Malpedia Library

Click here to download all references as Bib-File.•

2021-07-16 ⋅ Twitter (@alex_lanstein) ⋅ Alex Lanstein
Tweet on attacks from UNC2652/NOBELIUM

2021-07-16 ⋅ Twitter (@MBThreatIntel) ⋅ Malwarebytes Threat Intelligence
Tweet on Magecart skimmer using steganography
magecart

2021-07-16 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
APT-C-61 attacks against South Asia

2021-07-15 ⋅ BrightTALK ⋅ Ariel Jungheit, Kaspersky, Mathieu Gaucheler, Vicente Diaz
Visual investigations - Speed up your IR, Forensic Analysis and Hunting
Tiger RAT

2021-07-15 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Linux version of HelloKitty ransomware targets VMware ESXi servers
HelloKitty

2021-07-15 ⋅ Kryptos Logic ⋅ Kryptos Logic Vantage Team
Adjusting the Anchor
Anchor

2021-07-15 ⋅ Twitter (@AffableKraut) ⋅ Eric Brandel
Tweet on another digital skimmer/magecart script from the "q-logger" threat actor
magecart

2021-07-15 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on FreeBSD targeted with Golang backdoor

2021-07-15 ⋅ ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
APT attack (by Kimsuky) attempt on a specific person using a word document

2021-07-15 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Fast API resolving of REvil Ransomware related to Kaseya attack
REvil

2021-07-15 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Ron Deibert
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot

2021-07-15 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Quinn Cooke, Robert Falcone
Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools
Gasket Mespinoza

2021-07-15 ⋅ Recorded Future ⋅ Insikt Group®
Threats to the 2020 Tokyo Olympic Games

2021-07-15 ⋅ Facebook ⋅ David Agranovich, Mike Dvilyanski
Taking Action Against Hackers in Iran
Liderc SysKit

2021-07-14 ⋅ Google ⋅ Clement Lecigne, Google Threat Analysis Group, Maddie Stone
How We Protect Users From 0-Day Attacks (CVE-2021-21166, CVE-2021-30551, CVE-2021-33742, CVE-2021-1879)
Cobalt Strike

2021-07-14 ⋅ Bleeping Computer ⋅ Ionut Ilascu
BazarBackdoor sneaks in through nested RAR and ZIP archives
BazarBackdoor

2021-07-14 ⋅ Cerium Networks ⋅ Blumira
Threat of the Month: IcedID Malware
IcedID

2021-07-14 ⋅ RiskIQ ⋅ Jordan Herman
Bulletproof Hosting Services: Investigating Media Land LLC, Part 2

2021-07-14 ⋅ Bitdefender ⋅ Bitdefender
How We Tracked a Threat Group Running an Active Cryptojacking Campaign

2021-07-14 ⋅ Intezer ⋅ Avigayil Mechtinger
Targeted Phishing Attack against Ukrainian Government Expands to Georgia
Unidentified 083 (AutoIT Stealer)