Malpedia Library

Click here to download all references as Bib-File.•

2022-05-12 ⋅ Lacework Labs ⋅ Chris Hall, Jared Stroud
Malware targeting latest F5 vulnerability
Mirai

2022-05-12 ⋅ Netskope ⋅ Gustavo Palazolo
RedLine Stealer Campaign Using Binance Mystery Box Videos to Spread GitHub-Hosted Payload
RedLine Stealer

2022-05-12 ⋅ Medium s2wlab ⋅ Jiho Kim
The History of BlackGuard Stealer
BlackGuard

2022-05-12 ⋅ Uptycs ⋅ Uptycs Threat Research
KurayStealer: A Bandit Using Discord Webhooks

2022-05-12 ⋅ Cisco ⋅ María José Erquiaga, Onur Mustafa Erdogan
Network Footprints of Gamaredon Group
Pteranodon

2022-05-12 ⋅ Palo Alto Networks Unit 42 ⋅ Tyler Halfpop
Harmful Help: Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla
Agent Tesla

2022-05-12 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure
INDUSTROYER2

2022-05-12 ⋅ OALabs ⋅ Sergei Frankoff
Taking a look at Bumblebee loader
BumbleBee

2022-05-12 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
COBALT MIRAGE Conducts Ransomware Operations in U.S.
CobaltMirage FRP APT35

2022-05-12 ⋅ Intel 471 ⋅ Intel 471
What malware to look for if you want to prevent a ransomware attack
Conti BumbleBee Cobalt Strike IcedID Sliver

2022-05-12 ⋅ Red Canary ⋅ Lauren Podber, Tony Lambert
The Goot cause: Detecting Gootloader and its follow-on activity
GootLoader Cobalt Strike

2022-05-12 ⋅ Red Canary ⋅ Lauren Podber, Tony Lambert
Gootloader and Cobalt Strike malware analysis
GootLoader Cobalt Strike

2022-05-11 ⋅ TEAMT5 ⋅ Charles Li, Che Chang
To loot or Not to Loot? That Is Not a Question - When State-Nexus APT Targets Online Entertainment Industry
APT27 BRONZE STARLIGHT SLIME29 TianWu

2022-05-11 ⋅ The Hacker News ⋅ Ravie Lakshmaman
Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia

2022-05-11 ⋅ ExaTrack ⋅ Tristan Pourcelot
Tricephalic Hellkeeper: a tale of a passive backdoor
BPFDoor Bvp47 Uroburos

2022-05-11 ⋅ NTT Security Holdings ⋅ NTT Security Holdings
Analysis of an Iranian APTs “E400” PowGoop Variant Reveals Dozens of Control Servers Dating Back to 2020
PowGoop

2022-05-11 ⋅ Fortinet ⋅ Fred Gutierrez
Please Confirm You Received Our APT
Saitama Backdoor

2022-05-11 ⋅ Kaspersky ⋅ GReAT
New ransomware trends in 2022
BlackCat Conti DEADBOLT DoubleZero LockBit PartyTicket StealBit

2022-05-11 ⋅ IronNet ⋅ Blake Cahen, IronNet Threat Research
Detecting a MUMMY SPIDER campaign and Emotet infection
Emotet

2022-05-11 ⋅ SANS ISC ⋅ Brad Duncan
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware
BumbleBee