Malpedia Library

Click here to download all references as Bib-File.•

2021-04-27 ⋅ Kaspersky ⋅ GReAT
APT trends report Q1 2021
PAS Artra Downloader BadNews Bozok DILLJUICE Kazuar Quasar RAT SodaMaster

2021-04-27 ⋅ Trend Micro ⋅ Janus Agcaoili
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
CHINACHOPPER Cobalt Strike

2021-04-27 ⋅ Medium Cedric Owens ⋅ Cedric Owens
macOS Gatekeeper Bypass (2021 Edition)
Shlayer

2021-04-27 ⋅ Positive Technologies ⋅ PT ESC Threat Intelligence
Lazarus Group Recruitment: Threat Hunters vs Head Hunters

2021-04-27 ⋅ DomainTools ⋅ Chad Anderson
Winter Vivern: A Look At Re-Crafted Government MalDocs Targeting Multiple Languages
Winter Vivern

2021-04-27 ⋅ FireEye ⋅ Doug Bienstock
Abusing Replication: Stealing AD FS Secrets Over the Network

2021-04-26 ⋅ The Record ⋅ Catalin Cimpanu
Despite arrests in Spain, FluBot operations explode across Europe and Japan
FluBot

2021-04-26 ⋅ ⋅ Medium testbnull ⋅ Min-Chang Jang
Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482)

2021-04-26 ⋅ CoveWare ⋅ CoveWare
Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound
Avaddon Clop Conti DarkSide Egregor LockBit Mailto Phobos REvil Ryuk SunCrypt

2021-04-26 ⋅ Dragos ⋅ Dragos
New ICS Threat Activity Group: TALONITE
FlowCloud Lookback

2021-04-26 ⋅ Jamf Blog ⋅ Jaron Bradley
Shlayer malware abusing Gatekeeper bypass on macOS
Shlayer

2021-04-26 ⋅ Objective-See ⋅ Patrick Wardle
All Your Macs Are Belong To Us: bypassing macOS's file quarantine, gatekeeper, and notarization requirements
Shlayer

2021-04-26 ⋅ nviso ⋅ Maxime Thiebaut
Anatomy of Cobalt Strike’s DLL Stager
Cobalt Strike

2021-04-26 ⋅ CISA ⋅ CISA, Department of Homeland Security, FBI
Russian Foreign Intelligence Service (SVR)Cyber Operations: Trends and Best Practices for Network Defenders
elf.wellmess WellMess

2021-04-25 ⋅ The Record ⋅ Catalin Cimpanu
Hacking campaign targets FileZen file-sharing network appliances

2021-04-25 ⋅ Vulnerability.ch Blog ⋅ Corsin Camichel
Ransomware and Data Leak Site Publication Time Analysis
Avaddon Babuk Clop Conti DarkSide DoppelPaymer Mespinoza Nefilim REvil

2021-04-25 ⋅ Nightwatch Cybersecurity ⋅ Nightwatch Cybersecurity
Supply Chain Attacks via GitHub.com Releases

2021-04-24 ⋅ xorl %eax, %eax ⋅ Anastasios Pingios
North Korea (DPRK) Cyber Operations Groups

2021-04-24 ⋅ Bleeping Computer ⋅ Ax Sharma
HashiCorp is the latest victim of Codecov supply-chain attack

2021-04-24 ⋅ fumik0 blog ⋅ fumko
Anatomy of a simple and popular packer