Malpedia Library

Click here to download all references as Bib-File.•

2022-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, Elies Campo, Gözde Böcü, John Scott-Railton, Ron Deibert, Salvatore Solimano, Siena Anstis
CatalanGate Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
Chrysaor Caramel Tsunami

2022-04-18 ⋅ Trellix ⋅ Alexandre Mundo, Jambul Tologonov, Marc Elias
Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Conti

2022-04-15 ⋅ Center for Internet Security ⋅ CIS
Top 10 Malware March 2022
Mirai Shlayer Agent Tesla Ghost RAT Nanocore RAT SectopRAT solarmarker Zeus

2022-04-12 ⋅ Check Point ⋅ Check Point Research
March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance
Alien FluBot Agent Tesla Emotet

2022-04-05 ⋅ CitizenLab ⋅ Bill Marczak, CitizenLab, Front Line Defenders, Mohammed Al-Maskati, Ron Deibert, Siena Anstis
Peace through Pegasus Jordanian Human Rights Defenders and Journalists Hacked with Pegasus Spyware
Chrysaor

2022-03-28 ⋅ Trellix ⋅ Marc Elias, Max Kersten
PlugX: A Talisman to Behold
PlugX

2022-03-25 ⋅ GOV.UA ⋅ State Service of Special Communication and Information Protection of Ukraine (CIP)
Who is behind the Cyberattacks on Ukraine's Critical Information Infrastructure: Statistics for March 15-22
Xloader Agent Tesla CaddyWiper Cobalt Strike DoubleZero GraphSteel GrimPlant HeaderTip HermeticWiper IsaacWiper MicroBackdoor Pandora RAT

2022-03-10 ⋅ BrightTALK (Kaspersky GReAT) ⋅ Costin Raiu, Dan Demeter, Ivan Kwiatkowski, Kurt Baumgartner, Marco Preuss
BrightTALK: A look at current cyberattacks in Ukraine
HermeticWiper HermeticWizard IsaacWiper PartyTicket WhisperGate

2022-03-10 ⋅ Cisco Talos ⋅ Chris Neal
WEDNESDAY, MARCH 9, 2022 Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools

2022-03-09 ⋅ BreachQuest ⋅ Bernard Silvestrini, Marco Figueroa, Napoleon Bing
The Conti Leaks | Insight into a Ransomware Unicorn
Cobalt Strike MimiKatz TrickBot

2022-03-01 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
DiskKill/HermeticWiper and NotPetya (Dis)similarities
EternalPetya HermeticWiper

2022-02-22 ⋅ USENIX ⋅ Andrea Marcelli, Davide Balzarotti, Mariano Graziano, Mohamad Mansouri, Xabier Ugarte-Pedrero, Yanick Fratantonio
How Machine Learning Is Solving the Binary Function Similarity Problem

2022-02-17 ⋅ Trellix ⋅ Christiaan Beek, Marc Elias
Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes
Empire Downloader

2022-02-14 ⋅ ⋅ DR.DK ⋅ Allan Nisgaard, Ingeborg Munk Toft, Kenrik Moltke, Marcel Mirzaei-Fard
Var tæt på at slukke tusindvis af vindmøller: Nu fortæller Vestas om cyberangreb
LockBit

2022-01-25 ⋅ Trellix ⋅ Alexandre Mundo, Christiaan Beek, Leandro Velasco, Marc Elias, Max Kersten
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
Graphite

2022-01-25 ⋅ ESET Research ⋅ Anton Cherepanov, Marc-Etienne M.Léveillé
Watering hole deploys new macOS malware, DazzleSpy, in Asia

2021-12-31 ⋅ ⋅ CERT.PL ⋅ Marcin Dudek, Michał Praszmo
IKO activation - Malware campaign
Coper

2021-12-16 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware
Chrysaor Caramel Tsunami

2021-12-10 ⋅ Mississippi State University ⋅ DeMarcus M. Thomas Sr.
Detecting malware in memory with memory object relationships

2021-11-17 ⋅ MalwareTech ⋅ Marcus Hutchins
An in-depth look at hacking back, active defense, and cyber letters of marque