Malpedia Library

Click here to download all references as Bib-File.•

2025-01-30 ⋅ eSentire ⋅ eSentire
Ongoing Email Bombing Campaigns leading to Remote Access and Post-Exploitation
Black Basta ReedBed UNC4393

2025-01-30 ⋅ Bitdefender ⋅ Martin Zugec
UAC-0063: Cyber Espionage Operation Expanding from Central Asia
HATVIBE

2025-01-30 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Backdoor found in two healthcare patient monitors, linked to IP in China

2025-01-30 ⋅ Department of Justice ⋅ U.S. Attorney's Office Southern District of Texas
Cybercrime websites selling hacking tools to transnational organized crime groups seized

2025-01-30 ⋅ RevEng.AI ⋅ RevEng.AI
One ClickFix and LummaStealer reCAPTCHA’s Our Attention - Part 1
Lumma Stealer

2025-01-30 ⋅ ⋅ Intrinsec ⋅ CTI Intrinsec
Telegram Stories: voice spoofers, tools and operating modes

2025-01-29 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret

2025-01-29 ⋅ Google ⋅ Conor Quigley, Luke Jenkins, Nino Isakovic
ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator
POISONPLUG ShadowPad SNAPPYBEE

2025-01-28 ⋅ Group-IB ⋅ Nikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx

2025-01-28 ⋅ Hunt.io ⋅ Hunt.io
SparkRAT: Server Detection, macOS Activity, and Malicious Connections
SparkRAT

2025-01-27 ⋅ Zscaler ⋅ ThreatLabZ research team, Zscaler
Technical Analysis of Xloader Versions 6 and 7 | Part 1
Xloader

2025-01-27 ⋅ SecurityScorecard ⋅ STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign

2025-01-26 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation stage JavaScript and PowerShell
Emmenhtal

2025-01-23 ⋅ Github (PaloAltoNetworks) ⋅ Brad Duncan
Cluster of Infrastructure likely used by Affiliate of Dark Scorpius (Black Basta)
ReedBed

2025-01-23 ⋅ Hunt.io ⋅ Hunt.io
Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity
KEYPLUG

2025-01-23 ⋅ AhnLab ⋅ ASEC
RID Hijacking Technique Utilized by Andariel Attack Group
CreateHiddenAccount JuicyPotato

2025-01-23 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Helldown Ransomware Malware Analysis Report
HellDown

2025-01-22 ⋅ Vertex ⋅ Savage
Categorizing Software with Code Families
WarmCookie

2025-01-21 ⋅ KrCert ⋅ Dongwook Kim, Seulgi Lee
Analysis of Attack Strategies Targeting Centralized Management Solutions

2025-01-21 ⋅ Knownsec ⋅ Knownsec 404 Team
Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia
GamaCopy