Malpedia Library

2019-04-24 ⋅ SpecterOps ⋅ Richie Cyrus
Introducing Venator: A macOS tool for proactive detection
AppleJeus WindTail

2019-04-24 ⋅ FireEye ⋅ James T. Bennett, Michael Bailey
CARBANAK Week Part Three: Behind the CARBANAK Backdoor
Carbanak

2019-04-23 ⋅ Kaspersky Labs ⋅ AMR, GReAT
Operation ShadowHammer: a high-profile supply chain attack
shadowhammer ShadowPad

2019-04-22 ⋅ SANS ⋅ Mike Downey
Unpacking & Decrypting FlawedAmmyy
FlawedAmmyy

2019-04-22 ⋅ Twitter (@killamjr) ⋅ Suspicious Link
Tweet on DADSTACHE payload
DADSTACHE

2019-04-19 ⋅ Medium ⋅ x0rz
Hacking (Back) and Influence Operations
BONDUPDATER

2019-04-17 ⋅ Cisco Talos ⋅ Danny Adamitis, David Maynor, Matthew Olney, Paul Rascagnères, Warren Mercer
DNS Hijacking Abuses Trust In Core Internet Service
Sea Turtle

2019-04-17 ⋅ Twitter (JohnLaTwC) ⋅ John Lambert
Tweet on an unidentified VBS Backdoor
Unidentified VBS 001

2019-04-16 ⋅ Youtube (Norsk Hydro) ⋅ Norsk Hydro
The cyber attack rescue operation in Hydro Toulouse
LockerGoga

2019-04-15 ⋅ Trend Micro ⋅ Gilbert Sison, Ryan Maglaque
Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
FriedEx

2019-04-15 ⋅ ClearSky ⋅ ClearSky Research Team
Iranian APT MuddyWater Attack Infrastructure Targeting Kurdish Political Groups and Organizations in Turkey
POWERSTATS MuddyWater

2019-04-15 ⋅ ZDNet ⋅ Catalin Cimpanu
A hacker has dumped nearly one billion user records over the past two months
Gnosticplayers

2019-04-10 ⋅ Microsoft ⋅ Microsoft
Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability

2019-04-10 ⋅ Check Point ⋅ Check Point Research
The Muddy Waters of APT Attacks
POWERSTATS

2019-04-09 ⋅ ESET Research ⋅ Romain Dumont
OceanLotus: macOS malware update
OceanLotus

2019-04-08 ⋅ Palo Alto Networks Unit 42 ⋅ Ruchna Nigam
Mirai Compiled for New Processors Surfaces in the Wild
Mirai

2019-04-06 ⋅ Youtube (hasherezade) ⋅ hasherezade
Unpacking ISFB (including the custom 'PX' format)
ISFB

2019-04-05 ⋅ FireEye ⋅ Alex Pennino, Andrew Thompson, Ben Fedore, Brendan McKeague, Douglas Bienstock, Geoff Ackerman, Van Ta
Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware
LockerGoga Ryuk FIN6

2019-04-04 ⋅ Deutsche Welle ⋅ Deutsche Welle
Bayer points finger at Wicked Panda in cyberattack
APT41

2019-04-04 ⋅ SecurityIntelligence ⋅ Limor Kessem, Nir Somech
IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth
IcedID