Malpedia Library

Click here to download all references as Bib-File.•

2022-03-10 ⋅ Twitter (@Katechondic) ⋅ Katechondic
Tweet on additional computer names "desktop-g1i8n3f" & "desktop-j6llo2k", seen with Crimson RAT C2 infrastructure used by APT36
Crimson RAT

2022-03-10 ⋅ Twitter (@teamcymru_S2) ⋅ Team Cymru
Tweet on Crimson RAT infrastructure used by APT36
Crimson RAT

2022-03-10 ⋅ Check Point Research
Leaks of Conti Ransomware Group Paint Picture of a Surprisingly Normal Tech Start-Up… Sort Of
Conti

2022-03-10 ⋅ Cisco Talos ⋅ Chris Neal
WEDNESDAY, MARCH 9, 2022 Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools

2022-03-10 ⋅ TechRepublic ⋅ Brian Stone
MuddyWater targets Middle Eastern and Asian countries in phishing attacks
STARWHALE

2022-03-10 ⋅ Bleeping Computer ⋅ Bill Toulas
Corporate website contact forms used to spread BazarBackdoor malware
BazarBackdoor

2022-03-10 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Diavol the Enigma of Ransomware
Diavol

2022-03-10 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
STARWHALE

2022-03-09 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Exploitation of VMware Horizon Servers by TunnelVision Threat Actor
Drokbk

2022-03-09 ⋅ Twitter (@struppigel) ⋅ Karsten Hahn
Tweets detailing NominatusToxicBattery
NominatusToxicBattery

2022-03-09 ⋅ Abnormal ⋅ Belem Regalado, Rachelle Chouinard
BazarLoader Actors Initiate Contact via Website Contact Forms
BazarBackdoor

2022-03-09 ⋅ Medium Invictus Incident Response ⋅ Invictus Incident Response
Set up Splunk for Incident Response in GCP in 15 minutes..

2022-03-09 ⋅ BreachQuest ⋅ Bernard Silvestrini, Marco Figueroa, Napoleon Bing
The Conti Leaks | Insight into a Ransomware Unicorn
Cobalt Strike MimiKatz TrickBot

2022-03-09 ⋅ Avast ⋅ Vladimir Martyanov
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon

2022-03-09 ⋅ Symantec ⋅ Threat Hunter Team
Daxin Backdoor: In-Depth Analysis, Part Two
Daxin

2022-03-09 ⋅ Twitter (@silascutler) ⋅ Silas Cutler
Tweet on HermeticWizard's self-spreading mechanism
HermeticWizard

2022-03-09 ⋅ nikpx ⋅ xors
BokBot Technical Analysis
IcedID

2022-03-09 ⋅ Department of Justice ⋅ Office of Public Affairs
Sodinokibi/REvil Ransomware Defendant Extradited to United States and Arraigned in Texas
REvil

2022-03-09 ⋅ Bleeping Computer ⋅ Bill Toulas
Hackers fork open-source reverse tunneling tool for persistence
lsassDumper Sockbot

2022-03-09 ⋅ Security Joes ⋅ Felipe Duarte, Ido Naor
Sockbot in GoLand
lsassDumper Sockbot