Malpedia Library

Click here to download all references as Bib-File.•

2022-07-08 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard
Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.

2022-07-08 ⋅ Blueliv ⋅ Jose Miguel Esparza
Ransomware as a Service: Behind the Scenes

2022-07-07 ⋅ SOCRadar ⋅ SOCRadar
Brute Ratel Utilized By Threat Actors In New Ransomware Operations
Brute Ratel C4

2022-07-07 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
YamaBot Malware Used by Lazarus
YamaBot

2022-07-07 ⋅ Fortinet ⋅ Erin Lin
Notable Droppers Emerge in Recent Threat Campaigns
BumbleBee Emotet PhotoLoader QakBot

2022-07-07 ⋅ IBM ⋅ Charlotte Hammond, Kat Weinberger, Ole Villadsen
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
AnchorMail BumbleBee Cobalt Strike IcedID Meterpreter

2022-07-07 ⋅ SANS ISC ⋅ Brad Duncan
Emotet infection with Cobalt Strike
Cobalt Strike Emotet

2022-07-07 ⋅ cyble ⋅ Cyble Research Labs
NoMercy Stealer Adding New Features: New Stealer Rapidly Evolving Into Clipper Malware

2022-07-07 ⋅ Cybereason ⋅ Cybereason Global SOC Team
THREAT ANALYSIS REPORT: LockBit 2.0 - All Paths Lead to Ransom
LockBit

2022-07-07 ⋅ Emsisoft ⋅ Emsisoft
AstraLocker decryptor
AstraLocker

2022-07-07 ⋅ Sentinel LABS ⋅ Tom Hegel
Targets of Interest - Russian Organizations Increasingly Under Attack By Chinese APTs
8.t Dropper Korlia Tonto Team

2022-07-07 ⋅ Aqua ⋅ Nitzan Yaakov
8220 Gang Deploys a New Campaign with Upgraded Techniques
Tsunami Water Sigbin

2022-07-07 ⋅ zimperium ⋅ Nipun Gupta
ABCsoup: The Malicious Adware Extension with 350 Variants

2022-07-07 ⋅ Cybereason ⋅ Loïc Castel
THREAT ALERT: Raspberry Robin Worm Abuses Windows Installer and QNAP Devices
Raspberry Robin

2022-07-06 ⋅ YouTube (IppSec) ⋅ IppSec
Reversing Malware How is APT 29 Successful w/ this Phishing Tech and BRc4 (Brute Ratel) opsec fails?
Brute Ratel C4

2022-07-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 cyberattack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4914)
Cobalt Strike

2022-07-06 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI
Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Maui Ransomware

2022-07-06 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI
CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)
Maui Ransomware

2022-07-06 ⋅ Cluster25 ⋅ Cluster25
LockBit 3.0: “Making The Ransomware Great Again”
LockBit

2022-07-06 ⋅ Medium s2wlab ⋅ HOTSAUCE | S2W TALON
变脸, Teng Snake (a.k.a. Code Core)
CodeCore Xiaoqiying