Malpedia Library

Click here to download all references as Bib-File.•

2023-04-12 ⋅ loginsoft ⋅ Bhargav koduru
Maximizing Threat Detections of Qakbot with Osquery
QakBot

2023-04-11 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Carmine Tsunami

2023-04-08 ⋅ Team Cymru ⋅ Scott Fisher
Deriving Insight from Threat Actor Infrastructure
Raccoon

2023-04-07 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
MERCURY and DEV-1084: Destructive attack on hybrid environment
DarkBit Storm-1084

2023-04-05 ⋅ Google ⋅ Adam Weidemann, Google Threat Analysis Group
How we’re protecting users from government-backed attacks from North Korea
BabyShark

2023-04-04 ⋅ Symantec ⋅ Threat Hunter Team
Mantis: New Tooling Used in Attacks Against Palestinian Targets
Arid Gopher Micropsia

2023-03-31 ⋅ vmware ⋅ Threat Analysis Unit
Investigating 3CX Desktop Application Attacks: What You Need to Know
3CX Backdoor

2023-03-31 ⋅ splunk ⋅ Splunk Threat Research Team
Splunk Insights: Investigating the 3CXDesktopApp Supply Chain Compromise
3CX Backdoor

2023-03-31 ⋅ Youtube (ThreatCatch) ⋅ ThreatCat.ch
Sinkholing the Domain Generation Algorithm of m0yv
Expiro m0yv

2023-03-30 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
eSentire Threat Intelligence Malware Analysis: BatLoader
BATLOADER Cobalt Strike ISFB SystemBC Vidar

2023-03-30 ⋅ Google ⋅ Google Threat Analysis Group, Shane Huntley
TAG Bulletin: Q1 2023

2023-03-30 ⋅ Rapid7 Labs ⋅ Rapid7
Backdoored 3CXDesktopApp Installer Used in Active Threat Campaign
3CX Backdoor

2023-03-30 ⋅ Huntress Labs ⋅ John Hammond
3CX VoIP Software Compromise & Supply Chain Threats
3CX Backdoor

2023-03-30 ⋅ Symantec ⋅ Threat Hunter Team
3CX: Supply Chain Attack Affects Thousands of Users Worldwide
3CX Backdoor IconicStealer

2023-03-30 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Insight Team
Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe
Winter Vivern

2023-03-29 ⋅ Google ⋅ Clement Lecigne, Google Threat Analysis Group
Spyware vendors use 0-days and n-days against popular platforms

2023-03-29 ⋅ CrowdStrike ⋅ Research & Threat Intel
CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers
3CX Backdoor

2023-03-28 ⋅ ThreatMon ⋅ Seyit Sigirci (@h3xecute), ThreatMon Malware Research Team
Chinotto Backdoor Technical Analysis of the APT Reaper’s Powerful Weapon
Chinotto

2023-03-27 ⋅ Elastic ⋅ Remco Sprooten
REF2924: how to maintain persistence as an (advanced?) threat
Godzilla Webshell Behinder NAPLISTENER SiestaGraph REF2924

2023-03-27 ⋅ Google ⋅ Google Cybersecurity Action Team
Threat Horizons: April 2023 Threat Horizons Report
Gdrive APT41