Malpedia Library

Click here to download all references as Bib-File.•

2024-10-29 ⋅ RedPacket Security ⋅ RedPacket Security
[APT73] – Ransomware Victim: www[.]legilog[.]fr
APT73

2024-10-29 ⋅ RedPacket Security ⋅ RedPacket Security
https://www.redpacketsecurity.com/apt73-ransomware-victim-sokkakreatif-com/
APT73

2024-10-29 ⋅ cyble ⋅ Cyble
Phishing Campaign Targeting Ukraine: UAC-0215 Threatens National Security
UAC-0215

2024-10-29 ⋅ DailyDarkWeb ⋅ DailyDarkWeb
DarkRaas Allegedly Breached a Major Oil and Gas Company
DarkRaaS

2024-10-29 ⋅ ⋅ Macnica ⋅ Hiroshi Takeuchi
Job Offer from the North: Contagious Interview for Software Developers
BeaverTail InvisibleFerret

2024-10-27 ⋅ CyberSecurityNews ⋅ Do Son
Shahid Hemmat Hackers: $10M Reward Offered by US
Shahid Hemmat

2024-10-25 ⋅ Bitdefender ⋅ Graham Clueley
US offers $10 million bounty for members of Iranian hacking gang
Shahid Hemmat

2024-10-24 ⋅ RedPacket Security ⋅ RedPacket Security
[APT73] – Ransomware Victim: hpecds[.]com
APT73

2024-10-24 ⋅ RedPacket Security ⋅ RedPacket Security
[APT73] – Ransomware Victim: modplan[.]co[.]uk
APT73

2024-10-24 ⋅ RedPacket Security ⋅ RedPacket Security
[APT73] – Ransomware Victim: mgfsourcing[.]com
APT73

2024-10-24 ⋅ Seqrite ⋅ Subhajeet Singha
Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan
Cobalt Strike Operation Cobalt Whisper

2024-10-24 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Accounts in service UAC-0218: file theft using HOMESTEEL (CERT-UA#11717)
HOMESTEEL UAC-0215

2024-10-24 ⋅ Datadog ⋅ Datadog
Tenacious Pungsan: A DPRK threat actor linked to Contagious Interview
BeaverTail InvisibleFerret

2024-10-24 ⋅ Arctic Wolf ⋅ Akshay Suthar, Stefan Hostetler, Steven Campbell
Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN
Akira Akira

2024-10-24 ⋅ Hunt.io ⋅ Hunt.io
Rekoobe Backdoor Discovered in Open Directory, Possibly Targeting TradingView Users
Rekoobe

2024-10-23 ⋅ ThreatBook ⋅ ThreatBook
Lazarus' Espionage-related Cryptocurrency Activities Remain Active, With A Significant Amount of Assets Still in Circulation

2024-10-23 ⋅ ANY.RUN ⋅ ANY.RUN, Mostafa ElSheimy
DarkComet RAT: Technical Analysis of Attack Chain
DarkComet

2024-10-23 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Highlighting TA866/Asylum Ambuscade Activity Since 2021
WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie

2024-10-23 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Threat Spotlight: WarmCookie/BadSpace
Cobalt Strike csharp-streamer RAT WarmCookie

2024-10-22 ⋅ Silent Push ⋅ Silent Push
Triad Nexus: Silent Push exposes FUNNULL CDN hosting DGA domains for suspect Chinese gambling sites, investment scams, a retail phishing campaign, and a polyfill.io supply chain attack impacting 110,000+ sites