Malpedia Library

Click here to download all references as Bib-File.•

2022-07-13 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Durgesh Sangvikar, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption
Cobalt Strike

2022-07-13 ⋅ HORIZON3.ai ⋅ Naveen Sunkavally
The Long Tail of Log4Shell Exploitation

2022-07-13 ⋅ Weixin ⋅ Antiy CERT
Confucius: The Angler Hidden Under CloudFlare
Quasar RAT

2022-07-13 ⋅ Trellix ⋅ Mohsin Dalla, Sushant Kumar Arya
Targeted Attack on Government Agencies
AsyncRAT LimeRAT

2022-07-13 ⋅ Malwarebytes Labs ⋅ Hossein Jazi, Roberto Santos
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign
Cobalt Strike

2022-07-12 ⋅ Team Cymru ⋅ Team Cymru
An Analysis of Infrastructure linked to the Hagga Threat Actor
Hagga

2022-07-12 ⋅ Cyren ⋅ Kervin Alintanahin
Example Analysis of Multi-Component Malware
Emotet Formbook

2022-07-12 ⋅ Google ⋅ Google Threat Analysis Group, Shane Huntley
TAG Bulletin: Q2 2022

2022-07-12 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

2022-07-12 ⋅ Team Cymru ⋅ Kyle Krejci
An Analysis of Infrastructure linked to the Hagga Threat Actor
Agent Tesla

2022-07-12 ⋅ Artik Blue ⋅ Artik Blue
Malware analysis with IDA/Radare2 - Multiple unpacking (Ramnit worm)
Ramnit

2022-07-12 ⋅ Fortinet ⋅ James Slaughter
Spoofed Saudi Purchase Order Drops GuLoader – Part 2
CloudEyE

2022-07-12 ⋅ Zscaler ⋅ Aditya Sharma, Tarun Dewan
Rise in Qakbot attacks traced to evolving threat techniques
QakBot

2022-07-12 ⋅ cyble ⋅ Cyble Research Labs
New Ransomware Groups On The Rise: “RedAlert,” LILITH And 0mega Leading A Wave Of Ransomware Campaigns
RedAlert Ransomware Lilith

2022-07-12 ⋅ Palo Alto Networks Unit 42 ⋅ Nadav Barak
ChromeLoader: New Stubborn Malware Campaign
ChromeBack

2022-07-11 ⋅ Twitter (@cglyer) ⋅ Christopher Glyer
Tweet on LAPSUS$/DEV-0537
Storm-0829

2022-07-11 ⋅ ASEC ⋅ ASEC
AppleSeed Disguised as Purchase Order and Request Form Being Distributed
Appleseed

2022-07-11 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 attack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4941)
Cobalt Strike

2022-07-11 ⋅ BBC ⋅ Joe Tidy
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Predatory Sparrow

2022-07-11 ⋅ The DFIR Report ⋅ The DFIR Report
SELECT XMRig FROM SQLServer
Bondnet