Malpedia Library

2021-10-28 ⋅ Twitter (@BrettCallow) ⋅ Brett Callow
Tweet on suspected actor behind Payorgrief ransomware
DoppelDridex DoppelPaymer

2021-10-27 ⋅ Twitter (@darienhuss) ⋅ Darien Huss
Tweet on FinickyFrogfish/Wslink malware used by TA444
Wslink

2021-10-26 ⋅ Intezer ⋅ Twitter (IntezerLabs)
Tweet on Linux version of REvil ransomware
REvil

2021-10-22 ⋅ Twitter (@GelosSnake) ⋅ Omri Segev Moyal
Tweet on List of wallets used by Darkside/Blackmatter Operator to split out the money
BlackMatter DarkSide BlackMatter DarkSide

2021-10-21 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on new variant of mac malware UpdateAgent/WizardUpdate
Vigram

2021-10-20 ⋅ Twitter (@lampnout) ⋅ Lampros Noutsos
Persistence and Privilege Escalation on Windows via Print Processors
CCleaner Backdoor

2021-10-19 ⋅ Twitter (@campuscodi) ⋅ Catalin Cimpanu
Tweet on Moses Staff
MosesStaff

2021-10-12 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet of re-emergence phorpiex with a new "Twizt" module
Phorpiex

2021-10-07 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard, Google Threat Analysis Group
Tweet on IOCs related to APT28

2021-10-06 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on ERMAC android malware
ERMAC

2021-09-28 ⋅ Twitter (@wvuuuuuuuuuuuuu) ⋅ WVU
Tweet on ITW exploitation of CVE-2021-22005

2021-09-28 ⋅ Twitter (@Max_Mal_) ⋅ Max Malyutin
Tweet on how to debug SquirrelWaffle
Squirrelwaffle

2021-09-26 ⋅ Twitter (@malwaremustd1e) ⋅ malwaremustdie
Tweet on Interesting way to hide hardcoded tcp/port of bindshell shellcode on OSX

2021-09-25 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Thread on Malicious Android apps posing as bank loan services are being widely distributed to targets in Asia
Unidentified APK 006

2021-09-24 ⋅ Twitter (@inversecos) ⋅ inversecos
A thread on TTPs of Prometheus Ransomware attacks
Prometheus

2021-09-20 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on Dark.IoT Botnet exploiting critical Azure vulnerability CVE-2021-38647 #OMIGOD
Dark

2021-09-16 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot

2021-09-15 ⋅ Twitter (@ReBensk) ⋅ Re-ind
Original Tweet on this unidentified Android banking malware targeting South Korea
Unidentified APK 006

2021-09-14 ⋅ Twitter (@siri_urz) ⋅ S!Ri
Tweet on ATOMSILO ransomware
ATOMSILO

2021-09-13 ⋅ Twitter (@GoSecure_Inc) ⋅ GoSecure
Tweet on BlueStealer
BluStealer