Malpedia Library

Click here to download all references as Bib-File.•

2025-02-13 ⋅ Recorded Future ⋅ Insikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor

2025-02-12 ⋅ The Hacker News ⋅ Ravie Lakshmanan
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

2025-01-28 ⋅ Group-IB ⋅ Nikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx

2025-01-22 ⋅ ESET Research ⋅ Facundo Muñoz
PlushDaemon compromises supply chain of Korean VPN service
SlowStepper PlushDaemon

2025-01-13 ⋅ Halcyon ⋅ Halcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger

2024-12-19 ⋅ Bleeping Computer ⋅ Bill Toulas
BadBox malware botnet infects 192,000 Android devices despite disruption
BADBOX

2024-12-13 ⋅ Bleeping Computer ⋅ Bill Toulas
Germany blocks BadBox malware loaded on 30,000 Android devices
BADBOX

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-05 ⋅ Recorded Future ⋅ Insikt Group
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

2024-11-18 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
Ngioweb

2024-11-18 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
Ngioweb Water Barghest

2024-11-18 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Inside Water Barghests Rapid Exploit-to-Market Strategy for IoT Devices
Ngioweb

2024-11-07 ⋅ ESET Research ⋅ ESET Research
APT Activity Report: Abusing Cloud Services and VPN Platforms in the Pursuit of New Prey
FrostyNeighbor

2024-10-28 ⋅ ESET Research ⋅ Anh ho
CloudScout: Evasive Panda scouting cloud services
CloudScout MgBot Nightdoor

2024-10-24 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Accounts in service UAC-0218: file theft using HOMESTEEL (CERT-UA#11717)
HOMESTEEL UAC-0215

2024-09-18 ⋅ ASD, CNMF, CSE Canada, FBI, GCSB, NCSC UK, NSA
People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations
Nosedive

2024-09-10 ⋅ Talos Intelligence ⋅ Joey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank

2024-08-24 ⋅ YouTube (Black Hat) ⋅ Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices (Video)
SEASPY UNC4841

2024-08-07 ⋅ Symantec ⋅ Threat Hunter Team
Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
GoGra Grager MOONTAG Ondritols TONERJAM

2024-07-26 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0102 Phishing Attack Detection: Hackers Steal Authentication Data Impersonating the UKR.NET Web Service
UAC-0102