Malpedia Library

Click here to download all references as Bib-File.•

2021-11-19 ⋅ Twitter (@knight0x07) ⋅ neeraj
Tweet on Exmatter, custom data exfiltration tool, used by Blackmatter ransomware group
ExMatter

2021-11-19 ⋅ insomniacs(Medium) ⋅ Asuna Amawaka
It’s a BEE! It’s a… no, it’s ShadowPad.
ShadowPad

2021-11-19 ⋅ IronNet ⋅ Morgan Demboski
Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?

2021-11-19 ⋅ Trend Micro ⋅ Abdelrhman Sharshar, Mohamed Fahmy, Sherif Magdy
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Cobalt Strike QakBot Squirrelwaffle

2021-11-19 ⋅ LAC WATCH ⋅ LAC WATCH
Malware Emotet resumes its activities for the first time in 10 months, and Japan is also the target of the attack
Emotet

2021-11-18 ⋅ Cisco ⋅ Josh Pyorre
BlackMatter, LockBit, and THOR
BlackMatter LockBit PlugX

2021-11-18 ⋅ Proofpoint ⋅ Darien Huss, Selena Larson
Triple Threat: North Korea-Aligned TA406 Steals, Scams and Spies
YoreKey

2021-11-18 ⋅ Proofpoint ⋅ Darien Huss, Selena Larson
Triple Threat: North Korea-Aligned TA406 Scams, Spies, and Steals
YoreKey TA406

2021-11-18 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks
DanaBot

2021-11-18 ⋅ Netskope ⋅ Ghanashyam Satpathy, Gustavo Palazolo
Netskope Threat Coverage: The Return of Emotet
Emotet

2021-11-18 ⋅ Venafi ⋅ Venafi
APT41 Perfects Code Signing Abuse to Escalate Supply Chain Attacks

2021-11-18 ⋅ scelarityIO ⋅ scelarity.IO
The Art of PerSwaysion Investigation of a Long-Lived Phishing Kit

2021-11-18 ⋅ Group-IB ⋅ Ivan Pisarev
The awakening: Group-IB uncovers new corporate espionage attacks by RedCurl

2021-11-18 ⋅ Twitter (@tccontre18) ⋅ Br3akp0int
Tweet on how to decrypt 4 layers of encryption & obfuscation of vjw0rm
Vjw0rm

2021-11-18 ⋅ Sophos ⋅ Elida Leite, Ferenc László Nagy, Gabor Szappanos, Harinder Bhathal, Kyle Link, Nirav Parekh, Rahul Dugar, Ratul Ghosh, Robert Weiland, Sean Gallagher, Sergio Bestuilic, Vikas Singh
New ransomware actor uses password-protected archives to bypass encryption protection

2021-11-18 ⋅ 360 netlab ⋅ Alex.Turing, Hui Wang, litao3rd, YANG XU
The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service
Specter

2021-11-18 ⋅ Medium 0xchina ⋅ Hamad Alnakal
Malware reverse engineering (Ryuk Ransomware)
Ryuk

2021-11-18 ⋅ Mandiant ⋅ Chris Sistrunk, Daniel Kapellmann, Glen Chason, Ken Proska
Introducing Mandiant's Digital Forensics and Incident Response Framework for Embedded OT Systems

2021-11-18 ⋅ US Department of Justice ⋅ Department of Justice
Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 U.S. Presidential Election ( Seyyed Mohammad Hosein Musa Kazemi & Sajjad Kashian )

2021-11-18 ⋅ US Department of Justice ⋅ Department of Justice
Indictment of Seyyed Mohammad Hosein Musa Kazemi