Malpedia Library

Click here to download all references as Bib-File.•

2020-11-13 ⋅ Netskope ⋅ Ashwin Vamshi
Here Comes TroubleGrabber: Stealing Credentials Through Discord
TroubleGrabber

2020-11-09 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control
Snugy

2020-11-05 ⋅ ZDNet ⋅ Charlie Osborne
Capcom quietly discloses cyberattack impacting email, file servers
RagnarLocker

2020-10-29 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
KnSpy

2020-10-27 ⋅ Recorded Future ⋅ Insikt Group®
Pulse Report:Insikt Group Discovers Global Credential Harvesting Campaign Using FiercePhish Open Source Framework

2020-10-26 ⋅ SANS ISC InfoSec Forums ⋅ Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"

2020-10-23 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New RAT malware gets commands via Discord, has ransomware feature
Abaddon

2020-10-19 ⋅ IBM Security ⋅ Chen Nahman, Limor Kessem, Ofir Ozer
New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks
Vizom

2020-10-14 ⋅ FBI ⋅ FBI
FBI FLASH MU-000136-MW: Cyber ActorsTarget Misconfigured SonarQube Instances to Access Proprietary Source Code of US Government Agencies and Businesses

2020-10-08 ⋅ Bayerischer Rundfunk ⋅ Ann-Kathrin Wetter, Hakan Tanriverdi, Kai Biermann, Max Zierer, Thi Do Nguyen
There is no safe place
Cobalt Strike

2020-09-29 ⋅ Cisco Talos ⋅ Chris Neal
LodaRAT Update: Alive and Well
Loda

2020-09-21 ⋅ Cisco Talos ⋅ Joe Marshall, JON MUNSHAW, Nick Mavis
The art and science of detecting Cobalt Strike
Cobalt Strike

2020-09-11 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on discovery of a sample
Turla SilentMoon

2020-09-10 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
Recent Dridex activity
Dridex

2020-09-02 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink
Salfram: Robbing the place without removing your name tag
Ave Maria ISFB SmokeLoader Zloader

2020-09-01 ⋅ Cisco Talos ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends in Summer 2020
Cobalt Strike LockBit Mailto Maze Ryuk

2020-09-01 ⋅ Twitter (@Vishnyak0v) ⋅ Alexey Vishnyakov
Tweet on sample discovery
Unidentified 078 (Zebrocy Nim Loader?)

2020-08-13 ⋅ NSA ⋅ NSA
NSA and FBI Expose Russian Previously Undisclosed Malware “Drovorub” in Cybersecurity Advisory

2020-08-13 ⋅ National Security Agency ⋅ Federal Bureau of Investigation, National Security Agency
Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware

2020-07-30 ⋅ FireEye ⋅ Joseph Hladik, Josh Fleischer
Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates