Malpedia Library

2022-11-27 ⋅ SecurityScorecard ⋅ Vlad Pasca
A Technical Analysis of Royal Ransomware
Royal Ransom

2022-11-27 ⋅ cocomelonc ⋅ cocomelonc
Malware development tricks: part 24. ListPlanting. Simple C++ example.
InvisiMole

2022-11-26 ⋅ BushidoToken Blog ⋅ BushidoToken
Detecting and Fingerprinting Infostealer Malware-as-a-Service platforms
CollectorGoomba Misha TitanStealer

2022-11-25 ⋅ ThreatBook ⋅ ThreatBook
Analysis of APT-C-60 Attack on South Korea
Unidentified 100 (APT-Q-12)

2022-11-25 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Twitter thread about RansomBoggs campaign against Ukraine

2022-11-25 ⋅ Resecurity ⋅ Resecurity
"In The Box" - Mobile Malware Webinjects Marketplace
Alien Cerberus Coper ERMAC Hydra

2022-11-25 ⋅ NL Times ⋅ NL Times
Russian hackers targeting Dutch gas terminal

2022-11-25 ⋅ Github (struppigel) ⋅ Karsten Hahn
Python script to decode NightHawk strings
Nighthawk

2022-11-24 ⋅ ExploitReversing ⋅ Alexandre Borges
Malware Analysis Series (MAS): Article 6
Ave Maria

2022-11-24 ⋅ Twitter (@strinsert1Na) ⋅ MigawariIV
Tweet on recent Bifrose activity
Bifrost

2022-11-23 ⋅ Twitter (@RedDrip7) ⋅ RedDrip Team
Tweets about potential Lazarus sample
Unidentified 101 (Lazarus?)

2022-11-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Detailing Daily Domain Hunting

2022-11-23 ⋅ ESET Research ⋅ Lukáš Štefanko
Bahamut cybermercenary group targets Android users with fake VPN apps
Bahamut

2022-11-23 ⋅ Cybereason ⋅ Cybereason Global SOC Team
THREAT ALERT: Aggressive Qakbot Campaign and the Black Basta Ransomware Group Targeting U.S. Companies
Black Basta QakBot

2022-11-22 ⋅ Proofpoint ⋅ Alexander Rausch, Proofpoint Threat Research Team
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice
Nighthawk

2022-11-22 ⋅ IBM Security ⋅ Charlotte Hammond
RansomExx upgrades to rust
RansomEXX RansomExx2

2022-11-22 ⋅ PolySwarm Tech Team ⋅ PolySwarm Tech Team
Phishing and Android Malware Campaign Targets Indian Banks
AxBanker

2022-11-22 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweets on SysUpdate / Soldier / HyperSSL
HyperSSL

2022-11-22 ⋅ The Record ⋅ Dina Temple-Raston
The Yanluowang ransomware group in their own words
Yanluowang

2022-11-21 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Aurora: a rising stealer flying under the radar
Aurora Stealer