Malpedia Library

Click here to download all references as Bib-File.•

2021-12-23 ⋅ Symantec ⋅ Siddhesh Chandrayan
Log4j Vulnerabilities: Attack Insights
Tsunami Conti Dridex Khonsari Orcus RAT TellYouThePass

2021-12-23 ⋅ newswires ⋅ Paul Mills
Hacker gains access to Hewlett-Packard 9000 EPYC server hardware to mine the cryptocurrency Raptoreum using Java exploit

2021-12-22 ⋅ Aqua Nautilus ⋅ Assaf Morag
Stopping a DreamBus Botnet Attack with Aqua’s CNDR
DreamBus Kinsing

2021-12-22 ⋅ Sophos ⋅ Anand Ajjan, Andrew Brandt, Ferenc László Nagy, Fraser Howard, Peter Mackenzie, Sergio Bestulic, Timothy Easton
Avos Locker remotely accesses boxes, even running in Safe Mode
AvosLocker

2021-12-22 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, Computer Emergency Response Team New Zealand (CERT NZ), FBI, New Zealand National Cyber Security Centre (NZ NCSC), NSA, United Kingdom’s National Cyber Security Centre (NCSC-UK)
Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

2021-12-22 ⋅ Know Chuangyu ⋅ Know Chuangyu
APT Tracking Analytics: Transparent Tribe Attack Activity
Crimson RAT

2021-12-21 ⋅ Twitter (@sisoma2) ⋅ sisoma2
BlackCat Ransomware Linux variant
BlackCat

2021-12-21 ⋅ Recorded Future ⋅ Charity Wright, Insikt Group®
China’s Narrative War on Democracy

2021-12-21 ⋅ Sophos ⋅ Andrew Brandt, Stephen Ormandy
Attackers test “CAB-less 40444” exploit in a dry run

2021-12-20 ⋅ IronNet ⋅ Brent Eskridge, Michael Leardi, Peter Rydzynski
Detecting anomalous network traffic resulting from a successful Log4j attack

2021-12-20 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
First time using a dual platform attack weapon? Analysis of the suspected SideCopy organization's attack activities against India

2021-12-20 ⋅ Sophos ⋅ Sean Gallagher
Logjam: Log4j exploit attempts continue in globally distributed scans, attacks

2021-12-20 ⋅ InfoSec Handlers Diary Blog ⋅ Alef Nula, Jan Kopriva
PowerPoint attachments, Agent Tesla and code reuse in malware
Agent Tesla

2021-12-19 ⋅ BleepingComputer ⋅ BleepingComputer
Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
MrBlack

2021-12-17 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam, Secureworks Incident Response Team
noPac: A Tale of Two Vulnerabilities That Could End in Ransomware

2021-12-17 ⋅ Trend Micro ⋅ Abraham Camba, Gilbert Sison, Jay Yaneza, Jonna Santos
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
QakBot

2021-12-17 ⋅ FBI ⋅ FBI
AC-000159-MW: APT Actors Exploiting Newly-Identified Zero Day in ManageEngine Desktop Central (CVE-2021-44515)
ShadowPad

2021-12-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Conti

2021-12-16 ⋅ Avast Decoded ⋅ Threat Intelligence Team
Avast Finds Backdoor on US Government Commission Network
Operation Red Signature

2021-12-16 ⋅ Kaspersky ICS CERT ⋅ Kaspersky
PseudoManuscrypt: a mass-scale spyware attack campaign
Fabookie