Malpedia Library

2020-11-30 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Threat actor (BISMUTH) leverages coin miner techniques to stay under the radar – here’s how to spot them
Cobalt Strike

2020-11-27 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
Dissecting APT21 samples using a step-by-step approach
NetTraveler

2020-11-27 ⋅ ⋅ Macnica ⋅ Hiroshi Takeuchi
Analyzing Organizational Invasion Ransom Incidents Using Dtrack
Cobalt Strike Dtrack

2020-11-27 ⋅ Objective-See ⋅ Patrick Wardle
Adventures in Anti-Gravity (Part II) Deconstructing the Mac Variant of GravityRAT

2020-11-27 ⋅ Trend Micro ⋅ Luis Magisa, Steven Du
New MacOS Backdoor Connected to OceanLotus Surfaces
OceanLotus APT32

2020-11-27 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
Threat Actor: Unkown
Unidentified JS 004

2020-11-27 ⋅ PTSecurity ⋅ Alexey Vishnyakov, Denis Goydenko
Investigation with a twist: an accidental APT attack and averted data destruction
TwoFace CHINACHOPPER HyperBro MegaCortex MimiKatz

2020-11-27 ⋅ HP ⋅ Alex Holland
Aggah Campaign’s Latest Tactics: Victimology, PowerPoint Dropper and Cryptocurrency Stealer
Agent Tesla

2020-11-26 ⋅ Medium Sebdraven ⋅ Sébastien Larinier
Actor behind Operation LagTime targets Russia
nccTrojan

2020-11-26 ⋅ Arch Cloud Labs ⋅ ArchCloud
Tracking Cryptocurrency Malware in The Homelab

2020-11-26 ⋅ SUCURI ⋅ Luke Leal
Hackers Love Expired Domains

2020-11-25 ⋅ Uptycs ⋅ Abhijit Mohanta, Shilpesh Trivedi
Warzone RAT comes with UAC bypass technique
Ave Maria

2020-11-25 ⋅ Avanan ⋅ Michael Landewe
Microsoft Teams: New Attack Form Almost Takes Down Global Financial Institution

2020-11-24 ⋅ Congressional Research Service ⋅ Congressional Research Service
Russian Military Intelligence: Background and Issues for Congress

2020-11-24 ⋅ 360 netlab ⋅ JiaYu
Blackrota, a heavily obfuscated backdoor written in Go
Blackrota

2020-11-24 ⋅ Intezer ⋅ Avigayil Mechtinger
Stantinko’s Proxy After Your Apache Server
Stantinko

2020-11-23 ⋅ Youtube (OWASP DevSlop) ⋅ Negar Shabab, Noushin Shabab
Compromised Compilers - A new perspective of supply chain cyber attacks
ShadowPad

2020-11-22 ⋅ FireEye ⋅ Yihao Lim
Election Cyber Threats in the Asia-Pacific Region

2020-11-22 ⋅ Irshad's Blog ⋅ Irshad Muhammad
Analyzing an Emotet Dropper and Writing a Python Script to Statically Unpack Payload.
Emotet

2020-11-20 ⋅ 360 ⋅ kate
360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico
BBtok