Malpedia Library

2022-07-14 ⋅ Sophos ⋅ Andrew Brandt, Andy French, Bill Kearney, Elida Leite, Harinder Bhathal, Lee Kirkpatrick, Peter Mackenzie, Robert Weiland, Sergio Bestulic
BlackCat ransomware attacks not merely a byproduct of bad luck
BlackCat BlackCat

2022-07-14 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0100 - Online fraud using the subject of "monetary compensation" (CERT-UA#4964)

2022-07-14 ⋅ Dragos ⋅ Sam Hanson
The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators
Sality

2022-07-14 ⋅ Proofpoint ⋅ Crista Giering, Joshua Miller, Michael Raggi, Proofpoint Threat Research Team
Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media
Chinoxy APT31 Lazarus Group TA482

2022-07-14 ⋅ Cloudflare ⋅ Omer Yoachimik
Mantis - the most powerful botnet to date

2022-07-14 ⋅ Microsoft ⋅ Microsoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware
SiennaBlue SiennaPurple Storm-0530

2022-07-13 ⋅ Microsoft ⋅ Jonathan Bar Or, Microsoft 365 Defender Research Team
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

2022-07-13 ⋅ KELA ⋅ KELA Cyber Intelligence Center
The Next Generation of Info Stealers
Arkei Stealer Azorult BlackGuard Eternity Stealer Ginzo Stealer Mars Stealer MetaStealer Raccoon RedLine Stealer Vidar

2022-07-13 ⋅ Check Point ⋅ Check Point Research
A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets
Unidentified 093 (Sidewinder)

2022-07-13 ⋅ Cisco ⋅ Nick Biasini
Transparent Tribe begins targeting education sector in latest campaign
Crimson RAT Oblique RAT

2022-07-13 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Durgesh Sangvikar, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption
Cobalt Strike

2022-07-13 ⋅ HORIZON3.ai ⋅ Naveen Sunkavally
The Long Tail of Log4Shell Exploitation

2022-07-13 ⋅ Trellix ⋅ Mohsin Dalla, Sushant Kumar Arya
Targeted Attack on Government Agencies
AsyncRAT LimeRAT

2022-07-13 ⋅ Malwarebytes Labs ⋅ Hossein Jazi, Roberto Santos
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign
Cobalt Strike

2022-07-12 ⋅ Team Cymru ⋅ Team Cymru
An Analysis of Infrastructure linked to the Hagga Threat Actor
Hagga

2022-07-12 ⋅ Google ⋅ Google Threat Analysis Group, Shane Huntley
TAG Bulletin: Q2 2022

2022-07-12 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

2022-07-12 ⋅ Team Cymru ⋅ Kyle Krejci
An Analysis of Infrastructure linked to the Hagga Threat Actor
Agent Tesla

2022-07-12 ⋅ Zscaler ⋅ Aditya Sharma, Tarun Dewan
Rise in Qakbot attacks traced to evolving threat techniques
QakBot

2022-07-11 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 attack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4941)
Cobalt Strike