Malpedia Library

Click here to download all references as Bib-File.•

2022-06-24 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattack against Ukrainian telecommunications operators using DarkCrystal RAT malware (CERT-UA # 4874)
DCRat Sandworm

2022-06-23 ⋅ CrowdStrike ⋅ Patrick Bennett
The Call Is Coming from Inside the House: CrowdStrike Identifies Novel Exploit in VOIP Appliance (CVE-2022-29499)

2022-06-23 ⋅ InQuest ⋅ Pedram Amini
Follina, the Latest in a Long Chain of Microsoft Office Exploits

2022-06-23 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
BRONZE STARLIGHT Ransomware Operations Use HUI Loader
ATOMSILO Cobalt Strike HUI Loader LockFile NightSky Pandora PlugX Quasar RAT Rook SodaMaster BRONZE STARLIGHT

2022-06-23 ⋅ splunk ⋅ Splunk Threat Research Team
Threat Update: Industroyer2
INDUSTROYER2

2022-06-23 ⋅ cyble ⋅ Cyble Research Labs
Matanbuchus Loader Resurfaces
Cobalt Strike Matanbuchus

2022-06-23 ⋅ Google ⋅ Benoit Sevens, Clement Lecigne, Google Threat Analysis Group
Spyware vendor targets users in Italy and Kazakhstan
Hermit

2022-06-23 ⋅ Google ⋅ Google Project Zero, Ian Beer
The curious tale of a fake Carrier.app

2022-06-23 ⋅ Kaspersky ⋅ Danila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok

2022-06-23 ⋅ Trellix ⋅ Christiaan Beek
The Sound of Malware
Conti VHD Ransomware

2022-06-23 ⋅ Kaspersky ⋅ Danila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form)
BlackByte BlackCat Clop Conti Hive LockBit Mespinoza RagnarLocker

2022-06-22 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattacks by China-associated groups against Russian scientific and technical enterprises and government agencies (CERT-UA#4860)
QUICKMUTE

2022-06-21 ⋅ Enum0x539
Qvoid-Token-Grabber
QvoidStealer

2022-06-21 ⋅ McAfee ⋅ Lakshya Mathur
Rise of LNK (Shortcut files) Malware
BazarBackdoor Emotet IcedID QakBot

2022-06-21 ⋅ SonicWall ⋅ SonicWall
HTML Application Files are being used to distribute Smoke Loader Malware
SmokeLoader

2022-06-21 ⋅ BleepingComputer ⋅ Sergiu Gatlan
Microsoft Exchange servers hacked by new ToddyCat APT gang
ToddyCat

2022-06-21 ⋅ Kaspersky ⋅ Giampaolo Dedola
APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
ToddyCat

2022-06-21 ⋅ Lab52
MuddyWater’s “light” first-stager targetting Middle East
Unidentified VBS 004 (RAT)

2022-06-21 ⋅ Cisco Talos ⋅ Chris Neal, Flavio Costa, Guilherme Venere
Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz

2022-06-21 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine