Malpedia Library

Click here to download all references as Bib-File.•

2023-09-06 ⋅ Microsoft ⋅ Microsoft Security Response Center (MSRC)
Results of Major Technical Investigations for Storm-0558 Key Acquisition

2023-09-05 ⋅ ⋅ AhnLab ⋅ Sanseo
BlueShell malware used in APT attacks targeting Korea and Thailand
BlueShell SparkRAT

2023-09-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)

2023-09-04 ⋅ Baltic News Network ⋅ , BNN
Cert.lv: activist groups supported by Russia perform cyber attacks on Latvian state institutions

2023-09-01 ⋅ Microsoft ⋅ Microsoft Threat Analysis Center (MTAC)
Russia’s influence networks in Sahel activated after coups

2023-09-01 ⋅ ⋅ AhnLab ⋅ Ye Eun
Malicious LNK that distributes backdoors: RedEyes (ScarCruft)

2023-08-31 ⋅ DataBreaches.net ⋅ Dissent
One month later, Ranhill still hasn’t fully recovered from cyberattack
Desorden Group

2023-08-31 ⋅ AhnLab ⋅ Sanseo
Analysis of Andariel’s New Attack Activities
Andardoor BlackRemote Tiger RAT Volgmer

2023-08-30 ⋅ Forbes ⋅ Thomas Brewster
A Fake Signal App Was Planted On Google Play By China-Linked Hackers

2023-08-30 ⋅ NSFOCUS ⋅ NSFOCUS
APT34 Unleashes New Wave of Phishing Attack with Variant of SideTwist Trojan
SideTwist

2023-08-29 ⋅ Mandiant ⋅ Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Michael Raggi
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
GhostEmperor

2023-08-29 ⋅ KrebsOnSecurity ⋅ Brian Krebs
U.S. Hacks QakBot, Quietly Removes Botnet Infections
QakBot

2023-08-28 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities

2023-08-28 ⋅ National Coordination Center for Cyber Security
Gamaredon Activity amid Ukraine's Counteroffensive
Pteranodon

2023-08-28 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.

2023-08-28 ⋅ Juniper ⋅ Paul Kimayong
DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability
DreamBus

2023-08-26 ⋅ BushidoToken Blog ⋅ BushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY

2023-08-25 ⋅ Github (telekom-security) ⋅ Fabian Marquardt
DarkGate configuration extractor
DarkGate

2023-08-25 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
Warzone RAT configuration extractor
Ave Maria

2023-08-24 ⋅ ⋅ CYBERWISE ⋅ Ali Rıza Şahinkaya, Sevcan Kazdağ
“Proxy” Based Phishing Attacks Are on the Rise Again