Malpedia Library

Click here to download all references as Bib-File.•

2022-07-21 ⋅ Censys ⋅ Matt Lembright
Russian Ransomware C2 Network Discovered in Censys Data
DeimosC2 PoshC2

2022-07-21 ⋅ Blackberry ⋅ Mark Stevens, Rocky De Wiest
The 13 Deadly Sins of APT Incident Response — Part 1

2022-07-21 ⋅ AhnLab ⋅ ASEC
Amadey Bot Being Distributed Through SmokeLoader
Amadey SmokeLoader

2022-07-21 ⋅ cocomelonc
Malware development tricks. Run shellcode like a Lazarus Group. C++ example.

2022-07-21 ⋅ Silentpush ⋅ Silent Push
It’s time to close the door on open directories

2022-07-21 ⋅ Avast Decoded ⋅ Jan Vojtěšek
The Return of Candiru: Zero-days in the Middle East
Caramel Tsunami

2022-07-21 ⋅ Talos ⋅ Talos
Attackers target Ukraine using GoMet backdoor
GoMet

2022-07-21 ⋅ ⋅ Cert-AgID ⋅ Cert-AgID
Tecniche per semplificare l’analisi del malware GuLoader
CloudEyE

2022-07-21 ⋅ Intezer ⋅ Ryan Robinson
Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware
Lightning Framework

2022-07-21 ⋅ Proofpoint ⋅ Bryan Campbell, Pim Trouerbach, Proofpoint Threat Research Team, Selena Larson
Buy, Sell, Steal, EvilNum Targets Cryptocurrency, Forex, Commodities
EVILNUM Evilnum

2022-07-21 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography

2022-07-21 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Jim Walter
LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques
LockBit

2022-07-21 ⋅ ⋅ ASEC ⋅ ASEC Analysis Team
Dissemination of AppleSeed to Specific Military Maintenance Companies
Appleseed

2022-07-21 ⋅ ASEC ⋅ ASEC Analysis Team
Malware Being Distributed by Disguising Itself as Icon of V3 Lite
Ave Maria

2022-07-20 ⋅ Securonix Threat Labs ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni/APT37 (North Korea) - Securonix
Konni Opal Sleet

2022-07-20 ⋅ Sophos ⋅ Colin Cowie, Gabor Szappanos
OODA: X-Ops Takes On Burgeoning SQL Server Attacks
Maoloa Remcos TargetCompany

2022-07-20 ⋅ Freebuf ⋅ Qi Anxin Threat Intelligence Center
Abused Slack Service: Analysis of APT29's Attack on Italy
Unidentified 098 (APT29 Slack Downloader)

2022-07-20 ⋅ ⋅ Qianxin ⋅ Red Raindrops Team
The Sidewinder (APT-Q-39) uses Google Play to spread an analysis of malicious Android software
SideWinder

2022-07-20 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Google Ads Lead to Major Malvertising Campaign

2022-07-20 ⋅ Trend Micro ⋅ Buddy Tancio, Erika Mendoza, Jessie Prevost, Joelson Soares, Nusrath Iqra
Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data