Malpedia Library

Click here to download all references as Bib-File.•

2022-07-12 ⋅ Fortinet ⋅ James Slaughter
Spoofed Saudi Purchase Order Drops GuLoader – Part 2
CloudEyE

2022-07-12 ⋅ Zscaler ⋅ Aditya Sharma, Tarun Dewan
Rise in Qakbot attacks traced to evolving threat techniques
QakBot

2022-07-12 ⋅ cyble ⋅ Cyble Research Labs
New Ransomware Groups On The Rise: “RedAlert,” LILITH And 0mega Leading A Wave Of Ransomware Campaigns
RedAlert Ransomware Lilith

2022-07-12 ⋅ Palo Alto Networks Unit 42 ⋅ Nadav Barak
ChromeLoader: New Stubborn Malware Campaign
ChromeBack

2022-07-11 ⋅ Twitter (@cglyer) ⋅ Christopher Glyer
Tweet on LAPSUS$/DEV-0537
Storm-0829

2022-07-11 ⋅ ASEC ⋅ ASEC
AppleSeed Disguised as Purchase Order and Request Form Being Distributed
Appleseed

2022-07-11 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 attack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4941)
Cobalt Strike

2022-07-11 ⋅ BBC ⋅ Joe Tidy
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Predatory Sparrow

2022-07-11 ⋅ The DFIR Report ⋅ The DFIR Report
SELECT XMRig FROM SQLServer
Bondnet

2022-07-11 ⋅ Soc Investigation ⋅ BalaGanesh
Threat Actors Delivers New Rozena backdoor with Follina Bug – Detection & Response
Rozena

2022-07-11 ⋅ Security Affairs ⋅ Pierluigi Paganini
Anubis Networks is back with new C2 server
Anubis

2022-07-10 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Anubis Network is back with new C2 server

2022-07-10 ⋅ Minerva Labs ⋅ Natalie Zargarov
Lockbit 3.0 AKA Lockbit Black is here, with a new icon, new ransom note, new wallpaper, but less evasiveness?
LockBit

2022-07-09 ⋅ spookysec ⋅ Ronnie
Analyzing a Brute Ratel Badger
Brute Ratel C4

2022-07-09 ⋅ Artik Blue ⋅ Artik Blue
Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)
Dridex

2022-07-08 ⋅ K7 Security ⋅ Harihara Sudhan
Beware of Root Certs in VPN

2022-07-08 ⋅ MalwareBookReports ⋅ muzi
CRULOADER: ZERO2AUTO
CruLoader

2022-07-08 ⋅ Sekoia ⋅ sekoia
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty Zeppelin

2022-07-08 ⋅ ⋅ Cert-AgID ⋅ Cert-AgID
Il malware EnvyScout (APT29) è stato veicolato anche in Italia
EnvyScout Unidentified 098 (APT29 Slack Downloader)

2022-07-08 ⋅ Sekoia ⋅ Threat & Detection Research Team
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty