Malpedia Library

Click here to download all references as Bib-File.•

2025-04-29 ⋅ ⋅ France Diplomatie ⋅ France Diplomatie
Russia – Assignment of cyber attacks against France to the Russian military intelligence service (APT28) (29 April 2025)

2025-04-25 ⋅ Censys ⋅ Censys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ Intel 471 ⋅ Intel 471
LabHost: A defunct but potent phishing service

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-03-28 ⋅ ThreatFabric ⋅ ThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Crocodilus

2025-03-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Black Basta

2025-02-28 ⋅ Greynoise ⋅ Noah Stone
New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran
Mirai

2025-02-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Storm-2372 conducts device code phishing campaign
Storm-2372

2025-02-13 ⋅ Volexity ⋅ Charlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication

2025-02-13 ⋅ Recorded Future ⋅ Insikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor

2025-02-12 ⋅ The Hacker News ⋅ Ravie Lakshmanan
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

2025-01-28 ⋅ Group-IB ⋅ Nikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx

2025-01-22 ⋅ ESET Research ⋅ Facundo Muñoz
PlushDaemon compromises supply chain of Korean VPN service
SlowStepper PlushDaemon

2025-01-13 ⋅ Halcyon ⋅ Halcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger

2024-12-19 ⋅ Bleeping Computer ⋅ Bill Toulas
BadBox malware botnet infects 192,000 Android devices despite disruption
BADBOX

2024-12-13 ⋅ Bleeping Computer ⋅ Bill Toulas
Germany blocks BadBox malware loaded on 30,000 Android devices
BADBOX

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-05 ⋅ Recorded Future ⋅ Insikt Group
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure