Malpedia Library

Click here to download all references as Bib-File.•

2023-09-07 ⋅ CISA ⋅ CISA
MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors
WHIRLPOOL

2023-08-29 ⋅ Mandiant ⋅ Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Michael Raggi
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
GhostEmperor

2023-07-28 ⋅ CISA ⋅ CISA
MAR-10454006-r2.v1 SEASPY Backdoor
SEASPY

2023-07-28 ⋅ CISA
MAR-10454006-r1.v2 SUBMARINE Backdoor

2023-07-28 ⋅ CISA ⋅ CISA
CISA Releases Malware Analysis Reports on Barracuda Backdoors
SEASPY

2023-07-24 ⋅ Mandiant ⋅ Austin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor

2023-07-06 ⋅ CISA ⋅ CISA
Increased Truebot Activity Infects U.S. and Canada Based Networks
Silence

2023-06-15 ⋅ Mandiant ⋅ Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841

2023-06-14 ⋅ CISA ⋅ ANSSI, Australian Cyber Security Centre (ACSC), Bundesamt für Sicherheit in der Informationstechnik (BSI), Canadian Centre for Cyber Security (CCCS), CERT NZ, FBI, MS-ISAC, NCSC UK, New Zealand National Cyber Security Centre (NZ NCSC)
Understanding Ransomware Threat Actors: Lockbit
LockBit

2023-06-02 ⋅ Mandiant ⋅ DAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft

2023-05-24 ⋅ CISA ⋅ CISA
AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

2023-05-09 ⋅ CISA ⋅ CISA
Hunting Russian Intelligence “Snake” Malware
Agent.BTZ Cobra Carbon System Uroburos

2023-04-18 ⋅ NCSC UK ⋅ CISA, FBI, NCSC UK, NSA
APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers

2023-03-30 ⋅ United States District Court (Eastern District of New York) ⋅ Fortra, HEALTH-ISAC, Microsoft
Cracked Cobalt Strike (1:23-cv-02447)
Black Basta BlackCat LockBit RagnarLocker LockBit Black Basta BlackCat Cobalt Strike Cuba Emotet LockBit Mount Locker PLAY QakBot RagnarLocker Royal Ransom Zloader

2023-03-09 ⋅ VulnCheck ⋅ Jacob Baines
The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries

2023-03-02 ⋅ CISA ⋅ CISA
#StopRansomware: Royal Ransomware
Royal Ransom Royal Ransom

2023-02-15 ⋅ CERT-EU ⋅ CERT-EU, ENISA
JP-23-01 - Sustained activity by specific threat actors

2023-02-09 ⋅ CISA ⋅ CISA
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Maui Ransomware SiennaBlue SiennaPurple Storm-0530

2023-02-09 ⋅ CISA, DSA, FBI, HHS, NSA, ROK
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot

2023-01-24 ⋅ DailySecU ⋅ Gil Min-kwon
[Urgent] A Chinese hacker organization that declared hacking war on Korea..."KISA will hack" notice