Malpedia Library

Click here to download all references as Bib-File.•

2021-09-23 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil, Vanja Svajcer
Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs
Ave Maria NetWire RC

2021-09-23 ⋅ Google ⋅ Google Threat Analysis Group, Neel Mehta
Financially motivated actor breaks certificate parsing to avoid detection
OpenSUpdater

2021-09-23 ⋅ ⋅ rtlnieuws ⋅ RTL Nieuws
RTL was victim ransomware attack, cyber criminals make 8500 euro loot

2021-09-23 ⋅ NCC Group ⋅ Michael Gough
Detecting and Hunting for the PetitPotam NTLM Relay Attack

2021-09-23 ⋅ Sophos ⋅ Sean Gallagher
Phishing and malware actors abuse Google Forms for credentials, data exfiltration

2021-09-23 ⋅ ESET Research ⋅ Matthieu Faou, Tahseen Bin Taj
FamousSparrow: A suspicious hotel guest
SparrowDoor GhostEmperor

2021-09-23 ⋅ Bleeping Computer ⋅ Ionut Ilascu
REVil ransomware devs added a backdoor to cheat affiliates
REvil

2021-09-22 ⋅ ThreatFabric ⋅ ThreatFabric
ERMAC - another Cerberus reborn
AmpleBot Cerberus ERMAC

2021-09-22 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Eli Salem
Threat Analysis Report: PrintNightmare and Magniber Ransomware
Magniber

2021-09-22 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released
REvil REvil

2021-09-22 ⋅ Radware ⋅ Radware
Dark.IoT, OMIGOD & UDP Technology Update (CVE-2021-38647 & CVE-2021-33544)
Dark

2021-09-22 ⋅ McAfee ⋅ Alexandre Mundo, Marc Elias
BlackMatter Ransomware Analysis; The Dark Side Returns
BlackMatter

2021-09-22 ⋅ GoSecure ⋅ GoSecure
GoSecure Titan Labs Technical Report: BluStealer Malware Threat
BluStealer

2021-09-22 ⋅ YouTube (John Hammond) ⋅ John Hammond
Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS
DCRat

2021-09-21 ⋅ eSentire ⋅ eSentire
Ransomware Hackers Attack a Top Safety Testing Org. Using Tactics and Techniques Borrowed from Chinese Espionage Groups
Cobalt Strike MimiKatz UNC215

2021-09-21 ⋅ Washington Post ⋅ Ellen Nakashima, Rachel Lerman
FBI held back ransomware decryption key from businesses to run operation targeting hackers
REvil

2021-09-21 ⋅ vmware ⋅ Bob Plankers
VMSA-2021-0020: What You Need to Know (CVE-2021-22005)

2021-09-21 ⋅ Nozomi Networks ⋅ Nozomi Networks Labs
BlackMatter Ransomware Technical Analysis and Tools from Nozomi Networks Labs
BlackMatter

2021-09-21 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Publication of Updated Ransomware Advisory; Cyber-related Designation (25 cryptocurrency accounts operated by Suex is sanctioned)

2021-09-21 ⋅ GuidePoint Security ⋅ Drew Schmitt
A Ransomware Near Miss: ProxyShell, a RAT, and Cobalt Strike
Cobalt Strike