Malpedia Library

2024-05-30 ⋅ Akamai ⋅ Maxim Zavodchik, Ryan Barnett, Stiv Kupchik
RedTail Cryptominer Threat Actors Adopt PAN-OS CVE-2024-3400 Exploit
RedTail

2024-05-30 ⋅ Centurylink ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-30 ⋅ circleid ⋅ WhoisXML API
A DNS Investigation of the Phobos Ransomware 8Base Attack
8Base Phobos

2024-05-29 ⋅ Medium (DoingFedTime) ⋅ DoingFedTime
80-000 records exposed in shell data breach by threat actor
Threat Actor 888

2024-05-28 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
splitloader

2024-05-28 ⋅ CyberSecurityNews ⋅ Dhivya
Threats Claimimg Breach of Decathlon May 2024 Database
Threat Actor 888

2024-05-28 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
BlackSuit Attack Analysis
BlackSuit

2024-05-24 ⋅ Check Point Software Technologies Ltd ⋅ Check Point Research
Bad Karma, No Justice: Void Manticore Destructive Activities in Israel
BiBi-Linux

2024-05-23 ⋅ ITOCHU ⋅ ITOCHU Cyber & Intelligence Inc.
Malware Transmutation! - Unveiling the Hidden Traces of BloodAlchemy
BloodAlchemy ShadowPad

2024-05-23 ⋅ Twitter (@embee_research) ⋅ Embee_research
Tracking APT SideWinder With DNS Records
SideWinder

2024-05-23 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Lior Rochberger
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia
Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter CL-STA-0043

2024-05-22 ⋅ Bleeping Computer ⋅ Bill Toulas
Chinese hackers hide on military and govt networks for 6 years
SilentGh0st Unfading Sea Haze

2024-05-22 ⋅ Mandiant ⋅ Michael Raggi
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders

2024-05-22 ⋅ Martin Zugec
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea
SilentGh0st

2024-05-21 ⋅ Yoroi ⋅ Carmelo Ragusa, Luigi Martire
Uncovering an undetected KeyPlug implant attacking industries in Italy
KEYPLUG

2024-05-20 ⋅ Checkpoint ⋅ Checkpoint
Bad Karma, No Justice: Void Manticore Destructive Activities in Israel
Void Manticore

2024-05-20 ⋅ cyble ⋅ Cyble
Tiny BackDoor Goes Undetected – Suspected Turla leveraging MSBuild to Evade detection

2024-05-16 ⋅ ⋅ AhnLab ⋅ ASEC
Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group)

2024-05-16 ⋅ Elastic ⋅ Daniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Latrodectus

2024-05-16 ⋅ Symantec ⋅ Threat Hunter Team
Springtail: New Linux Backdoor Added to Toolkit
Gomir Kimsuky