Malpedia Library

Click here to download all references as Bib-File.•

2022-04-12 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattack of Sandworm Group (UAC-0082) on energy facilities of Ukraine using malicious programs INDUSTROYER2 and CADDYWIPER (CERT-UA # 4435)
CaddyWiper Industroyer INDUSTROYER2

2022-04-12 ⋅ Max Kersten's Blog ⋅ Max Kersten
Ghidra script to handle stack strings
CaddyWiper PlugX

2022-04-12 ⋅ Twitter (@apt773) ⋅ Section 773
Tween on Lapsus$ (UNC3661) Attack chain of compromise via Sitel (Okta subprocessor)'s systems

2022-04-12 ⋅ ⋅ 360 Threat Intelligence Center ⋅ 360 Beacon Lab
Recent attacks by Bahamut group revealed
Bahamut

2022-04-12 ⋅ Sophos ⋅ Andrew Brandt, Angela Gunn, Ferenc László Nagy, Johnathan Fern, Linda Smith, Matthew Everts, Mauricio Valdivieso, Melissa Kelly, Peter Mackenzie, Sergio Bestulic
Attackers linger on government agency computers before deploying Lockbit ransomware
LockBit

2022-04-12 ⋅ AhnLab ⋅ ASEC Analysis Team
SystemBC Being Used by Various Attackers
Emotet SmokeLoader SystemBC

2022-04-11 ⋅ ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
Snow Abuse: Analysis of the Suspected Lazarus Attack Activities against South Korean Companies

2022-04-11 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild
FFDroider

2022-04-11 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
CISA warns orgs of WatchGuard bug exploited by Russian state hackers
CyclopsBlink

2022-04-09 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hackers use Conti's leaked ransomware to attack Russian companies
Conti

2022-04-09 ⋅ ⋅ HackMD.io (@antoinenguyen09) ⋅ HoangNCH
Method of analyzing and unpacking compressed PE (Portable Executable) files

2022-04-08 ⋅ GIAC ⋅ Greg Hartrell
Get a handle on cd00r: The invisible backdoor
cd00r

2022-04-08 ⋅ K7 Security ⋅ Vigneshwaran P
CryptoClip Hijacker
CryptoClippy

2022-04-08 ⋅ DataBreaches.net ⋅ Dissent
East Tennessee Children’s Hospital updates information on ransomware incident
Storm-0829

2022-04-08 ⋅ ThreatFabric ⋅ ThreatFabric
Look out for Octo's tentacles! A new on-device fraud Android Banking Trojan with a rich legacy
Coper ExoBot

2022-04-08 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine
HilalRAT

2022-04-08 ⋅ Palo Alto Networks Unit 42 ⋅ Inbal Shalev, Irena Damsky, Shimi Cohen
New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns
solarmarker

2022-04-08 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware
Mirai

2022-04-08 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Researchers Connect BlackCat Ransomware with Past BlackMatter Malware Activity
BlackCat BlackMatter BlackCat BlackMatter

2022-04-08 ⋅ The Register ⋅ Laura Dobberstein
China accused of cyberattacks on Indian power grid
ShadowPad