Malpedia Library

Click here to download all references as Bib-File.•

2023-02-23 ⋅ Bitdefender ⋅ Bitdefender Team, Martin Zugec
Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966
Cobalt Strike DarkComet QuiteRAT RATel

2023-02-23 ⋅ K7 Security ⋅ Vigneshwaran P
The DoNot APT
DONOT

2023-02-23 ⋅ Andrea Fortuna's Blog ⋅ Andrea Fortuna
How to detect Brute Ratel activities
Brute Ratel C4

2023-02-23 ⋅ ESET Research ⋅ Vladislav Hrčka
WinorDLL64: A backdoor from the vast Lazarus arsenal?
WinorDLL64

2023-02-23 ⋅ CERT.PL ⋅ Jarosław Jedynak, Michał Praszmo
A tale of Phobos - how we almost cracked a ransomware using CUDA
Phobos

2023-02-23 ⋅ Jamf Blog ⋅ Ferdous Saljooki, Jaron Bradley, Matt Benyo
Evasive cryptojacking malware targeting macOS found lurking in pirated applications

2023-02-23 ⋅ Arctic Wolf ⋅ Markus Neis, Ross Phillips, Seth Battles, Steven Campbell
Getting Dumped: A Trust Relationship Destroyed by Lorenz
Lorenz

2023-02-22 ⋅ SOC Prime ⋅ Daryna Olyniychuk
New Phishing Attack Detection Attributed to the UAC-0050 and UAC-0096 Groups Spreading Remcos Spyware
Remcos UAC-0050

2023-02-22 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia
Cobalt Strike

2023-02-22 ⋅ Bitdefender ⋅ Bitdefender
S1deload Stealer – Exploring the Economics of Social Network Account Hijacking

2023-02-21 ⋅ Sekoia ⋅ Livia Tibirna, Maxime A, Sekoia TDR
One Year After: The Cyber Implications of the Russo-Ukrainian War
Callisto

2023-02-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the group UAC-0050 (UAC-0096) using the Remcos program (CERT-UA#6011)
Remcos UAC-0050

2023-02-21 ⋅ Zscaler ⋅ Nikolaos Pantazopoulos, Sarthak Misraa
Technical Analysis of Rhadamanthys Obfuscation Techniques
Rhadamanthys

2023-02-21 ⋅ SecurityIntelligence ⋅ Ruben Boonen
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
FudModule

2023-02-20 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1
Stealc

2023-02-20 ⋅ 0xToxin Labs ⋅ @0xToxin
Vidar Stealer H&M Campaign
Vidar

2023-02-20 ⋅ Trendmicro ⋅ Byron Gelera, Ivan Nicole Chavez, Nathaniel Morales
Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers
Royal Ransom Royal Ransom

2023-02-20 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 12: encrypt payload via TEA. Simple C++ example.

2023-02-19 ⋅ Medium System Weakness ⋅ Lena (LambdaMamba)
Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS
Roaming Mantis

2023-02-19 ⋅ Geeky Panda Tales ⋅ GeekyPanda
The Infostealer Pie: Python Malware Analysis
Venus Stealer