Malpedia Library

Click here to download all references as Bib-File.•

2021-02-17 ⋅ US-CERT ⋅ CISA
Malware Analysis Report (AR21-048G): AppleJeus: Ants2Whale
AppleJeus AppleJeus

2021-02-17 ⋅ US-CERT ⋅ CISA
Malware Analysis Report (AR21-048D): AppleJeus: Kupay Wallet
AppleJeus AppleJeus

2021-02-17 ⋅ US-CERT ⋅ CISA
Malware Analysis Report (AR21-048B): AppleJeus: JMT Trading
AppleJeus AppleJeus

2021-02-17 ⋅ US-CERT ⋅ CISA
Malware Analysis Report (AR21-048A): AppleJeus: Celas Trade Pro
AppleJeus AppleJeus

2021-02-17 ⋅ Cisco Talos ⋅ Vanja Svajcer
Masslogger campaigns exfiltrates user credentials
MASS Logger

2021-02-11 ⋅ US-CERT ⋅ CISA, FBI
Alert (AA21-042A): Compromise of U.S. Water Treatment Facility

2021-01-06 ⋅ CISA ⋅ US-CERT
Supply Chain Compromise
SUNBURST

2021-01-05 ⋅ CISA, FBI, NSA, ODNI
Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA)
SUNBURST

2021-01-04 ⋅ Cisco Talos ⋅ Azim Khodjibaev, Dmytro Korzhevin, Kendall McKay
Interview with a LockBit ransomware operator
LockBit

2020-12-21 ⋅ Cisco Talos ⋅ JON MUNSHAW
2020: The year in malware
WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader

2020-12-21 ⋅ US Court of Appeals for the Ninth Court ⋅ Cisco, Github, Google, Internet Association, LinkedIn, Microsoft, VMWare, WhatsApp
Case: 20-16408: WhatsApp et al. vs NSO Group

2020-12-14 ⋅ Cisco Talos ⋅ Nick Biasini
Threat Advisory: SolarWinds supply chain attack
SUNBURST TEARDROP

2020-12-13 ⋅ CISA ⋅ CISA
Active Exploitation of SolarWinds Software
SUNBURST

2020-12-09 ⋅ Cisco ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Fall 2020
Cobalt Strike IcedID Maze RansomEXX Ryuk

2020-11-18 ⋅ Cisco ⋅ Edmund Brumaghin, Jaeson Schultz, Nick Biasini
Back from vacation: Analyzing Emotet’s activity in 2020
Emotet

2020-11-17 ⋅ Cisco Talos ⋅ Nikhil Hegde
Nibiru ransomware variant decryptor
Nibiru

2020-11-09 ⋅ Digital14 ⋅ Ahmed Al Hashmi, Joseph Francis, Mylene Villacorte
The Exploitation of CVE-2020-0688 in the UAE

2020-10-29 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
KnSpy

2020-10-28 ⋅ CISA ⋅ CISA, FBI, HHS
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
AnchorDNS Anchor BazarBackdoor Ryuk

2020-09-30 ⋅ Virus Bulletin ⋅ Francis Labelle, Matthieu Faou
XDSPY: STEALING GOVERNMENT SECRETS SINCE 2011
XDSpy XDSpy