Malpedia Library

Click here to download all references as Bib-File.•

2023-07-21 ⋅ Mandiant ⋅ Doug Bienstock, Foti Castelan, James Nugent, Josh Murchie, Justin Moore
Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519)

2023-07-19 ⋅ Lookout ⋅ Justin Albrecht, Kristina Balaam
Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41
DragonEgg WyrmSpy

2023-06-02 ⋅ Mandiant ⋅ DAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft

2023-04-27 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht, Kyle Schmittle, Paul Shunk
Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy
DAAM

2023-04-19 ⋅ Microsoft ⋅ Justin Warner, Microsoft Threat Intelligence Center (MSTIC)
Exploring STRONTIUM's Abuse of Cloud Services
FusionDrive

2023-01-22 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht, Kristina Balaam, Ruohan Xiong
BadBazaar: iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs
badbazaar

2022-12-13 ⋅ Margin Research ⋅ Justin Sherman
Analyzing Russian SDK Pushwoosh and Russian Code Contributions

2022-11-18 ⋅ Atlantic Council ⋅ Justin Sherman
GRU 26165: The Russian cyber unit that hacks targets on-site
EternalPetya

2022-06-16 ⋅ Justin Albrecht, Paul Shunk
Lookout Uncovers Android Spyware Deployed in Kazakhstan
Hermit

2022-06-16 ⋅ Lookout ⋅ Justin Albrecht, Paul Shunk
Lookout Uncovers Android Spyware Deployed in Kazakhstan

2022-05-25 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Byron Gelera, McJustine De Guzman, Warren Sto.Tomas
New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

2022-05-05 ⋅ Cisco Talos ⋅ Aliza Berk, Asheer Malhotra, Jung soo An, Justin Thattil, Kendall McKay
Mustang Panda deploys a new wave of malware targeting Europe
Cobalt Strike Meterpreter PlugX PUBLOAD

2022-03-29 ⋅ Cisco Talos ⋅ Asheer Malhotra, Justin Thattil, Kendall McKay
Transparent Tribe campaign uses new bespoke malware to target Indian government officials
Crimson RAT

2022-01-09 ⋅ Twitter (@sixdub) ⋅ Justin Warner
Tweet on malicious document used by Gamaredon aka DEV-0157

2021-12-08 ⋅ Darktrace ⋅ Justin Fier
The double extortion business: Conti Ransomware Gang finds new avenues of negotiation
Conti

2021-09-23 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil, Vanja Svajcer
Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs
Ave Maria NetWire RC

2021-07-15 ⋅ Kryptos Logic ⋅ Kryptos Logic Vantage Team
Adjusting the Anchor
Anchor

2021-07-07 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal (Network IOCs)
AllaKore Lilith NjRAT

2021-07-07 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal (IOCs)
AllaKore Lilith NjRAT

2021-07-07 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore Lilith NjRAT