Malpedia Library

Click here to download all references as Bib-File.•

2024-12-13 ⋅ Bleeping Computer ⋅ Bill Toulas
Germany blocks BadBox malware loaded on 30,000 Android devices
BADBOX

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-05 ⋅ Recorded Future ⋅ Insikt Group
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

2024-11-18 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
Ngioweb

2024-11-18 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
Ngioweb Water Barghest

2024-11-18 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Inside Water Barghests Rapid Exploit-to-Market Strategy for IoT Devices
Ngioweb

2024-11-07 ⋅ ESET Research ⋅ ESET Research
APT Activity Report: Abusing Cloud Services and VPN Platforms in the Pursuit of New Prey
FrostyNeighbor

2024-10-28 ⋅ ESET Research ⋅ Anh ho
CloudScout: Evasive Panda scouting cloud services
CloudScout MgBot Nightdoor

2024-10-24 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Accounts in service UAC-0218: file theft using HOMESTEEL (CERT-UA#11717)
HOMESTEEL UAC-0215

2024-09-18 ⋅ ASD, CNMF, CSE Canada, FBI, GCSB, NCSC UK, NSA
People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations
Nosedive

2024-09-10 ⋅ Talos Intelligence ⋅ Joey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank

2024-08-24 ⋅ YouTube (Black Hat) ⋅ Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices (Video)
SEASPY UNC4841

2024-08-07 ⋅ Symantec ⋅ Threat Hunter Team
Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
GoGra Grager MOONTAG Ondritols TONERJAM

2024-07-26 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0102 Phishing Attack Detection: Hackers Steal Authentication Data Impersonating the UKR.NET Web Service
UAC-0102

2024-06-04 ⋅ Aquasec ⋅ Nitzan Yaakov
Muhstik Malware Targets Message Queuing Services Applications
Tsunami

2024-04-29 ⋅ Zscaler ⋅ Santiago Vicente
Zloader Learns Old Tricks
Zloader

2024-04-24 ⋅ Cisco ⋅ Cisco Talos
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
ArcaneDoor Storm-1849

2024-04-24 ⋅ NCSC UK ⋅ NCSC UK
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices.

2024-04-24 ⋅ NCSC UK ⋅ NCSC UK
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices.

2024-04-19 ⋅ TEAMT5 ⋅ Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices
SEASPY UNC4841