Malpedia Library

Click here to download all references as Bib-File.•

2021-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Mike Harbison
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX

2021-07-27 ⋅ The Record ⋅ Catalin Cimpanu
BlackMatter ransomware targets companies with revenue of $100 million and more

2021-07-27 ⋅ Recorded Future ⋅ Insikt Group®
BlackMatter Ransomware Emerges As Successor to DarkSide, REvil
DarkSide LockBit REvil

2021-07-27 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
UC San Diego Health discloses data breach after phishing attack

2021-07-27 ⋅ Bleeping Computer ⋅ Lawrence Abrams
LockBit ransomware now encrypts Windows domains using group policies
Egregor LockBit

2021-07-27 ⋅ Check Point ⋅ Alexey Bukhteyev, Raman Ladutska
Time-proven tricks in a new environment: the macOS evolution of Formbook
Xloader

2021-07-27 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Summary of Kimsuky's secret stealing activities in the first half of 2021

2021-07-27 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages
elf.wellmess ElectroRAT BazarNimrod Buer Cobalt Strike Remcos Snake TeleBot WellMess Zebrocy

2021-07-27 ⋅ Skynews ⋅ Deborah Haynes
Iran's Secret Cyber Files

2021-07-27 ⋅ SYGNIA ⋅ Amitai Ben Shushan Ehrlich, Amnon Kushnir, Arie Zilberstein, Asaf Eitani, Gil Biton, Itay Shohat, Martin Korman, Noam Lifshitz, Sygnia Incident Response Team
TG1021: "Praying Mantis" Dissecting an Advanced Memory-Resident Attack

2021-07-26 ⋅ CheckMal ⋅ CheckMal
WhiteBlackGroup Ransomware (.encrpt3d)
WhiteBlackCrypt

2021-07-26 ⋅ Fortninet ⋅ Fred Gutierrez, Shunichi Imano
Wiper Malware Riding the 2021 Tokyo Olympic Games
VIGILANT CLEANER

2021-07-26 ⋅ The Wire ⋅ Kabir Agarwal, Sangeeta Barooah Pisharoty
From Army and BSF to RAW, Spyware Threat Touched National Security Field Too
Chrysaor

2021-07-26 ⋅ vmware ⋅ Pavankumar Chaudhari, Quentin Fois
Hunting IcedID and unpacking automation with Qiling
IcedID

2021-07-26 ⋅ SentinelOne ⋅ Phil Stokes
Detecting XLoader | A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger
Xloader

2021-07-25 ⋅ Medium svch0st ⋅ svch0st
Guide to Named Pipes and Hunting for Cobalt Strike Pipes
Cobalt Strike

2021-07-25 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Analysis of Malware from Kaseya/Revil Supply Chain attack.
REvil

2021-07-25 ⋅ Max Kersten's Blog ⋅ Max Kersten
Ghidra script to decrypt a string array in XOR DDoS
XOR DDoS

2021-07-25 ⋅ Arkadiy Tetelman A Security Blog ⋅ Arkadiy Tetelman
Scanning your iPhone for Pegasus, NSO Group's malware
Chrysaor

2021-07-24 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro
Metamorfo