Malpedia Library

Click here to download all references as Bib-File.•

2024-05-10 ⋅ CISA ⋅ CISA
AA24-131A: #StopRansomware: Black Basta
Black Basta Black Basta

2024-04-30 ⋅ 0x0d4y ⋅ 0x0d4y
Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement?
Latrodectus

2024-04-19 ⋅ YouTube (Decipher) ⋅ Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant

2024-04-16 ⋅ Mandiant ⋅ Alden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm

2024-04-09 ⋅ Claroty ⋅ Team82
Unpacking the Blackjack Group's Fuxnet Malware
BlackJack

2024-03-22 ⋅ Mandiant ⋅ Dan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER

2024-02-13 ⋅ Proofpoint ⋅ Axel F, Selena Larson
Bumblebee Buzzes Back in Black
BumbleBee

2024-02-07 ⋅ Lumen ⋅ Black Lotus Labs
KV-Botnet: Don’t call it a Comeback
KV

2024-01-29 ⋅ SonicWall ⋅ Security News
Blackwood APT Group Has a New DLL Loader
NSPX30 Blackwood

2024-01-12 ⋅ Mandiant ⋅ Dimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178

2024-01-09 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira

2023-12-13 ⋅ Lumen ⋅ Black Lotus Labs
Routers Roasting on an Open Firewall: the KV-botnet Investigation
KV

2023-12-11 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT

2023-12-08 ⋅ Security Intelligence ⋅ Claire Zaboeva, Golo Mühr, Joe Fasulo
ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware
Headlace

2023-11-30 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team, Dmitry Bestuzhev
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry
AeroBlade

2023-11-20 ⋅ PWC ⋅ Sveva Vittoria Scenarelli
King of Thieves: Black Alicanto and the Ecosystem of North Korea-Based Cyber Operations
RustBucket CageyChameleon RustBucket

2023-11-16 ⋅ The Register ⋅ Connor Jones
BlackCat plays with malvertising traps to lure corporate victims
BlackCat

2023-11-16 ⋅ YouTube (Swiss Cyber Storm) ⋅ Angelo Violetti
Resilience Rising: Countering the Threat Actors Behind Black Basta Ransomware
Black Basta

2023-11-14 ⋅ Lumen ⋅ Black Lotus Labs
Taking The Elevator Down To Ring 0
Elevator

2023-11-06 ⋅ VMWare Carbon Black ⋅ Abe Schneider, Alan Ngo, Bria Beathley, Swee Lai Lee
Jupyter Rising: An Update on Jupyter Infostealer
solarmarker