Malpedia Library

2022-10-07 ⋅ Checkmarx ⋅ Aviad Gershon, Dor Tumarkin, Jossef Harush, Raphael Silva, Roman Chikunov, Tal Folkman, Yehuda Gelb
LofyGang – Software Supply Chain Attackers; Organized, Persistent, and Operating for Over a Year
LofyGang

2022-10-07 ⋅ YouTube (BSides Portland) ⋅ Pim Trouerbach
SmokeLoader - The Pandora's box of Tricks
SmokeLoader

2022-10-07 ⋅ Team Cymru ⋅ S2 Research Team
A Visualizza into Recent IcedID Campaigns: Reconstructing Threat Actor Metrics with Pure Signal™ Recon
IcedID PhotoLoader

2022-10-06 ⋅ Aon ⋅ Andre Maccarone, Chapin Bryce, John Ailes
Amazon Web Services: Exploring The Cost Of Exfil

2022-10-06 ⋅ ThreatMon ⋅ ThreatMon Malware Research Team
Rhadamanthys Stealer Analysis
Rhadamanthys

2022-10-06 ⋅ Trellix ⋅ Daksh Kapur
Evolution of BazarCall Social Engineering Tactics
BazarBackdoor BazarCall

2022-10-06 ⋅ PolySwarm
NullMixer Drops Multiple Malware Families
LgoogLoader

2022-10-06 ⋅ SOCRadar ⋅ SOCRadar
New Spyware RatMilad Targets Middle Eastern Mobile Devices
RatMilad

2022-10-06 ⋅ YouTube ( BSides Budapest IT Security Conference) ⋅ Georgy Kucherin, Kurt Baumgartner
DiceyF deploys GamePlayerFramework (Video)
GamePlayerFramework

2022-10-06 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims
PlugX

2022-10-06 ⋅ CISA ⋅ FBI, NSA, US-CERT
Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

2022-10-06 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on Bumblebee being modularized like trickbot
BumbleBee

2022-10-05 ⋅ Zscaler ⋅ Aditya Sharma, Shatak Jain
Analysis of LilithBot Malware and Eternity Threat Group
Eternity Clipper Eternity Stealer Lilith

2022-10-05 ⋅ Fortinet ⋅ Xiaopeng Zhang
Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II
Formbook RedLine Stealer

2022-10-05 ⋅ Microsoft ⋅ Microsoft Security Threat Intelligence
Detecting and preventing LSASS credential dumping attacks

2022-10-05 ⋅ 4pfsec ⋅ 4pfsec
Havoc C2: First look
Havoc

2022-10-05 ⋅ BitSight ⋅ João Godinho, Stanislas Arnoud
Sinkholing PseudoManuscrypt: From Zero To 50k Infections - Part 1
PrivateLoader PseudoManuscrypt

2022-10-04 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – KONNI APT Group – Active IOCs
Konni Opal Sleet

2022-10-04 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Witchetty APT Group
Witchetty

2022-10-04 ⋅ Twitter (@sekoia_io) ⋅ sekoia
Tweets detailing operation of Erbium stealer
Erbium Stealer