Malpedia Library

Click here to download all references as Bib-File.•

2022-09-30 ⋅ Yoroi ⋅ Carmelo Ragusa, Luigi Martire
Dissecting BlueSky Ransomware Payload
BlueSky

2022-09-29 ⋅ Microsoft ⋅ LinkedIn Threat Prevention and Defense, Microsoft Security Threat Intelligence
ZINC weaponizing open-source software
BLINDINGCAN CLOUDBURST miniBlindingCan

2022-09-29 ⋅ BleepingComputer ⋅ Lawrence Abrams
New Royal Ransomware emerges in multi-million dollar attacks
Royal Ransom

2022-09-29 ⋅ Team Cymru ⋅ S2 Research Team
Seychelles, Seychelles, on the C(2) Shore: An overview of a bulletproof hosting provider named ELITETEAM.
Amadey Raccoon RedLine Stealer SmokeLoader STOP

2022-09-29 ⋅ NTT ⋅ NTT Security Holdings Corporation
Report on APT Attacks by BlackTech
Bifrost PLEAD TSCookie Flagpro Gh0stTimes SelfMake Loader SPIDERPIG RAT

2022-09-29 ⋅ ⋅ GTSC ⋅ GTSC SECURITY TEAM
Warning Campaign Attack Using Zero Day Vulnerability on Microsoft Exchange Server

2022-09-29 ⋅ Reuters ⋅ Bozorgmehr Sharafedin, Joel Schectman
America’s Throwaway Spies How the CIA failed Iranian informants in its secret war with Tehran

2022-09-29 ⋅ Symantec ⋅ Threat Hunter Team
Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East
CHINACHOPPER Lookback MimiKatz PlugX Unidentified 096 (Keylogger) x4 Witchetty

2022-09-29 ⋅ Mandiant ⋅ Alexander Marvi, Greg Blaum
Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors

2022-09-29 ⋅ Mandiant ⋅ Alexander Marvi, Jeremy Koppen, Jonathan Lepore, Tufail Ahmed
Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors
UNC3886

2022-09-29 ⋅ Perception Point ⋅ Igal Lytzki
Doenerium: It’s Not a Crime to Steal From Thieves
doenerium

2022-09-28 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Securonix Threat Labs Security Advisory: Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors

2022-09-28 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Twitter Thread linking CloudMensis to RokRAT / ScarCruft
CloudMensis RokRAT

2022-09-28 ⋅ vmware ⋅ Giovanni Vigna
ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil

2022-09-28 ⋅ Lumen ⋅ Black Lotus Labs
Chaos Is A Go-Based Swiss Army Knife Of Malware
Chaos Kaiji

2022-09-28 ⋅ Recorded Future ⋅ Insikt Group®
1 KEY FOR 1 LOCK: The Chinese Communist Party’s Strategy for Targeted Propaganda

2022-09-28 ⋅ Kaspersky ⋅ GReAT
Prilex: the pricey prickle credit card complex

2022-09-28 ⋅ Barracuda ⋅ Tushar Richabadas
Threat Spotlight: Continuing attacks on Atlassian Confluence zero day

2022-09-28 ⋅ Gigamon ⋅ Pavle Culum, Roman Kroshinsky
Investigating Web Shells
Godzilla Webshell Behinder

2022-09-28 ⋅ ArrowRAT ⋅ ArrowRat
ArrowRat
ArrowRAT