Malpedia Library

Click here to download all references as Bib-File.•

2021-12-03 ⋅ vmware ⋅ VMWare
TigerRAT – Advanced Adversaries on the Prowl
Tiger RAT

2021-12-03 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
IcedID

2021-12-02 ⋅ FBI ⋅ FBI
CU-000156-MW: Indicators of Compromise Associated with Cuba Ransomware
Cuba

2021-12-02 ⋅ Google ⋅ Google Threat Analysis Group, Shane Huntley
TAG Bulletin: Q4 2021

2021-12-02 ⋅ Cisco ⋅ Tiago Pereira
Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension
Azorult RedLine Stealer

2021-12-02 ⋅ ⋅ AhnLab ⋅ ASEC Analysis Team
Spreading AgentTesla through more sophisticated malicious PPT
Agent Tesla

2021-12-02 ⋅ Malwarebytes ⋅ Hossein Jazi, Threat Intelligence Team
SideCopy APT: Connecting lures to victims, payloads to infrastructure
SideCopy

2021-12-02 ⋅ Microsoft ⋅ Microsoft Threat Experts
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense

2021-12-02 ⋅ lacework ⋅ Lacework Labs
ABC Botnet Attacks on the Rise
Abcbot

2021-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ Peter Renals, Robert Falcone
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
Godzilla Webshell

2021-12-01 ⋅ ⋅ ThreatBook ⋅ ThreatBook
The Lazarus Group suspected of expanding its arsenal? The hackers target aviation industry and researchers
AnchorMTea

2021-12-01 ⋅ Symantec ⋅ Symantec Threat Hunter Team
The Threat Landscape in 2021

2021-12-01 ⋅ ⋅ ID Ransomware ⋅ Andrew Ivanov
BlackCat Ransomware
BlackCat

2021-12-01 ⋅ RiskIQ ⋅ Jordan Herman
Bulletproof Hosting Services: Investigating Shinjiru Technology Sdn Bhd

2021-12-01 ⋅ ESET Research ⋅ Alexis Dorais-Joncas, Facundo Muñoz
Jumping the air gap: 15 years of nation‑state effort
Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry

2021-12-01 ⋅ ⋅ Microstep Intelligence Bureau ⋅ Microstep Online Research Response Center
BlackTech, an East Asian hacking group, has launched attacks in sectors such as finance and education

2021-12-01 ⋅ Proofpoint ⋅ Michael Raggi
Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors

2021-12-01 ⋅ NCC Group ⋅ Michael Sandee, Nikolaos Pantazopoulos
Tracking a P2P network related to TA505
FlawedGrace Necurs

2021-11-30 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Yanluowang: Further Insights on New Ransomware Threat
BazarBackdoor Cobalt Strike FiveHands

2021-11-30 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Cyberspace's Magic Eye: PROMETHIUM Fakes attack activity analysis of NotePads and installation packages
StrongPity