Malpedia Library

Click here to download all references as Bib-File.•

2022-01-25 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
DEADBOLT

2022-01-25 ⋅ Sophos ⋅ Andrew Brandt, Jason Jenkins
Windows services lay the groundwork for a Midas ransomware attack

2022-01-25 ⋅ Blueliv ⋅ Blueliv
Cyber Threat Intelligence for Banking & Financial Services FOLLOW THE MONEY

2022-01-24 ⋅ Netskope ⋅ Ghanashyam Satpathy, Gustavo Palazolo
Infected PowerPoint Files Using Cloud Services to Deliver Multiple Malware
Agent Tesla

2022-01-21 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Better Together: The Power of Managed Cybersecurity Services in the Face of Pressing Global Security Challenges
LockBit LockBit BITWISE SPIDER

2022-01-21 ⋅ Zscaler ⋅ Brett Stone-Gross, Javier Vicente
Analysis of Xloader’s C2 Network Encryption
Xloader Formbook

2022-01-20 ⋅ US Department of Health and Human Services ⋅ HHS
Log4J Vulnerabilities and the Health Sector

2022-01-20 ⋅ Trend Micro ⋅ Fernando Mercês, Stephen Hilt
Backing Your Backup Defending NAS Devices Against Evolving Threats
QNAPCrypt QSnatch

2022-01-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA
WhisperGate

2022-01-12 ⋅ LIFARS
Newly Found Malware Threatens IoT Devices
BotenaGo

2022-01-11 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Signed DLL campaigns as a service
BATLOADER Cobalt Strike ISFB Zloader

2021-12-30 ⋅ GovInfo Security ⋅ Mathew J. Schwartz
Vice Society: Ransomware Gang Disrupted Spar Stores
HelloKitty

2021-12-11 ⋅ YouTube (AGDC Services) ⋅ AGDC Services
How To Extract & Decrypt Qbot Configs Across Variants
QakBot

2021-12-02 ⋅ CISA ⋅ US-CERT
Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
KDC Sponge NGLite

2021-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ Peter Renals, Robert Falcone
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
Godzilla Webshell

2021-12-01 ⋅ RiskIQ ⋅ Jordan Herman
Bulletproof Hosting Services: Investigating Shinjiru Technology Sdn Bhd

2021-11-18 ⋅ 360 netlab ⋅ Alex.Turing, Hui Wang, litao3rd, YANG XU
The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service
Specter

2021-11-13 ⋅ YouTube (AGDC Services) ⋅ AGDC Services
Automate Qbot Malware String Decryption With Ghidra Script
QakBot

2021-11-11 ⋅ AT&T ⋅ Ofer Caspi
AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits
BotenaGo

2021-11-08 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus