Malpedia Library

2024-07-15 ⋅ Sekoia ⋅ Sekoia TDR
MuddyWater replaces Atera by custom MuddyRot implant in a recent campaign
bugsleep

2024-06-20 ⋅ Hunt.io ⋅ Michael R
Caught in the Act: Uncovering SpyNote in Unexpected Places
SpyNote

2024-06-12 ⋅ The Cyber Express ⋅ Ashish Khaitan
Hack Alert: SN Blackmeta Claims Cyberattack on Snapchat Over Explicit Content and Alleged Political Bias!
Blackmeta

2024-06-06 ⋅ Blackberry ⋅ Dmitry Melikov
Kimsuky is targeting an arms manufacturer in Europe.

2024-05-30 ⋅ Cisco Talos ⋅ Asheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid

2024-05-30 ⋅ Lumen ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-30 ⋅ Centurylink ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-28 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
BlackSuit Attack Analysis
BlackSuit

2024-05-16 ⋅ Elastic ⋅ Daniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Latrodectus

2024-05-15 ⋅ Stairwell ⋅ Threat Research at Stairwell
Stairwell threat report: Black Basta overview and detection rules
Black Basta Black Basta

2024-05-10 ⋅ Rapid7 Labs ⋅ Evan McCann, Thomas Elkins, Tyler McGraw
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Black Basta Black Basta Cobalt Strike NetSupportManager RAT

2024-05-10 ⋅ CISA ⋅ CISA
AA24-131A: #StopRansomware: Black Basta
Black Basta Black Basta

2024-04-30 ⋅ 0x0d4y ⋅ 0x0d4y
Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement?
Latrodectus

2024-04-19 ⋅ YouTube (Decipher) ⋅ Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant

2024-04-16 ⋅ Mandiant ⋅ Alden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm

2024-04-09 ⋅ ⋅ Israel National Cyber Directorate ⋅ Israel National Cyber Directorate
קבוצת התקיפה האיראנית Black Shadow

2024-04-09 ⋅ Claroty ⋅ Team82
Unpacking the Blackjack Group's Fuxnet Malware
BlackJack

2024-03-22 ⋅ Mandiant ⋅ Dan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER

2024-02-13 ⋅ Proofpoint ⋅ Axel F, Selena Larson
Bumblebee Buzzes Back in Black
BumbleBee

2024-02-07 ⋅ Lumen ⋅ Black Lotus Labs
KV-Botnet: Don’t call it a Comeback
KV