Malpedia Library

2022-02-02 ⋅ IBM ⋅ Kevin Henson
TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware
BazarBackdoor TrickBot

2022-02-02 ⋅ SecurityAffairs ⋅ Pierluigi Paganini
Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op

2022-02-02 ⋅ lodestone ⋅ Group-IB, Jason Daza, Manoj Khatiwada, Michael Wirtz, Paul Brunney
White Rabbit Continued: Sardonic and F5

2022-02-02 ⋅ CNN ⋅ Sean Lyngaas
US officials prepare for potential Russian cyberattacks as Ukraine standoff continues

2022-02-01 ⋅ Mandiant ⋅ Angelo Del Rosario, Martin Co, Ng Choon Kiat
Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent
BATLOADER

2022-02-01 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the UAC-0010 group (Armageddon) on the state organizations of Ukraine (CERT-UA#3787)
Gamaredon Group

2022-02-01 ⋅ 3xp0rt ⋅ 3xp0rt
Mars Stealer: Oski refactoring
Mars Stealer Oski Stealer

2022-02-01 ⋅ ThreatFabric
Xenomorph: A newly hatched Banking Trojan
Xenomorph

2022-02-01 ⋅ Cyborg Security ⋅ Brandon Denker
WhisperGate Malware - Update
WhisperGate

2022-02-01 ⋅ Wired ⋅ Matt Burgess
Inside Trickbot, Russia’s Notorious Ransomware Gang
TrickBot

2022-02-01 ⋅ SentinelOne ⋅ Phil Stokes
Sneaky Spies and Backdoor RATs | SysJoker and DazzleSpy Malware Target macOS
DazzleSpy SysJoker

2022-02-01 ⋅ BleepingComputer ⋅ Sergiu Gatlan
Cyberspies linked to Memento ransomware use new PowerShell malware

2022-02-01 ⋅ Sophos ⋅ Gabor Szappanos, Sean Gallagher
SolarMarker campaign used novel registry changes to establish persistence
solarmarker

2022-02-01 ⋅ Cybereason ⋅ Tom Fakterman
StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations
StrifeWater RAT MosesStaff

2022-02-01 ⋅ Max Kersten's Blog ⋅ Max Kersten
Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader
WhisperGate

2022-02-01 ⋅ Wired ⋅ Matt Burgess
Inside Trickbot, Russia’s Notorious Ransomware Gang
TrickBot

2022-02-01 ⋅ Youtube (OALabs) ⋅ OALabs
How To Unpack VMProtect 3 (x64) Night Sky Ransomware With VMPDump [Patreon Unlocked]
NightSky

2022-02-01 ⋅ Cybereason ⋅ Daniel Frank
PowerLess Trojan: Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage

2022-01-31 ⋅ Cyber Geeks ⋅ Vlad Pasca
A Detailed Analysis Of Lazarus APT Malware Disguised As Notepad++ Shell Extension
AnchorMTea

2022-01-31 ⋅ CyberArk ⋅ Arash Parsa
Analyzing Malware with Hooks, Stomps and Return-addresses
Cobalt Strike