Malpedia Library

Click here to download all references as Bib-File.•

2022-04-18 ⋅ National Intelligence University ⋅ Kevin P. Riehle
Russian Intelligence: A Case-based Study of Russian Services and Missions Past and Present

2022-04-18 ⋅ InQuest ⋅ Dmitry Melikov
Nobelium - Israeli Embassy Maldoc

2022-04-18 ⋅ Bitdefender ⋅ Mihai Neagu
RedLine Stealer Analysis
RedLine Stealer

2022-04-18 ⋅ CISA ⋅ CISA, FBI, U.S. Department of the Treasury
Alert (AA22-108A): TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot

2022-04-18 ⋅ Kaspersky ⋅ AMR
How to recover files encrypted by Yanlouwang
Yanluowang

2022-04-18 ⋅ vanmieghem ⋅ Vincent Van Mieghem
A blueprint for evading industry leading endpoint protection in 2022
Cobalt Strike

2022-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, Elies Campo, Gözde Böcü, John Scott-Railton, Ron Deibert, Salvatore Solimano, Siena Anstis
CatalanGate Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
Chrysaor Caramel Tsunami

2022-04-18 ⋅ Fortinet ⋅ Erin Lin
Trends in the Recent Emotet Maldoc Outbreak
Emotet

2022-04-18 ⋅ Cyble
Under The Lens: Eagle Monitor RAT - Upgraded Version Of RAT With New TTPs
EagleMonitorRAT

2022-04-18 ⋅ Trellix ⋅ Alexandre Mundo, Jambul Tologonov, Marc Elias
Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Conti

2022-04-18 ⋅ Trend Micro ⋅ Leandro Froes, Lucas Silva
An Investigation of the BlackCat Ransomware via Trend Micro Vision One
BlackCat

2022-04-18 ⋅ RiskIQ ⋅ Jennifer Grob
RiskIQ: Trickbot Rickroll
TrickBot

2022-04-18 ⋅ CISA ⋅ CISA, FBI, U.S. Department of the Treasury
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies (PDF)
FastCash Bankshot

2022-04-18 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Free decryptor released for Yanluowang ransomware victims
Yanluowang

2022-04-18 ⋅ SentinelOne ⋅ James Haughom
From the Front Lines | Peering into A PYSA Ransomware Attack
Chisel Chisel Cobalt Strike Mespinoza

2022-04-18 ⋅ Nozomi Networks ⋅ Nozomi Networks Labs
New BotenaGo Variant Discovered by Nozomi Networks Labs
BotenaGo

2022-04-18 ⋅ Bleeping Computer ⋅ Bill Toulas
Unofficial Windows 11 upgrade installs info-stealing malware

2022-04-18 ⋅ ⋅ ASEC ⋅ ASEC Analysis Team
A new type of malware from the Lazarus attack group that exploits the INITECH process.

2022-04-17 ⋅ Malwarology ⋅ Gaetano Pellegrino
Qakbot Series: API Hashing
QakBot

2022-04-17 ⋅ Malcat ⋅ malcat team
Reversing a NSIS dropper using quick and dirty shellcode emulation
Loki Password Stealer (PWS)