Malpedia Library

Click here to download all references as Bib-File.•

2021-01-07 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
TA551: Email Attack Campaign Switches from Valak to IcedID
IcedID

2021-01-07 ⋅ Twitter (@campuscodi) ⋅ Catalin Cimpanu
Tweet on London's Hackney Council attacked by Pysa/Mespinoza ransomware
Mespinoza

2021-01-06 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hackers start exploiting the new backdoor in Zyxel devices

2021-01-06 ⋅ Trend Micro ⋅ Leandro Froes
Expanding Range and Improving Speed: A RansomExx Approach
RansomEXX

2021-01-06 ⋅ DomainTools ⋅ Joe Slowik
Holiday Bazar: Tracking a TrickBot-Related Ransomware Incident
BazarBackdoor TrickBot

2021-01-06 ⋅ QuoIntelligence ⋅ QuoIntelligence
ReconHellcat Uses NIST Theme as Lure To Deliver New BlackSoul Malware
BlackSoul

2021-01-05 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
[Threat Analysis] CLOP Ransomware that Attacked Korean Distribution Giant
Clop

2021-01-05 ⋅ Lacework Labs ⋅ Lacework Labs
TeamTNT Builds Botnet from Chinese Cloud Servers
TeamTNT TNTbotinger TeamTNT

2021-01-05 ⋅ Intezer ⋅ Avigayil Mechtinger
Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets
ElectroRAT

2021-01-05 ⋅ ⋅ Sangfor ⋅ Clairvoyance Safety Laboratory
Red team's perspective on the TTPs in Sunburst's backdoor
SUNBURST

2021-01-05 ⋅ ⋅ Sangfor ⋅ Clairvoyance Safety Laboratory
Attack from Mustang Panda? My rabbit is back!
NjRAT

2021-01-05 ⋅ Trend Micro ⋅ Trend Micro Research
Earth Wendigo Injects JavaScript Backdoor to Service Worker for Mailbox Exfiltration
Cobalt Strike Earth Wendigo

2021-01-04 ⋅ ⋅ NSFOCUS ⋅ NSFOCUS
Steganography, Little Fire Dragon and AGENTVX: A Detailed Analysis of APT Organization EVILNUM's New Attack Activities
EVILNUM

2021-01-04 ⋅ Bleeping Computer ⋅ Ionut Ilascu
China's APT hackers move to ransomware attacks
Clambling PlugX

2021-01-04 ⋅ KELA ⋅ Almog Zoosman, Victoria Kivilevich
Darknet Threat Actors Are Not Playing Games with the Gaming Industry
REvil

2021-01-03 ⋅ ⋅ EST Security ⋅ Alyac
Thallium organization exploits private stock investment messenger to attack software supply chain

2021-01-02 ⋅ The Wall Street Journal ⋅ Georgi Kantchev, Warren Strobel
How Russia’s ‘Info Warrior’ Hackers Let Kremlin Play Geopolitics on the Cheap

2021-01-02 ⋅ The New York Times ⋅ David E. Sanger, Julian E. Barnes, Nicole Perlroth
As Understanding of Russian Hacking Grows, So Does Alarm

2021-01-01 ⋅ AWAKE ⋅ Awake Security
Breaking the Ice: Detecting IcedID and Cobalt Strike Beacon with Network Detection and Response (NDR)
Cobalt Strike IcedID PhotoLoader

2021-01-01 ⋅ lodestone ⋅ Lodestone
White Rabbit Ransomware and the F5 Backdoor