Malpedia Library

Click here to download all references as Bib-File.•

2022-04-12 ⋅ Sophos ⋅ Andrew Brandt, Angela Gunn, Ferenc László Nagy, Johnathan Fern, Linda Smith, Matthew Everts, Mauricio Valdivieso, Melissa Kelly, Peter Mackenzie, Sergio Bestulic
Attackers linger on government agency computers before deploying Lockbit ransomware
LockBit

2022-02-22 ⋅ Bankinfo Security ⋅ Matthew J. Schwartz
Cybercrime Moves: Conti Ransomware Absorbs TrickBot Malware
Conti TrickBot

2022-02-18 ⋅ Huntress Labs ⋅ Matthew Brennan
Hackers No Hashing: Randomizing API Hashes to Evade Cobalt Strike Shellcode Detection
Cobalt Strike

2022-02-15 ⋅ Sophos ⋅ Matthew Everts, Stephen McNally
Vulnerable Exchange server hit by Squirrelwaffle and financial fraud
Squirrelwaffle

2022-01-27 ⋅ CrowdStrike ⋅ Matthew Hartzell
Programs Hacking Programs: How to Extract Memory Information to Spot Linux Malware

2022-01-20 ⋅ BrightTALK (Mandiant) ⋅ John Hultquist, Matthew McWhirt
Anticipating and Preparing for Russian Cyber Activity

2022-01-18 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Bren Matthew Ebriega, Don Ovid Ladores, Mary Yambao
New Ransomware Spotted: White Rabbit and Its Evasion Tactics

2022-01-14 ⋅ Trend Micro ⋅ Bren Matthew Ebriega
Ransom.Win32.WHITERABBIT.YACAET
WhiteRabbit

2022-01-14 ⋅ Mandiant ⋅ Bryan Turner, Daniel Smith, Matthew McWhirt, Omar Toor
Proactive Preparation and Hardening to Protect Against Destructive Attacks

2021-12-15 ⋅ Mandiant ⋅ John Hultquist, Matthew McWhirt
Log4Shell Initial Exploitation and Mitigation Recommendations

2021-10-19 ⋅ Proofpoint ⋅ Axel F, Brandon Murphy, Crista Giering, Georgi Mladenov, Matthew Mesa, Zydeca Cass
Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
FlawedGrace MirrorBlast

2021-08-17 ⋅ Huntress Labs ⋅ Matthew Brennan
Snakes on a Domain: An Analysis of a Python Malware Loader

2021-08-17 ⋅ Volatility Labs ⋅ Damien Cash, Josh Grunzweig, Matthew Meltzer, Steven Adair, Thomas Lancaster
North Korean APT37 / InkySquid Infects Victims Using Browser Exploits
BLUELIGHT APT37

2021-06-24 ⋅ Proofpoint ⋅ Crista Giering, Dennis Schwarz, Matthew Mesa
JSSLoader: Recoded and Reloaded
JSSLoader Storm-0324

2021-06-15 ⋅ NCC Group ⋅ Michael Matthews, NCC RIFT, William Backhouse
Handy guide to a new Fivehands ransomware variant
FiveHands

2021-05-27 ⋅ Volexity ⋅ Damien Cash, Josh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns
Cobalt Strike

2021-05-25 ⋅ Huntress Labs ⋅ Matthew Brennan
Cobalt Strikes Again: An Analysis of Obfuscated Malware
Cobalt Strike

2021-05-06 ⋅ Sophos Labs ⋅ Bill Kearney, Kyle Link, Matthew Sharf, Peter Mackenzie, Tilly Travers
MTR in Real Time: Pirates pave way for Ryuk ransomware
Ryuk

2021-03-14 ⋅ DAILY BEAST ⋅ Matthew Brazil
How China’s Devastating Microsoft Hack Puts Us All at Risk
HAFNIUM

2021-03-10 ⋅ Proofpoint ⋅ Dennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike