Malpedia Library

Click here to download all references as Bib-File.•

2022-07-11 ⋅ BBC ⋅ Joe Tidy
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Predatory Sparrow

2022-07-11 ⋅ Soc Investigation ⋅ BalaGanesh
Threat Actors Delivers New Rozena backdoor with Follina Bug – Detection & Response
Rozena

2022-07-11 ⋅ Security Affairs ⋅ Pierluigi Paganini
Anubis Networks is back with new C2 server
Anubis

2022-07-10 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Anubis Network is back with new C2 server

2022-07-10 ⋅ Minerva Labs ⋅ Natalie Zargarov
Lockbit 3.0 AKA Lockbit Black is here, with a new icon, new ransom note, new wallpaper, but less evasiveness?
LockBit

2022-07-09 ⋅ spookysec ⋅ Ronnie
Analyzing a Brute Ratel Badger
Brute Ratel C4

2022-07-09 ⋅ Artik Blue ⋅ Artik Blue
Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)
Dridex

2022-07-08 ⋅ K7 Security ⋅ Harihara Sudhan
Beware of Root Certs in VPN

2022-07-08 ⋅ MalwareBookReports ⋅ muzi
CRULOADER: ZERO2AUTO
CruLoader

2022-07-08 ⋅ Sekoia ⋅ sekoia
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty Zeppelin

2022-07-08 ⋅ Sekoia ⋅ Threat & Detection Research Team
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty

2022-07-07 ⋅ IBM ⋅ Charlotte Hammond, Kat Weinberger, Ole Villadsen
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
AnchorMail BumbleBee Cobalt Strike IcedID Meterpreter

2022-07-07 ⋅ SANS ISC ⋅ Brad Duncan
Emotet infection with Cobalt Strike
Cobalt Strike Emotet

2022-07-07 ⋅ Cybereason ⋅ Cybereason Global SOC Team
THREAT ANALYSIS REPORT: LockBit 2.0 - All Paths Lead to Ransom
LockBit

2022-07-07 ⋅ Emsisoft ⋅ Emsisoft
AstraLocker decryptor
AstraLocker

2022-07-07 ⋅ Sentinel LABS ⋅ Tom Hegel
Targets of Interest - Russian Organizations Increasingly Under Attack By Chinese APTs
8.t Dropper Korlia Tonto Team

2022-07-07 ⋅ Aqua ⋅ Nitzan Yaakov
8220 Gang Deploys a New Campaign with Upgraded Techniques
Tsunami Water Sigbin

2022-07-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 cyberattack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4914)
Cobalt Strike

2022-07-06 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI
Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Maui Ransomware

2022-07-06 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI
CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)
Maui Ransomware