Malpedia Library

2019-04-19 ⋅ Medium ⋅ x0rz
Hacking (Back) and Influence Operations
BONDUPDATER

2019-04-17 ⋅ Cisco Talos ⋅ Danny Adamitis, David Maynor, Matthew Olney, Paul Rascagnères, Warren Mercer
DNS Hijacking Abuses Trust In Core Internet Service
Sea Turtle

2019-04-17 ⋅ Twitter (JohnLaTwC) ⋅ John Lambert
Tweet on an unidentified VBS Backdoor
Unidentified VBS 001

2019-04-16 ⋅ Youtube (Norsk Hydro) ⋅ Norsk Hydro
The cyber attack rescue operation in Hydro Toulouse
LockerGoga

2019-04-15 ⋅ Trend Micro ⋅ Gilbert Sison, Ryan Maglaque
Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
FriedEx

2019-04-15 ⋅ ClearSky ⋅ ClearSky Research Team
Iranian APT MuddyWater Attack Infrastructure Targeting Kurdish Political Groups and Organizations in Turkey
POWERSTATS MuddyWater

2019-04-15 ⋅ ZDNet ⋅ Catalin Cimpanu
A hacker has dumped nearly one billion user records over the past two months
Gnosticplayers

2019-04-10 ⋅ Microsoft ⋅ Microsoft
Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability

2019-04-10 ⋅ Check Point ⋅ Check Point Research
The Muddy Waters of APT Attacks
POWERSTATS

2019-04-09 ⋅ ESET Research ⋅ Romain Dumont
OceanLotus: macOS malware update
OceanLotus

2019-04-08 ⋅ Palo Alto Networks Unit 42 ⋅ Ruchna Nigam
Mirai Compiled for New Processors Surfaces in the Wild
Mirai

2019-04-06 ⋅ Youtube (hasherezade) ⋅ hasherezade
Unpacking ISFB (including the custom 'PX' format)
ISFB

2019-04-05 ⋅ FireEye ⋅ Alex Pennino, Andrew Thompson, Ben Fedore, Brendan McKeague, Douglas Bienstock, Geoff Ackerman, Van Ta
Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware
LockerGoga Ryuk FIN6

2019-04-04 ⋅ Deutsche Welle ⋅ Deutsche Welle
Bayer points finger at Wicked Panda in cyberattack
APT41

2019-04-04 ⋅ SecurityIntelligence ⋅ Limor Kessem, Nir Somech
IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth
IcedID

2019-04-02 ⋅ Lab52 ⋅ Lab52
WIRTE Group attacking the Middle East
Empire Downloader Houdini WIRTE

2019-04-02 ⋅ SUCURI ⋅ Sucuri
backdoor connectback
ConnectBack

2019-04-02 ⋅ DeepInstinct ⋅ Shaul Vilkomir-Preisman
New ServHelper Variant Employs Excel 4.0 Macro to Drop Signed Payload
ServHelper

2019-04-01 ⋅ ⋅ Macnica Networks ⋅ Macnica Networks
Trends in Cyber Espionage Targeting Japan 2nd Half of 2018
Anel Cobalt Strike Datper PLEAD Quasar RAT RedLeaves taidoor Zebrocy

2019-04-01 ⋅ ⋅ Macnica Networks ⋅ Macnica Networks
OceanLotus Attack on Southeast Asian Automotive Industry
CACTUSTORCH Cobalt Strike