Malpedia Library

Click here to download all references as Bib-File.•

2025-02-11 ⋅ Github (SecurityBlueTeam) ⋅ Security Blue Team
Smartloader Wireshark plugin
SmartLoader

2025-02-02 ⋅ Team82 ⋅ Team82
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
CMS8000 Backdoor

2025-01-31 ⋅ ConnectWise ⋅ Blake Eakin
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks
Black Basta Black Basta ReedBed

2025-01-29 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret

2025-01-27 ⋅ SecurityScorecard ⋅ STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign

2025-01-25 ⋅ Sophos ⋅ Anthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393

2025-01-23 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Helldown Ransomware Malware Analysis Report
HellDown

2025-01-21 ⋅ Knownsec ⋅ Knownsec 404 Team
Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia
GamaCopy

2025-01-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet about affiliates of DarkScorpius using Social Engineering via MS Teams
UNC4393

2025-01-13 ⋅ Halcyon ⋅ Halcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger

2025-01-08 ⋅ ThreatMon ⋅ Alp Cihangir Aslan, Aziz Kaplan, Ozan Ünal, ThreatMon, ThreatMon Malware Research Team
Akira Ransomware Group & Malware Analysis Report
Akira

2024-12-20 ⋅ Team Cymru ⋅ Lewis Henderson
Jingle Shells: How Virtual Offices Enable a Facade of Legitimacy

2024-12-18 ⋅ KELA ⋅ KELA’s Research Team
Three Months After the Storm: Did Cybercriminals Move to Telegram Alternatives?

2024-12-17 ⋅ Trend Micro ⋅ Feike Hacquebord, Stephen Hilt
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

2024-12-16 ⋅ Zscaler ⋅ ThreatLabZ research team
Technical Analysis of RiseLoader
RiseLoader

2024-12-12 ⋅ Spamhaus ⋅ Spamhaus Team
PEC “invoice scam” - Stealing time, money, and trust from businesses
MintsLoader

2024-12-12 ⋅ XLab ⋅ XLab Team
Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals
Winnti Glutton

2024-12-10 ⋅ Zscaler ⋅ ThreatLabZ research team
Inside Zloader’s Latest Trick: DNS Tunneling
GhostSocks Zloader

2024-12-03 ⋅ Hunt.io ⋅ Hunt.io
Rare Watermark Links Cobalt Strike 4.10 Team Servers to Ongoing Suspicious Activity
Cobalt Strike

2024-11-20 ⋅ Natto Thoughts ⋅ Natto Team
Salt Typhoon: Churning Up a Storm of Consternation