Malpedia Library

Click here to download all references as Bib-File.•

2022-03-21 ⋅ Proofpoint ⋅ Andrew Northern, Bryan Campbell, Selena Larson, Zachary Abzug
Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain
Serpent

2022-03-21 ⋅ The DFIR Report ⋅ The DFIR Report
APT35 Automates Initial Access Using ProxyShell

2022-03-21 ⋅ Azure DevOps (Mastadamus) ⋅ Mastadamus
Anatomy of An Mirai Botnet Attack
Mirai

2022-03-19 ⋅ vsquare ⋅ Anna Gielewska, Julia Dauksza, Konrad Szczygieł
Behind the hack-and-leak scandal in Poland (UNC1151)

2022-03-19 ⋅ Chuongdong blog ⋅ Chuong Dong
LockBit Ransomware v2.0
LockBit

2022-03-19 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New Phishing toolkit lets anyone create fake Chrome browser windows

2022-03-18 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Analysis of Leaked Conti Intrusion Procedures by eSentire’s Threat Response Unit (TRU)
Conti Conti

2022-03-18 ⋅ Trend Micro ⋅ Trend Micro Research
Ransomware Spotlight: Hive
Hive Hive

2022-03-18 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Double header: IsaacWiper and CaddyWiper
CaddyWiper IsaacWiper

2022-03-18 ⋅ Avast ⋅ Martin Hron
Mēris and TrickBot standing on the shoulders of giants
Glupteba Proxy Glupteba TrickBot

2022-03-18 ⋅ Vice Motherboard ⋅ Joseph Cox
Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers
PeaceNotWar

2022-03-18 ⋅ The Register ⋅ Jessica Lyons Hardcastle
Cyclops Blink malware sets up shop in ASUS routers
CyclopsBlink

2022-03-18 ⋅ RiskIQ ⋅ Jennifer Grob, RiskIQ
RiskIQ: Fraudulent Website Attempts to Collect Donations in Support of Ukraine Humanitarian Fund (UHF)

2022-03-18 ⋅ Recorded Future ⋅ Insikt Group®
Ghostwriter in the Shell: Expanding on Mandiant’s Attribution of UNC1151 to Belarus

2022-03-17 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0020 (Vermin) cyberattack on Ukrainian state organizations using the SPECTR malware (CERT-UA#4207)

2022-03-17 ⋅ Google ⋅ Benoit Sevens, Vladislav Stolyarov
Exposing initial access broker with ties to Conti
BazarBackdoor BumbleBee Conti EXOTIC LILY

2022-03-17 ⋅ CISA ⋅ US-CERT
Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers

2022-03-17 ⋅ IC3 ⋅ FBI, FINCEN, U.S. Department of the Treasury
Indicators of Compromise Associated with AvosLocker Ransomware
Avoslocker AvosLocker

2022-03-17 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Rook ransomware analysis
Rook

2022-03-17 ⋅ Digital Shadows ⋅ Photon Research Team
Meet Lapsus$: An Unusual Group in the Cyber Extortion Business