Malpedia Library

Click here to download all references as Bib-File.•

2025-04-25 ⋅ Twitter (@teamcymru_S2) ⋅ TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure

2025-03-31 ⋅ Wiz.io ⋅ Avigayil Mechtinger, Gili Tikochinski, Yaara Shriki
CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims
JINX-0126

2025-03-10 ⋅ Cybershafarat ⋅ Treadstone 71
DieNet and #Shiite_Harvest claimed responsibility for disabling ten significant Iraqi websites
DieNet

2025-01-28 ⋅ Twitter (@anyrun_app) ⋅ ANY.RUN
Tweet on Linux version of SystemBC
SystemBC

2025-01-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet about affiliates of DarkScorpius using Social Engineering via MS Teams
UNC4393

2024-12-13 ⋅ Medium 0x_b0mb3r ⋅ Louis Schürmann
Technical Analysis: Magecart Skimmer
magecart

2024-11-04 ⋅ Medium (@DCSO_CyTec) ⋅ Denis Szadkowski, Johann Aydinbas, Maike Orlikowski, Paul van Ramesdonk
Unransomware: From Zero to Full Recovery in a Blink
Akira

2024-10-16 ⋅ nao_sec ⋅ nao_sec
IcePeony with the '996' work culture
IceCache IceEvent IcePeony

2024-10-01 ⋅ raw-data memdumps ⋅ _raw_data_
BugSleep network protocol reversing
bugsleep

2024-09-03 ⋅ Twitter (@embee_research) ⋅ Embee_research
Advanced Cyberchef Techniques - Defeating Nanocore Obfuscation With Math and Flow Control
Nanocore RAT

2024-08-19 ⋅ Aquasec ⋅ Assaf Morag
PG_MEM: A Malware Hidden in the Postgres Processes
PG_MEM XMRIG JINX-0126

2024-08-04 ⋅ Twitter (@embee_research) ⋅ Embee_research
Decoding a Cobalt Strike Downloader Script With CyberChef
Cobalt Strike

2024-07-24 ⋅ Radware ⋅ Radware
Six-day, 14.7 Million RPS Web DDoS Attack Campaign Attributed to SN_BLACKMETA
Blackmeta

2024-07-22 ⋅ Censys ⋅ Censys, Embee_research
A Beginner’s Guide to Hunting Malicious Open Directories
Cobalt Strike Lumma Stealer Vidar

2024-07-01 ⋅ Speakerdeck (takahiro_haruyama) ⋅ Takahiro Haruyama
The Art of Malware C2 Scanning - How to Reverse and Emulate Protocol Obfuscated by Compiler
DOPLUGS Hodur

2024-06-10 ⋅ The Hacker News ⋅ Ravie Lakshmanan
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack
More_eggs

2024-05-23 ⋅ Twitter (@embee_research) ⋅ Embee_research
Tracking APT SideWinder With DNS Records
SideWinder

2024-05-21 ⋅ Twitter (@embee_research) ⋅ Embee_research
Tweets on decoding a Latrodectus loader
Latrodectus

2024-05-15 ⋅ Twitter (@embee_research) ⋅ Embee_research
Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia

2024-04-29 ⋅ Twitter (@sekoia_io) ⋅ sekoia
@sekoia_io's tweet about the (not so) new infostealer, named ACR Stealer
ACR Stealer