Malpedia Library

2020-06-08 ⋅ Proofpoint ⋅ Dennis Schwarz, Georgi Mladenov, Michael Raggi, Proofpoint Threat Research Team
TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware
FlowCloud Lookback APT10 TA410

2020-06-07 ⋅ Zero2Automated Blog ⋅ 0verfl0w_
Dealing with Obfuscated Macros, Statically - NanoCore
Nanocore RAT

2020-06-05 ⋅ Zscaler ⋅ Gayathri Anbalagan
New Campaign Abusing StackBlitz Tool to Host Phishing Pages

2020-06-05 ⋅ SUCURI ⋅ Denis Sinegubko
Evasion Tactics in Hybrid Credit Card Skimmers
magecart

2020-06-04 ⋅ Raytheon Blackbird Technologies ⋅ Blackberry Research
Threat Spotlight: Tycoon Ransomware Targets Education and Software Sectors

2020-06-04 ⋅ Sophos Naked Security ⋅ Lisa Vaas
Nuclear missile contractor hacked in Maze ransomware attack
Maze

2020-06-03 ⋅ Malwarebytes ⋅ Hossein Jazi, Jérôme Segura
New LNK attack tied to Higaisa APT discovered
Higaisa

2020-06-03 ⋅ Trend Micro ⋅ Daniel Lunghi
How to perform long term monitoring of careless threat actors
BBSRAT HyperBro Trochilus RAT

2020-06-03 ⋅ VMWare Carbon Black ⋅ Brian Baskin
Medusa Locker Ransomware
MedusaLocker

2020-06-03 ⋅ ZDNet ⋅ Catalin Cimpanu
Ransomware gang says it breached one of NASA's IT contractors
DoppelPaymer

2020-06-02 ⋅ Morphisec ⋅ Arnold Osipov
Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB

2020-06-02 ⋅ Lab52 ⋅ Jagaimo Kawaii
Mustang Panda Recent Activity: Dll-Sideloading trojans with temporal C2 servers
PlugX

2020-06-02 ⋅ Lastline Labs ⋅ James Haughom, Stefano Ortolani
Evolution of Excel 4.0 Macro Weaponization
Agent Tesla DanaBot ISFB TrickBot Zloader

2020-06-02 ⋅ Pwntario Blog ⋅ Anton
Hunting Malicious Macros

2020-06-01 ⋅ Arete ⋅ Arete Incident Response
Sodinokibi / REvil Ransomware attacks against the Education Sector
REvil

2020-06-01 ⋅ Lookout ⋅ Apurva Kumar, Christoph Hebeisen, Kristin Del Rosso
Mobile APT SurveillanceCampaigns Targeting Uyghurs A collection of long-running Android tooling connected to a Chinese mAPT actor
CarbonSteal DoubleAgent GoldenEagle SilkBean

2020-06-01 ⋅ Seguranca Informatica ⋅ Pedro Tavares
In-depth analysis of a trojan banker impacting Portugal and Brazil

2020-05-31 ⋅ ⋅ ESET Research ⋅ Facundo Muñoz
Ransomware Avaddon: principales características
Avaddon

2020-05-31 ⋅ The Record ⋅ Catalin Cimpanu
Russian hacker Pavel Sitnikov arrested for sharing malware source code
Anubis

2020-05-31 ⋅ Twitter (ShadowChasing1) ⋅ Shadow Chaser Group
Tweet on DTRACK malware
Dtrack