Malpedia Library

Click here to download all references as Bib-File.•

2020-05-28 ⋅ Twitter (@Andrew___Morris) ⋅ Andrew Morris
Tweet on Sandworm threat actor exploiting CVE-2019-10149

2020-05-28 ⋅ Kaspersky Labs ⋅ Vyacheslav Kopeytsev
Steganography in targeted attacks on industrial enterprises
MimiKatz

2020-05-28 ⋅ Github Security Lab ⋅ Alvaro Muñoz
The Octopus Scanner Malware: Attacking the open source supply chain
Octopus Scanner

2020-05-27 ⋅ FBI ⋅ FBI
Alert Number MI-000148-MW: APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity
MimiKatz

2020-05-27 ⋅ SophosLabs ⋅ Andrew Brandt, Gabor Szappanos
Netwalker ransomware tools give insight into threat actor
Mailto

2020-05-26 ⋅ CISA ⋅ US-CERT
Alert (AA21-116A): Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
elf.wellmess WellMess

2020-05-26 ⋅ DataBreaches.net ⋅ Dissent
A former DarkSide listing shows up on REvil’s leak site
DarkSide REvil

2020-05-26 ⋅ EpicTurla ⋅ Juan Andrés Guerrero-Saade
ACIDBOX Clustering
AcidBox

2020-05-24 ⋅ Palo Alto Networks Unit 42 ⋅ Ajaya Neupane, Stefan Achleitner
Using AI to Detect Malicious C2 Traffic
Emotet Sality

2020-05-23 ⋅ 360 netlab ⋅ Jinye
New activity of DoubleGuns Group, control hundreds of thousands of bots via public cloud service

2020-05-23 ⋅ Australian Cyber Security Centre ⋅ Australian Cyber Security Centre (ACSC)
Summary of Tradecraft Trends for 2019-20: Tactics, Techniques and Procedures Used to Target Australian Networks

2020-05-22 ⋅ Yoroi ⋅ Antonio Pirozzi, Giacomo d'Onofrio, Luca Mella, Luigi Martire
Cyber-Criminal espionage Operation insists on Italian Manufacturing
Agent Tesla

2020-05-22 ⋅ Positive Technologies ⋅ PT ESC Threat Intelligence
Operation TA505: investigating the ServHelper backdoor with NetSupport RAT. Part 2.
NetSupportManager RAT ServHelper

2020-05-21 ⋅ Sophos ⋅ SophosLabs Uncut
Asnarök attackers twice modified attack midstream
NOTROBIN Ragnarok

2020-05-21 ⋅ Malwarebytes ⋅ Malwarebytes Labs
Cybercrime tactics and techniques
Ave Maria Azorult DanaBot Loki Password Stealer (PWS) NetWire RC

2020-05-21 ⋅ Sophos ⋅ SophosLabs Uncut
Ragnar Locker ransomware deploys virtual machine to dodge security
RagnarLocker

2020-05-21 ⋅ VMWare Carbon Black ⋅ Jared Myers
TAU Technical Report: New Attack Combines TinyPOS With Living-off-the-Land Techniques for Scraping Credit Card Data
AbaddonPOS

2020-05-21 ⋅ Trend Micro ⋅ Llallum Victoria, Raphael Centeno
Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

2020-05-19 ⋅ zero2auto ⋅ Vitali Kremez
Netwalker Ransomware - From Static Reverse Engineering to Automatic Extraction
Mailto

2020-05-19 ⋅ Hornetsecurity ⋅ Security Lab
Information Stealer Campaign Targeting German HR Contacts
LALALA Stealer