Malpedia Library

2024-11-14 ⋅ Palo Alto ⋅ Unit 42
Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack
BeaverTail InvisibleFerret WageMole

2024-11-13 ⋅ ClearSky ⋅ ClearSky
New Zero-Day Vulnerability Detected: CVE-2024-43451
SparkRAT

2024-11-13 ⋅ ANY.RUN ⋅ Aaron Jornet Sales, ANY.RUN
HawkEye Malware: Technical Analysis
HawkEye Keylogger

2024-11-13 ⋅ Sekoia ⋅ Coline Chavane, Sekoia TDR
A three-beat waltz: The ecosystem behind Chinese state-sponsored cyber threats

2024-11-13 ⋅ TEHTRIS ⋅ TEHTRIS
Cracking Formbook malware: Blind deobfuscation and quick response techniques
Formbook

2024-11-13 ⋅ Bitdefender ⋅ Martin Zugec
ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
ShrinkLocker

2024-11-13 ⋅ ClearSky ⋅ ClearSky
CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild
SparkRAT UAC-0194

2024-11-12 ⋅ ClearSky ⋅ ClearSky Research Team
Iranian “Dream Job” Campaign 11.24
TA455

2024-11-12 ⋅ Kroll ⋅ George Glass, Ryan Hicks
LUMMASTEALER Delivered Via PowerShell Social Engineering
Lumma Stealer

2024-11-12 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign
DEEPDATA

2024-11-12 ⋅ Recorded Future ⋅ Insikt Group
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Cobalt Strike TAG-112

2024-11-12 ⋅ Qianxin ⋅ Alex Turing
New Zero-Detection Variant of Melofee Backdoor from Winnti Strikes RHEL 7.9
Melofee

2024-11-12 ⋅ Recorded Future ⋅ Insikt Group
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Cobalt Strike

2024-11-12 ⋅ SecurityScorecard ⋅ Ryan Sherstobitoff
The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat

2024-11-12 ⋅ Hunt.io ⋅ Hunt.io
Targeting Innovation: Sliver C2 and Ligolo-ng Used in Operation Aimed at Y Combinator
Sliver

2024-11-12 ⋅ DataBreaches.net ⋅ Dissent
Amazon confirms employee data breach after vendor hack
Nam3L3ss

2024-11-11 ⋅ Kaspersky ⋅ Ashley Muñoz, Cristian Souza, Eduardo Ovalle
Ymir: new stealthy ransomware in the wild
Ymir

2024-11-10 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 34: encrypt payload via DFC algorithm. Simple C example.

2024-11-10 ⋅ DFIR.ch ⋅ Stephan Berger
Reptile's Custom Kernel-Module Launcher
reptile

2024-11-09 ⋅ Youtube (Microsoft Security Response Center (MSRC)) ⋅ Rachel Giacobozzi
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review
Storm-0506 TA2101