Malpedia Library

Click here to download all references as Bib-File.•

2020-10-27 ⋅ Recorded Future ⋅ Insikt Group®
Pulse Report:Insikt Group Discovers Global Credential Harvesting Campaign Using FiercePhish Open Source Framework

2020-10-26 ⋅ SANS ISC InfoSec Forums ⋅ Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"

2020-10-23 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New RAT malware gets commands via Discord, has ransomware feature
Abaddon

2020-10-19 ⋅ IBM Security ⋅ Chen Nahman, Limor Kessem, Ofir Ozer
New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks
Vizom

2020-10-14 ⋅ FBI ⋅ FBI
FBI FLASH MU-000136-MW: Cyber ActorsTarget Misconfigured SonarQube Instances to Access Proprietary Source Code of US Government Agencies and Businesses

2020-10-08 ⋅ Bayerischer Rundfunk ⋅ Ann-Kathrin Wetter, Hakan Tanriverdi, Kai Biermann, Max Zierer, Thi Do Nguyen
There is no safe place
Cobalt Strike

2020-09-29 ⋅ Cisco Talos ⋅ Chris Neal
LodaRAT Update: Alive and Well
Loda

2020-09-21 ⋅ Cisco Talos ⋅ Joe Marshall, JON MUNSHAW, Nick Mavis
The art and science of detecting Cobalt Strike
Cobalt Strike

2020-09-11 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on discovery of a sample
Turla SilentMoon

2020-09-10 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
Recent Dridex activity
Dridex

2020-09-02 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink
Salfram: Robbing the place without removing your name tag
Ave Maria ISFB SmokeLoader Zloader

2020-09-01 ⋅ Cisco Talos ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends in Summer 2020
Cobalt Strike LockBit Mailto Maze Ryuk

2020-09-01 ⋅ Twitter (@Vishnyak0v) ⋅ Alexey Vishnyakov
Tweet on sample discovery
Unidentified 078 (Zebrocy Nim Loader?)

2020-08-13 ⋅ NSA ⋅ NSA
NSA and FBI Expose Russian Previously Undisclosed Malware “Drovorub” in Cybersecurity Advisory

2020-08-13 ⋅ National Security Agency ⋅ Federal Bureau of Investigation, National Security Agency
Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware

2020-07-30 ⋅ FireEye ⋅ Joseph Hladik, Josh Fleischer
Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates

2020-07-24 ⋅ VMWare Carbon Black ⋅ Andrew Costis
TAU Threat Discovery: Cryptocurrency Clipper Malware Evolves
Poulight Stealer

2020-07-08 ⋅ COLUMBIA | SIPA ⋅ Jennifer Keltz, John Patrick Dees, John Sakellariadis, Katherine von Ofenheim, Lan Pelekis, Matthew Armelli, Max Egar, Neal Pollard, Stuart Caudill, Vipratap Vikram Singh
Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations?

2020-07-08 ⋅ VMWare Carbon Black ⋅ Brian Baskin
TAU Threat Discovery: Conti Ransomware
Conti

2020-07-06 ⋅ Cisco Talos ⋅ Arnaud Zobec, Ben Baker, Edmund Brumaghin, JJ Cummings
WastedLocker Goes "Big-Game Hunting" in 2020
WastedLocker