Malpedia Library

Click here to download all references as Bib-File.•

2021-12-14 ⋅ Kaspersky Labs ⋅ Paul Rascagnères, Pierre Delcher
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa

2021-12-13 ⋅ RiskIQ ⋅ Jordan Herman
RiskIQ: Connections between Nanocore, Netwire, and AsyncRAT and Vjw0rm dynamic DNS C2 infrastructure
AsyncRAT Nanocore RAT NetWire RC Vjw0rm

2021-12-13 ⋅ Cado Security ⋅ Cado Security
Analysis of Initial In The Wild Attacks Exploiting Log4Shell/Log4J/CVE-2021-44228
Kinsing Mirai Tsunami

2021-12-13 ⋅ Mandiant ⋅ Alyssa Rahman
Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits

2021-12-13 ⋅ Trend Micro ⋅ Abdelrhman Sharshar, Jay Yaneza, Sherif Magdy
A Look Into Purple Fox’s Server Infrastructure
PurpleFox

2021-12-13 ⋅ The DFIR Report ⋅ The DFIR Report
Diavol Ransomware
BazarBackdoor Conti Diavol

2021-12-13 ⋅ Zscaler ⋅ Avinash Kumar, Dennis Schwarz
Return of Emotet: Malware Analysis
Emotet

2021-12-12 ⋅ Cyber And Ramen blog ⋅ Mike R
More Flagpro, More Problems
Flagpro

2021-12-12 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
Log4Shell: Reconnaissance and post exploitation network detection

2021-12-12 ⋅ Sophos ⋅ Sean Gallagher
Log4Shell Hell: anatomy of an exploit outbreak

2021-12-11 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Khonsari NightSky BRONZE STARLIGHT

2021-12-11 ⋅ Twitter (@vxunderground) ⋅ VX-Underground
Tweet on Gomorrah panel source code leak
Gomorrah stealer

2021-12-11 ⋅ Symantec ⋅ Threat Hunter Team
Apache Log4j Zero-Day Being Exploited in the Wild
Kaiten

2021-12-11 ⋅ YouTube (AGDC Services) ⋅ AGDC Services
How To Extract & Decrypt Qbot Configs Across Variants
QakBot

2021-12-10 ⋅ Dissecting Malware ⋅ Marius Genheimer
BlackCatConf - Static Configuration Extractor for BlackCat Ransomware
BlackCat

2021-12-10 ⋅ Medium s2wlab ⋅ S2W TALON
BlackCat: New Rust based ransomware borrowing BlackMatter’s configuration
BlackCat BlackMatter

2021-12-10 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team
Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)

2021-12-10 ⋅ Trend Micro ⋅ Don Ovid Ladores
New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

2021-12-10 ⋅ Mississippi State University ⋅ DeMarcus M. Thomas Sr.
Detecting malware in memory with memory object relationships

2021-12-10 ⋅ Accenture ⋅ Accenture
Karakurt rises from its lair
Cobalt Strike Karakurt