Malpedia Library

Click here to download all references as Bib-File.•

2022-06-13 ⋅ Quick Heal ⋅ Tejaswini Sandapolla
Robin Hood Ransomware ‘GOODWILL’ Forces Victim For Charity
RobinHood

2022-06-12 ⋅ cocomelonc
Malware development: persistence - part 7. Winlogon. Simple C++ example.
BazarBackdoor Gazer TurlaRPC Turla SilentMoon

2022-06-12 ⋅ Confiant ⋅ Taha
How SeaFlower 藏海花 installs backdoors in iOS/Android web3 wallets to steal your seed phrase

2022-06-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Tweet on DEV-0401, DEV-0234 exploiting Confluence RCE CVE-2022-26134
Kinsing Mirai Cobalt Strike Lilac Typhoon

2022-06-10 ⋅ Accenture ⋅ Accenture
Russia Ukraine Crisis Overview

2022-06-10 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Massive cyberattack on Media Organizations of Ukraine using crescentImp malware (CERT-UA#4797)
DCRat

2022-06-10 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Bunce, Doel Santos
Exposing HelloXD Ransomware and x4k

2022-06-10 ⋅ Soc Investigation ⋅ Vignesh Bhaaskaran
New SVCReady malware loads from Word doc properties – Detection & Response
SVCReady

2022-06-09 ⋅ MITRE ⋅ MITRE
MITRE actor profile for Ember Bear
SaintBear

2022-06-09 ⋅ Accenture ⋅ Accenture
Finding Vulnerabilities with VulFi IDA Plugin

2022-06-09 ⋅ Group-IB ⋅ Ivan Lebedev, Yaroslav Kargalev
Swiss Army Knife Phishing Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks

2022-06-09 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Quick look into a new sample of Android/BianLian
BianLian Hydra

2022-06-09 ⋅ Palo Alto Networks Unit 42 ⋅ Abigail Barr, Amer Elsad, JR Gumarin
LockBit 2.0: How This RaaS Operates and How to Protect Against It
LockBit

2022-06-09 ⋅ Zscaler ⋅ Avinash Kumar, Niraj Shivtarkar
Lyceum .NET DNS Backdoor
Lyceum .NET DNS Backdoor

2022-06-09 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Roblox Game Pass store used to sell ransomware decryptor
Chaos

2022-06-09 ⋅ Avast ⋅ Dominika Regéciová
Yara: In Search Of Regular Expressions

2022-06-09 ⋅ Blackberry ⋅ Joakim Kennedy, The BlackBerry Research & Intelligence Team
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Symbiote

2022-06-09 ⋅ Sentinel LABS ⋅ Joey Chen
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
heyoka mongall Aoqin Dragon

2022-06-09 ⋅ InfoSec Handlers Diary Blog ⋅ Brad Duncan
TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)
QakBot

2022-06-08 ⋅ Trustwave ⋅ John Anderson
Not all "Internet Connections" are Equal