Malpedia Library

Click here to download all references as Bib-File.•

2021-11-17 ⋅ Black Hills Information Security ⋅ Kyle Avery
DNS Over HTTPS for Cobalt Strike
Cobalt Strike

2021-11-17 ⋅ Infoblox ⋅ Gaetano Pellegrino
Deep Analysis of a Recent Lokibot Attack
Loki Password Stealer (PWS)

2021-11-17 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-17 ⋅ ARMOR ⋅ Amer Elsad
Astaroth: Banking Trojan
Astaroth

2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike
Cobalt Strike QakBot

2021-11-17 ⋅ CrowdStrike ⋅ Liviu Arsene, Sarang Sonawane, Thomas Moses
Ransomware (R)evolution Plagues Organizations, But CrowdStrike Protection Never Wavers
LockBit

2021-11-17 ⋅ Group-IB ⋅ Group-IB
RedCurl: The awakening

2021-11-17 ⋅ CISA ⋅ CISA
Cybersecurity Incident & Vulnerability Response Playbooks

2021-11-17 ⋅ Microsoft ⋅ Pete Bryan
Creating your first Microsoft Sentinel Notebook

2021-11-17 ⋅ MalwareTech ⋅ Marcus Hutchins
An in-depth look at hacking back, active defense, and cyber letters of marque

2021-11-17 ⋅ Medium ThreatMiner ⋅ ThreatMiner
Android Trojan Targeting Korean Demographic using GitHub for C2
Unidentified APK 006

2021-11-17 ⋅ IBM ⋅ Shahar Tavor
BrazKing Android Malware Upgraded and Targeting Brazilian Banks
PixStealer

2021-11-17 ⋅ nviso ⋅ Didier Stevens
Cobalt Strike: Decrypting Obfuscated Traffic – Part 4
Cobalt Strike

2021-11-17 ⋅ RiskIQ ⋅ Jennifer Grob
Aggah Campaign Replaces Crypto Currency Addresses with Their Own

2021-11-17 ⋅ BBC ⋅ Joe Tidy
Evil Corp: 'My hunt for the world's most wanted hackers'
REvil REvil

2021-11-16 ⋅ AhnLab ⋅ ASEC Analysis Team
Analysis Report of Kimsuky Group's APT Attacks (AppleSeed, PebbleDash)
Appleseed PEBBLEDASH

2021-11-16 ⋅ sysdig ⋅ Stefano Chierici
Hands-On Muhstik Botnet: crypto-mining attacks targeting Kubernetes
Tsunami

2021-11-16 ⋅ IronNet ⋅ IronNet Threat Research, Joey Fitzpatrick, Morgan Demboski, Peter Rydzynski
How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware
Cobalt Strike Conti IcedID REvil

2021-11-16 ⋅ Hornetsecurity ⋅ Security Lab
Comeback of Emotet
Emotet

2021-11-16 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group