Malpedia Library

Click here to download all references as Bib-File.•

2020-10-28 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Cedric Pernet, Daniel Lunghi, Elliot Cao, Jaromír Hořejší, John Zhang, Joseph C Chen, William Gamazo Sanchez
Operation Earth Kitsune: A Dance of Two New Backdoors
AgfSpy DneSpy SLUB Earth Kitsune

2020-10-28 ⋅ Microsoft ⋅ Tom Burt
Cyberattacks target international conference attendees (APT35/PHOSPHORUS)

2020-10-27 ⋅ Cofense ⋅ Adam Martin, Cofense Phishing Defense Center, Kian Buckley Maher, Nathaniel Sagibanda
Purchase Order Phishing, the Everlasting Phishing Tactic

2020-10-27 ⋅ Sophos Managed Threat Response (MTR) ⋅ Greg Iddon
MTR Casebook: An active adversary caught in the act
Cobalt Strike

2020-10-27 ⋅ Dr.Web ⋅ Dr.Web
Study of the ShadowPad APT backdoor and its relation to PlugX
Ghost RAT PlugX ShadowPad

2020-10-27 ⋅ Zscaler ⋅ Sahil Antil, Sudeep Singh
APT-31 leverages COVID-19 vaccine theme and abuses legitimate online services

2020-10-27 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Steelcase furniture giant hit by Ryuk ransomware attack
Ryuk

2020-10-26 ⋅ SANS ISC InfoSec Forums ⋅ Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"

2020-10-26 ⋅ Wired ⋅ Andy Greenberg
The Russian Hackers (BERSERK BEAR) Playing 'Chekhov's Gun' With US Infrastructure

2020-10-26 ⋅ ⋅ Qianxin ⋅ Threat Intelligence Center
Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait
SideWinder

2020-10-24 ⋅ KrabsOnSecurity ⋅ Mr. Krabs
Gacrux – a basic C malware with a custom PE loader
Gacrux

2020-10-24 ⋅ KrabsOnSecurity ⋅ Mr. Krabs
Gacrux – a basic C malware with a custom PE loader

2020-10-23 ⋅ @krabsonsecurity
Tweet: An interesting tidbit: it has a Mach-O bin
Xloader

2020-10-23 ⋅ Hornetsecurity ⋅ Hornetsecurity Security Lab
Leakware-Ransomware-Hybrid Attacks
Avaddon Clop Conti DarkSide DoppelPaymer Mailto Maze Mespinoza Nefilim RagnarLocker REvil Sekhmet SunCrypt

2020-10-23 ⋅ Reuters ⋅ Christopher Bing
Exclusive: National Guard called in to thwart cyberattack in Louisiana weeks before election
KimJongRat

2020-10-23 ⋅ Reuters ⋅ Christopher Bing, Jack Stubbs
Exclusive: 'Dumb mistake' exposed Iranian hand behind fake Proud Boys U.S. election emails - sources

2020-10-22 ⋅ Bellingcat ⋅ Bellingcat Investigation Team
Russian Vehicle Registration Leak Reveals Additional GRU Hackers

2020-10-22 ⋅ ZDNet ⋅ Catalin Cimpanu
EU sanctions Russia over 2015 German Parliament hack

2020-10-22 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-296B): Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

2020-10-22 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-296A): Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets