Malpedia Library

Click here to download all references as Bib-File.•

2023-07-11 ⋅ Cloudsek ⋅ Bablu Kumar
Breaking into the Bandit Stealer Malware Infrastructure
Bandit Stealer

2023-07-11 ⋅ Mandiant ⋅ Ng Choon Kiat, Rommel Joven
The Spies Who Loved You: Infected USB Drives to Steal Secrets
PlugX

2023-07-11 ⋅ Spamhaus ⋅ Spamhaus Malware Labs
Spamhaus Botnet Threat Update Q2 2023
Hydra AsyncRAT Aurora Stealer Ave Maria BumbleBee Cobalt Strike DCRat Havoc IcedID ISFB NjRAT QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Tofsee

2023-07-11 ⋅ Twitter (@embee_research) ⋅ Embee_research
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp
DarkSide

2023-07-11 ⋅ Microsoft ⋅ Microsoft
Storm-0978 attacks reveal financial and espionage motives
ROMCOM RAT

2023-07-10 ⋅ Mandiant ⋅ Jennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats

2023-07-08 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit
ROMCOM RAT

2023-07-08 ⋅ Gi7w0rm
CloudEyE — From .lnk to Shellcode
CloudEyE Remcos

2023-07-07 ⋅ Cert-UA ⋅ Cert-UA
UAC-0057 Targeted Cyber Attack Against Government Agencies Using PicassoLoader/njRAT (CERT-UA#6948)
PicassoLoader Ghostwriter

2023-07-07 ⋅ Medium cryptax ⋅ Axelle Apvrille
Eyes on Android/S.O.V.A botnet sample
S.O.V.A.

2023-07-07 ⋅ Rapid7 Labs ⋅ Caitlin Condon
Exploitation of Mitel MiVoice Connect SA CVE-2022-29499

2023-07-07 ⋅ Zscaler ⋅ Niraj Shivtarkar, Preet Kamal
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region

2023-07-07 ⋅ Lab52 ⋅ Lab52
Beyond appearances: unknown actor using APT29’s TTP against Chinese users
Cobalt Strike

2023-07-07 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example.

2023-07-06 ⋅ Microsoft ⋅ Microsoft Incident Response
The five-day job: A BlackByte ransomware intrusion case study
BlackByte ExByte

2023-07-06 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Examining Formbook Campaign via Phishing Emails
Formbook

2023-07-06 ⋅ Github (Helixo32) ⋅ Helixo32
NimBlackout
NimBlackout

2023-07-06 ⋅ WeLiveSecurity ⋅ Jakub Kaloč
What’s up with Emotet?
Emotet

2023-07-06 ⋅ CISA ⋅ CISA
Increased Truebot Activity Infects U.S. and Canada Based Networks
Silence

2023-07-05 ⋅ Aqua Nautilus ⋅ Assaf Morag, Ofek Itach
Threat Alert: Anatomy of Silentbob’s Cloud Attack
TeamTNT Tsunami