Malpedia Library

Click here to download all references as Bib-File.•

2020-12-10 ⋅ JPCERT/CC ⋅ Kota Kino
Attack Activities by Quasar Family
AsyncRAT Quasar RAT Venom RAT XPCTRA

2020-12-10 ⋅ ESET Research ⋅ Mathieu Tartare
Operation StealthyTrident: corporate software under attack
HyperBro PlugX ShadowPad Tmanger

2020-12-09 ⋅ AlienVault OTX ⋅ AlienVault
SideWinder APT South Asian Territorial Themed Spear Phishing and Mobile Device Attacks
SideWinder RAZOR TIGER

2020-12-09 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Haozhe Zhang, Yanhui Jia
njRAT Spreading Through Active Pastebin Command and Control Tunnel
NjRAT

2020-12-09 ⋅ InfoSec Handlers Diary Blog ⋅ Brad Duncan
Recent Qakbot (Qbot) activity
Cobalt Strike QakBot

2020-12-09 ⋅ Trend Micro ⋅ Ecular Xu, Jaromír Hořejší, Joseph C Chen
SideWinder Leverages South Asian Territorial Issues for Spear Phishing and Mobile Device Attacks
Meterpreter SideWinder RAZOR TIGER

2020-12-08 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov
Detecting SolarWinds/SUNBURST/ECLIPSER Supply Chain Attacks
SUNBURST

2020-12-08 ⋅ FireEye ⋅ FireEye
Unauthorized Access of FireEye Red Team Tools

2020-12-08 ⋅ FireEye ⋅ Kevin Mandia
FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community

2020-12-08 ⋅ ZDNet ⋅ Catalin Cimpanu
Norway says Russian hacking group APT28 is behind August 2020 Parliament hack

2020-12-08 ⋅ Sophos ⋅ Anand Aijan, Bill Kearney, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Shahram
Egregor ransomware: Maze’s heir apparent
Egregor Maze

2020-12-07 ⋅ Censys ⋅ Censys
Advanced Persistent Infrastructure Tracking
WellMess

2020-12-07 ⋅ Google ⋅ Bernhard Grill, Borbala Benko, Cecilia M. Procopiuc, David Tao, Elie Bursztein, Fabian Kaczmarczyck, Jennifer Pullman, Luca Invernizzi
Spotlight: Malware Lead Generation at Scale

2020-12-07 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Blocking APT: Qi'anxin QOWL engine defeats BITTER's targeted attacks on domestic government and enterprises

2020-12-07 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Commodity .NET Packers use Embedded Images to Hide Payloads
Agent Tesla Loki Password Stealer (PWS) Remcos

2020-12-07 ⋅ NSA ⋅ NSA
Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials

2020-12-07 ⋅ Group-IB ⋅ Nikita Rostovcev
The footprints of Raccoon: a story about operators of JS-sniffer FakeSecurity distributing Raccoon stealer
Raccoon

2020-12-04 ⋅ Red Canary ⋅ Red Canary
Yellow Cockatoo: Search engine redirects, in-memory remote access trojan, and more
Yellow Cockatoo RAT

2020-12-03 ⋅ Kaspersky ⋅ GReAT
APT annual review: What the world’s threat actors got up to in 2020
TwoSail Junk

2020-12-03 ⋅ PICUS Security ⋅ Süleyman Özarslan
How to Beat Nefilim Ransomware Attacks
Nefilim