Malpedia Library

Click here to download all references as Bib-File.•

2022-12-13 ⋅ Mandiant ⋅ Mandiant Intelligence
I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware
POORTRY

2022-12-13 ⋅ Margin Research ⋅ Justin Sherman
Analyzing Russian SDK Pushwoosh and Russian Code Contributions

2022-12-12 ⋅ SOCRadar ⋅ SOCRadar
Dark Web Profile: APT42 – Iranian Cyber Espionage Group
PINEFLOWER VINETHORN VBREVSHELL BROKEYOLK CHAIRSMACK DOSTEALER GHAMBAR SILENTUPLOADER TAG-56

2022-12-12 ⋅ Palo Alto Networks Unit 42 ⋅ Oz Soprin, Shachar Roitman
Precious Gemstones: The New Generation of Kerberos Attacks

2022-12-12 ⋅ Felipe Tarijon ⋅ Felipe Tarijon
LimeRAT Malware Is Used For Targeting Unskilled Threat Actors
LimeRAT

2022-12-12 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
Chaos

2022-12-12 ⋅ Reuters ⋅ Josh Smith
North Korean cyber spies deploy new tactic: tricking foreign experts into writing research for them

2022-12-12 ⋅ Checkpoint ⋅ Jiří Vinopal
Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper
Azov Wiper

2022-12-12 ⋅ Github (MalGamy) ⋅ MalGamy
YARA rule for Vohuk ransomware
Vohuk

2022-12-09 ⋅ Secureworks ⋅ SecureWorks' Counter Threat Unit Research Team
Drokbk Malware Uses GitHub as Dead Drop Resolver
Drokbk

2022-12-09 ⋅ Positive Technologies ⋅ PTSecurity
APT Cloud Atlas: Unbroken Threat

2022-12-09 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example.
Attor Zebrocy

2022-12-08 ⋅ Team Cymru ⋅ S2 Research Team
Iranian Exploitation Activities Continue as of November 2022

2022-12-08 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Vidar Stealer Malware Analysis
Vidar

2022-12-08 ⋅ Trustwave ⋅ Diana Lopera, Phil Hay, Rodel Mendrez
Trojanized OneNote Document Leads to Formbook Malware
Formbook

2022-12-08 ⋅ Fortinet ⋅ Fred Gutierrez, Shunichi Imano
Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants
AESRT ScareCrow Vohuk

2022-12-08 ⋅ Cybleinc ⋅ Cyble
Mallox Ransomware showing signs of Increased Activity
TargetCompany

2022-12-08 ⋅ Kaspersky ⋅ GReAT
DeathStalker targets legal entities with new Janicab variant
Janicab Janicab Stormwind

2022-12-08 ⋅ Palo Alto Networks Unit 42 ⋅ Dror Alon
Compromised Cloud Compute Credentials: Case Studies From the Wild

2022-12-08 ⋅ Cisco Talos ⋅ Tiago Pereira
Breaking the silence - Recent Truebot activity
Clop Cobalt Strike FlawedGrace Raspberry Robin Silence Teleport