare Carbon Black ⋅ Takahiro Haruyama
Knock, knock, Neo. - Active C2 Discovery Using Protocol Emulation
Cobalt Strike

2021-02-23 ⋅ Twitter ⋅ Twitter Safety
Disclosing networks of state-linked information operations

2021-02-17 ⋅ VinCSS ⋅ Trương Quốc Ngân
[RE020] ElephantRAT (Kunming version): our latest discovered RAT of Panda and the similarities with recently Smanager RAT
SManager

2021-02-17 ⋅ Cisco Talos ⋅ Vanja Svajcer
Masslogger campaigns exfiltrates user credentials
MASS Logger