Malpedia Library

Click here to download all references as Bib-File.•

2024-10-09 ⋅ Palo Alto ⋅ Unit 42
Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware
BeaverTail Beavertail

2024-10-06 ⋅ Google ⋅ Clement Lecigne, Google Threat Analysis Group
Caught in the wild - Past, present and future

2024-10-04 ⋅ nikhilh-20 ⋅ Nikhil Hegde
Emansrepo Infostealer - PyInstaller, Deobfuscation and LLM
emansrepo

2024-10-03 ⋅ Virus Bulletin ⋅ Salim Bitam
Sugarcoating KANDYKORN: a sweet dive into a sophisticated MacOS backdoor
HLOADER KANDYKORN SUGARLOADER

2024-10-03 ⋅ Microsoft ⋅ Steven Masada
Protecting Democratic Institutions from Cyber Threats
Callisto

2024-10-03 ⋅ CitizenLab ⋅ Alyson Bruce
Disrupting COLDRIVER: U.S. court orders seizure of domains used in Russian cyberattacks
Callisto

2024-10-02 ⋅ Secureworks ⋅ SecureWorks
2024 State of the Threat
GOLD REBELLION

2024-10-02 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Amnesia Stealer Technical Malware Analysis Report
BlankGrabber

2024-10-02 ⋅ ESET Research ⋅ Romain Dumont
Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
PUBLOAD TONESHELL WavyExfiller CeranaKeeper

2024-10-01 ⋅ Cybereason ⋅ Mark Tsipershtein
THREAT ANALYSIS: Beast Ransomware
win.beast

2024-10-01 ⋅ raw-data memdumps ⋅ _raw_data_
BugSleep network protocol reversing
bugsleep

2024-09-30 ⋅ OALabs ⋅ Sergei Frankoff
Latrodectus Extracting new AES encrypted strings from this RAT
Latrodectus

2024-09-30 ⋅ X (@GenThreatLabs) ⋅ Gen Threat Labs
Tweet on FAKEUPDATES pushing WARMCOOKIE backdoor via compromised websites targeting France
FAKEUPDATES WarmCookie

2024-09-30 ⋅ The DFIR Report ⋅ The DFIR Report
Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware
BlackCat Nitrogen Loader Sliver

2024-09-27 ⋅ Elastic ⋅ Remco Sprooten, Ruben Groenewoud
Betting on Bots: Investigating Linux malware, crypto mining, and gambling API abuse
Kaiji RudeDevil

2024-09-26 ⋅ cyble ⋅ Cyble
Nexe Backdoor Unleashed: Patchwork APT Group’s Sophisticated Evasion of Defenses

2024-09-26 ⋅ The Wall Street Journal ⋅ Dustin Volz, Robert McMillan, Sarah Krouse
China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ Cyberattack
GhostEmperor

2024-09-26 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Storm-0501: Ransomware attacks expanding to hybrid cloud environments
Storm-0501

2024-09-26 ⋅ Gdata ⋅ Karsten Hahn, Marius Benthin
BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell
BBtok

2024-09-26 ⋅ Recorded Future ⋅ Insikt Group
Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0
Rhadamanthys