Malpedia Library

Click here to download all references as Bib-File.•

2023-06-15 ⋅ Google ⋅ Alyssa Glickman, Austin Larsen, Fernando Tomlinson, Jakub Jozwiak, John Palmisano, John Wolfram, Josh Villanueva, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY WHIRLPOOL UNC4841

2023-06-15 ⋅ Mandiant ⋅ Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841

2023-06-14 ⋅ CISA ⋅ ANSSI, Australian Cyber Security Centre (ACSC), Bundesamt für Sicherheit in der Informationstechnik (BSI), Canadian Centre for Cyber Security (CCCS), CERT NZ, FBI, MS-ISAC, NCSC UK, New Zealand National Cyber Security Centre (NZ NCSC)
Understanding Ransomware Threat Actors: Lockbit
LockBit

2023-06-02 ⋅ Mandiant ⋅ DAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft

2023-05-24 ⋅ CISA ⋅ CISA
AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

2023-05-09 ⋅ CISA ⋅ CISA
Hunting Russian Intelligence “Snake” Malware
Agent.BTZ Cobra Carbon System Uroburos

2023-04-18 ⋅ NCSC UK ⋅ CISA, FBI, NCSC UK, NSA
APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers

2023-03-30 ⋅ United States District Court (Eastern District of New York) ⋅ Fortra, HEALTH-ISAC, Microsoft
Cracked Cobalt Strike (1:23-cv-02447)
Black Basta BlackCat LockBit RagnarLocker LockBit Black Basta BlackCat Cobalt Strike Cuba Emotet LockBit Mount Locker PLAY QakBot RagnarLocker Royal Ransom Zloader

2023-03-09 ⋅ VulnCheck ⋅ Jacob Baines
The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries

2023-03-02 ⋅ CISA ⋅ CISA
#StopRansomware: Royal Ransomware
Royal Ransom Royal Ransom

2023-02-15 ⋅ CERT-EU ⋅ CERT-EU, ENISA
JP-23-01 - Sustained activity by specific threat actors

2023-02-09 ⋅ CISA ⋅ CISA
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Maui Ransomware SiennaBlue SiennaPurple Storm-0530

2023-02-09 ⋅ CISA, DSA, FBI, HHS, NSA, ROK
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot

2023-01-24 ⋅ DailySecU ⋅ Gil Min-kwon
[Urgent] A Chinese hacker organization that declared hacking war on Korea..."KISA will hack" notice

2023-01-19 ⋅ Emerging Threats ⋅ Isaac O'Shaughnessy
Vidar Stealer Picks Up Steam!
Vidar

2022-12-18 ⋅ ZAYOTEM ⋅ Meryem Ahıskalı, Nisanur Çıldız, Ömer Faruk Kayıkcı
Mars Stealer Technical Analysis Report
Mars Stealer

2022-12-05 ⋅ ⋅ KISA ⋅ KrCERT
TTPs#9: Analyzing the attack strategy monitoring the daily life of individuals
Chinotto

2022-12-01 ⋅ CISA ⋅ CISA
#StopRansomware: Cuba Ransomware
Cuba

2022-11-21 ⋅ Risky.biz ⋅ Catalin Cimpanu
Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor
Cyber Partisans

2022-10-21 ⋅ CISA ⋅ FBI, HHS, US-CERT
Alert (AA22-294A) #StopRansomware: Daixin Team