Malpedia Library

2022-05-08 ⋅ IronNet ⋅ Brent Eskridge, Joey Fitzpatrick, Michael Leardi
Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine
Cobalt Strike

2022-05-02 ⋅ Sentinel LABS ⋅ Amitai Ben Shushan Ehrlich, Joey Chen
Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
PlugX ShadowPad Moshen Dragon

2022-04-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Industroyer2 in Perspective
INDUSTROYER2

2022-04-08 ⋅ Secure Robotics ⋅ Joel Yonts
Securing Chatbot Technology - Part1: Chatbot Weaponization And ChatRATS

2022-03-09 ⋅ Security Joes ⋅ Felipe Duarte, Ido Naor
Sockbot in GoLand
lsassDumper Sockbot

2022-03-07 ⋅ Elastic ⋅ Andrew Pease, Cyril François, Daniel Stepanic, Derek Ditch, Github (@1337-42), Joe Desimone, Samir Bousseaden
PHOREAL Malware Targets the Southeast Asian Financial Sector
PHOREAL

2022-02-25 ⋅ CyberScoop ⋅ Joe Warminsky
TrickBot malware suddenly got quiet, researchers say, but it's hardly the end for its operators
BazarBackdoor Emotet TrickBot

2022-02-18 ⋅ Reuters ⋅ Christopher Bing, Joel Schectman
How a Saudi woman's iPhone revealed hacking around the world
Chrysaor

2022-02-15 ⋅ Proofpoint ⋅ Joe Wise, Selena Larson
Charting TA2541's Flight
AsyncRAT TA2541

2022-01-27 ⋅ Gigamon ⋅ Joe Slowik
Focusing on “Left of Boom”
WhisperGate

2022-01-19 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager
Operation Bleeding Bear
WhisperGate

2022-01-19 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager, Samir Bousseaden
Operation Bleeding Bear
WhisperGate

2021-12-30 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Lights Out in Isfahan

2021-12-23 ⋅ Elastic ⋅ Joe Desimone, Samir Bousseaden
Elastic Security uncovers BLISTER malware campaign
Blister

2021-12-21 ⋅ Gigamon ⋅ Joe Slowik
The Log Keeps Rolling On: Evaluating Log4j Developments and Defensive Requirements

2021-12-14 ⋅ Gigamon ⋅ Joe Slowik
Network Security Monitoring Opportunities and Best Practices for Log4j Defense

2021-11-17 ⋅ BBC ⋅ Joe Tidy
Evil Corp: 'My hunt for the world's most wanted hackers'
REvil REvil

2021-11-16 ⋅ IronNet ⋅ IronNet Threat Research, Joey Fitzpatrick, Morgan Demboski, Peter Rydzynski
How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware
Cobalt Strike Conti IcedID REvil

2021-11-04 ⋅ Youtube (Virus Bulletin) ⋅ Joey Chen, Yi-Jhen Hsieh
ShadowPad: the masterpiece of privately sold malware in Chinese espionage
PlugX ShadowPad

2021-10-27 ⋅ Proofpoint ⋅ Joe Wise, Selena Larson
New Threat Actor Spoofs Philippine Government, COVID-19 Health Data in Widespread RAT Campaigns
Nanocore RAT Remcos TA2722