Malpedia Library

Click here to download all references as Bib-File.•

2022-04-21 ⋅ ZeroSec ⋅ Andy Gill
Understanding Cobalt Strike Profiles - Updated For Cobalt Strike 4.6
Cobalt Strike

2022-04-21 ⋅ CrowdStrike ⋅ Manoj Ahuje
LemonDuck Targets Docker for Cryptomining Operations
Lemon Duck

2022-04-20 ⋅ CISA ⋅ CISA
TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot TraderTraitor

2022-04-20 ⋅ Trend Micro ⋅ Ashish Verma, Nitesh Surana
Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners

2022-04-20 ⋅ CISA ⋅ CISA
Alert (AA22-110A): Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader Killnet

2022-04-20 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, Government Communications Security Bureau, National Crime Agency (NCA), NCSC UK, NSA
AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader

2022-04-20 ⋅ Expats.cz ⋅ ČTK
Russian hackers target Czech websites in a series of cyberattacks
Killnet

2022-04-20 ⋅ Symantec ⋅ Threat Hunter Team
Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine
Pteranodon

2022-04-20 ⋅ Bleeping Computer ⋅ Ionut Ilascu
REvil's TOR sites come alive to redirect to new ransomware operation
REvil

2022-04-19 ⋅ FBI ⋅ FBI
FBI Flash CU-000167-MW: BlackCat/ALPHV Ransomware Indicators of Compromise
BlackCat

2022-04-19 ⋅ 360 ⋅ 360 Netlab
Public Cloud Cybersecurity Threat Intelligence (202203)
Bashlite Tsunami Mirai

2022-04-19 ⋅ RiskIQ ⋅ Jennifer Grob
RiskIQ: Legitimate WordPress Site Hosts Malicious Content
AsyncRAT

2022-04-19 ⋅ Fortinet ⋅ Gergely Revay
Using Emulation Against Anti-Reverse Engineering Techniques
Pandora

2022-04-19 ⋅ Twitter (@Cryptolaemus1) ⋅ Cryptolaemus
#Emotet Update: 64 bit upgrade of Epoch 5
Emotet

2022-04-18 ⋅ AdvIntel ⋅ Vitali Kremez, Yelisey Boguslavskiy
Enter KaraKurt: Data Extortion Arm of Prolific Ransomware Group
AvosLocker BazarBackdoor BlackByte BlackCat Cobalt Strike HelloKitty Hive Karakurt

2022-04-18 ⋅ National Intelligence University ⋅ Kevin P. Riehle
Russian Intelligence: A Case-based Study of Russian Services and Missions Past and Present

2022-04-18 ⋅ CISA ⋅ CISA, FBI, U.S. Department of the Treasury
Alert (AA22-108A): TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot

2022-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, Elies Campo, Gözde Böcü, John Scott-Railton, Ron Deibert, Salvatore Solimano, Siena Anstis
CatalanGate Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
Chrysaor Caramel Tsunami

2022-04-18 ⋅ Cyble
Under The Lens: Eagle Monitor RAT - Upgraded Version Of RAT With New TTPs
EagleMonitorRAT

2022-04-18 ⋅ Trend Micro ⋅ Leandro Froes, Lucas Silva
An Investigation of the BlackCat Ransomware via Trend Micro Vision One
BlackCat