Malpedia Library

Click here to download all references as Bib-File.•

2022-11-16 ⋅ Proofpoint ⋅ Axel F, Pim Trouerbach
A Comprehensive Look at Emotet Virus’ Fall 2022 Return
BumbleBee Emotet PHOTOLITE

2022-09-13 ⋅ Proofpoint ⋅ Alexander Rausch, Joshua Miller, Kyle Eaton
Look What You Made Me Do: TA453 Uses Multi-Persona Impersonation to Capitalize on FOMO

2022-08-30 ⋅ Proofpoint ⋅ Michael Raggi, PWC UK, Sveva Vittoria Scenarelli
Rising Tide: Chasing the Currents of Espionage in the South China Sea
scanbox Meterpreter APT40

2022-08-18 ⋅ Proofpoint ⋅ Joe Wise, Proofpoint Threat Research Team, Selena Larson
Reservations Requested: TA558 Targets Hospitality and Travel
AsyncRAT Loda NjRAT Ozone RAT Revenge RAT Vjw0rm

2022-07-21 ⋅ Proofpoint ⋅ Bryan Campbell, Pim Trouerbach, Proofpoint Threat Research Team, Selena Larson
Buy, Sell, Steal, EvilNum Targets Cryptocurrency, Forex, Commodities
EVILNUM Evilnum

2022-07-14 ⋅ Proofpoint ⋅ Crista Giering, Joshua Miller, Michael Raggi, Proofpoint Threat Research Team
Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media
Chinoxy APT31 Lazarus Group TA482

2022-05-11 ⋅ Proofpoint ⋅ Andrew Northern, Axel F, Pim Trouerbach, Tony Robinson
Nerbian RAT Using COVID-19 Themes Features Sophisticated Evasion Techniques
Nerbian RAT

2022-04-28 ⋅ Proofpoint ⋅ Kelsey Merriman, Pim Trouerbach
This isn't Optimus Prime's Bumblebee but it's Still Transforming
BumbleBee TA578 TA579

2022-04-26 ⋅ Proofpoint ⋅ Axel F
Emotet Tests New Delivery Techniques
Emotet

2022-03-21 ⋅ Proofpoint ⋅ Andrew Northern, Bryan Campbell, Selena Larson, Zachary Abzug
Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain
Serpent

2022-03-07 ⋅ Proofpoint ⋅ Michael Raggi, Myrtus 0x0
The Good, the Bad, and the Web Bug: TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates
PlugX MUSTANG PANDA

2022-03-03 ⋅ Proofpoint ⋅ Proofpoint Cloud Security Research
Cloud Credential Compromise Campaign Originating from Russian-Affiliated Infrastructure

2022-03-03 ⋅ Proofpoint ⋅ Ryan Kalember
Proofpoint is Closely Monitoring the Rapidly Evolving Threat Landscape Related to Ukraine and Russia

2022-03-01 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Research Team, Zydeca Cass
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
SunSeed

2022-02-15 ⋅ Proofpoint ⋅ Joe Wise, Selena Larson
Charting TA2541's Flight
AsyncRAT TA2541

2022-02-08 ⋅ Proofpoint ⋅ Georgi Mladenov, Joshua Miller, Konstantin Klinger
Ugg Boots 4 Sale: A Tale of Palestinian-Aligned Espionage
BrittleBush NimbleMamba TA402

2022-01-24 ⋅ Proofpoint ⋅ Proofpoint
DTPacker – a .NET Packer with a Curious Password
Agent Tesla TA2536

2021-12-07 ⋅ Proofpoint ⋅ Jake G, Selena Larson
University Targeted Credential Phishing Campaigns Use COVID-19, Omicron Themes

2021-12-01 ⋅ Proofpoint ⋅ Michael Raggi
Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors

2021-11-18 ⋅ Proofpoint ⋅ Darien Huss, Selena Larson
Triple Threat: North Korea-Aligned TA406 Steals, Scams and Spies
YoreKey