Malpedia Library

Click here to download all references as Bib-File.•

2017-12-07 ⋅ FireEye ⋅ Jacqueline O’Leary, Manish Sardiwal, Nalani Fraser, Nick Richard, Vincent Cannon, Yogesh Londhe
New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit
OilRig

2017-12-05 ⋅ ClearSky Research Team
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets
DownPaper

2017-12-04 ⋅ RSA ⋅ Jack Wesley Riley
The Shadows of Ghosts Inside the response of a unique Carbanak intrusion
GOTROJ MimiKatz

2017-12-04 ⋅ ⋅ Macnica ⋅ Macnica
New method of macro malware disguised as defense-related files
RedLeaves

2017-12-03 ⋅ Karsten Hahn
Malware Analysis - ROKRAT Unpacking from Injected Shellcode

2017-11-28 ⋅ RiskIQ ⋅ Yonathan Klijnsma
Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions
Cobalt

2017-11-28 ⋅ FireEye ⋅ Abhay Vaish, Sandor Nemes
Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection
ISFB

2017-11-28 ⋅ SentinelOne ⋅ Arnaud Abbati
OSX.CPUMEANER: New Cryptocurrency Mining Trojan Targets MacOS
CpuMeaner

2017-11-27 ⋅ Blacklake ⋅ Brian Krebs
WHO WAS THE NSA CONTRACTOR ARRESTED FOR LEAKING THE ‘SHADOW BROKERS’ HACKING TOOLS?
The Shadow Brokers

2017-11-24 ⋅ Bleeping Computer ⋅ Catalin Cimpanu
Mirai Activity Picks up Once More After Publication of PoC Exploit Code
Mirai

2017-11-22 ⋅ Flashpoint ⋅ Vitali Kremez
Trickbot Gang Evolves, Incorporates Account Checking Into Hybrid Attack Model
TrickBot

2017-11-21 ⋅ Vitali Kremez
Let's Learn: Trickbot Socks5 Backconnect Module In Detail
TrickBot

2017-11-20 ⋅ Trend Micro ⋅ Fyodor Yarochkin, Lenart Bermejo, Ronnie Giagone
Cobalt Strikes Again: Spam Runs Use Macros and CVE-2017-8759 Exploit Against Russian Banks
More_eggs Cobalt

2017-11-19 ⋅ Arab News ⋅ ELISE KNUTSEN
Iranian agents blackmailed BBC reporter with ‘naked photo’ threats
Charming Kitten

2017-11-16 ⋅ Github (mdsecactivebreach) ⋅ Vincent Yiu
CACTUSTORCH: Payload Generation for Adversary Simulations
CACTUSTORCH

2017-11-15 ⋅ Trend Micro ⋅ Rubio Wu
New EMOTET Hijacks a Windows API, Evades Sandbox and Analysis
Emotet

2017-11-14 ⋅ Palo Alto Networks Unit 42 ⋅ Tom Lancaster
Muddying the Water: Targeted Attacks in the Middle East
POWERSTATS MuddyWater

2017-11-12 ⋅ Vitali Kremez Blog ⋅ Vitali Kremez
Let's Learn: Dissecting Golroted Trojan's Process Hollowing Technique & UAC Bypass in HKCU\Environment
Golroted

2017-11-09 ⋅ Wired ⋅ Andy Greenberg
He Perfected a Password-Hacking Tool—Then the Russians Came Calling
MimiKatz

2017-11-08 ⋅ Reaqta ⋅ Reaqta
A short journey into DarkVNC attack chain
DarkVNC