Malpedia Library

Click here to download all references as Bib-File.•

2022-06-23 ⋅ cyble ⋅ Cyble Research Labs
Matanbuchus Loader Resurfaces
Cobalt Strike Matanbuchus

2022-06-23 ⋅ Google ⋅ Benoit Sevens, Clement Lecigne, Google Threat Analysis Group
Spyware vendor targets users in Italy and Kazakhstan
Hermit

2022-06-23 ⋅ Google ⋅ Google Project Zero, Ian Beer
The curious tale of a fake Carrier.app

2022-06-23 ⋅ Kaspersky ⋅ Danila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok

2022-06-23 ⋅ Trellix ⋅ Christiaan Beek
The Sound of Malware
Conti VHD Ransomware

2022-06-23 ⋅ Kaspersky ⋅ Danila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form)
BlackByte BlackCat Clop Conti Hive LockBit Mespinoza RagnarLocker

2022-06-22 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattacks by China-associated groups against Russian scientific and technical enterprises and government agencies (CERT-UA#4860)
QUICKMUTE

2022-06-21 ⋅ Enum0x539
Qvoid-Token-Grabber
QvoidStealer

2022-06-21 ⋅ McAfee ⋅ Lakshya Mathur
Rise of LNK (Shortcut files) Malware
BazarBackdoor Emotet IcedID QakBot

2022-06-21 ⋅ SonicWall ⋅ SonicWall
HTML Application Files are being used to distribute Smoke Loader Malware
SmokeLoader

2022-06-21 ⋅ BleepingComputer ⋅ Sergiu Gatlan
Microsoft Exchange servers hacked by new ToddyCat APT gang
ToddyCat

2022-06-21 ⋅ Kaspersky ⋅ Giampaolo Dedola
APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
ToddyCat

2022-06-21 ⋅ Lab52
MuddyWater’s “light” first-stager targetting Middle East
Unidentified VBS 004 (RAT)

2022-06-21 ⋅ Cisco Talos ⋅ Chris Neal, Flavio Costa, Guilherme Venere
Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz

2022-06-21 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine

2022-06-20 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Tracking Android/Joker payloads with Medusa, static analysis (and patience)
Joker

2022-06-20 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack using CredoMap malware (CERT-UA#4843)
CredoMap

2022-06-20 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0098 group cyberattack on critical infrastructure of Ukraine (CERT-UA#4842)
Cobalt Strike

2022-06-20 ⋅ ⋅ Infinitum IT ⋅ infinitum IT
Charming Kitten (APT35)
LaZagne DownPaper MimiKatz pupy

2022-06-19 ⋅ OALabs ⋅ Sergei Frankoff
Matanbuchus Triage Notes
Matanbuchus