Malpedia Library

Click here to download all references as Bib-File.•

2023-08-07 ⋅ Cisco Talos ⋅ Chetan Raghuprasad
New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware
Chaos

2023-08-02 ⋅ Checkmarx ⋅ Yehuda Gelb
Lazarus Group Launches First Open Source Supply Chain Attacks Targeting Crypto Sector

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG 53, Continues to Deploy New Infrastructure in 2023

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023

2023-08-01 ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
Analysis of Recent Activities of the Mylobot Botnet
MyloBot

2023-08-01 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm

2023-08-01 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
BatLoader Continues Signed MSIX App Package Abuse
BATLOADER

2023-08-01 ⋅ SentinelOne ⋅ Tom Hegel
Illicit Brand Impersonation | A Threat Hunting Approach

2023-07-31 ⋅ Medium (csg-govtech) ⋅ Greg Jefferson
China-Backed Hackers Threaten Texas Military Sites, Utilities

2023-07-31 ⋅ Proofpoint ⋅ Kelsey Merriman, Pim Trouerbach
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion
ISFB WikiLoader

2023-07-31 ⋅ Cleafy ⋅ Francesco Iubatti
SpyNote continues to attack financial institutions
SpyNote

2023-07-29 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Unknown powershell backdoor with ties to new Zloader
Zloader

2023-07-29 ⋅ Google ⋅ Google Cybersecurity Action Team
Threat Horizons August 2023 Threat Horizons Report
SharkBot Cobalt Strike

2023-07-28 ⋅ Quorum Cyber ⋅ Quorum Cyber
Scattered Spider Threat Actor Profile
Cuba KillAV POORTRY

2023-07-28 ⋅ CISA ⋅ CISA
MAR-10454006-r2.v1 SEASPY Backdoor
SEASPY

2023-07-28 ⋅ CISA
MAR-10454006-r1.v2 SUBMARINE Backdoor

2023-07-28 ⋅ CISA ⋅ CISA
CISA Releases Malware Analysis Reports on Barracuda Backdoors
SEASPY

2023-07-28 ⋅ Team Cymru ⋅ S2 Research Team
Inside the IcedID BackConnect Protocol (Part 2)
IcedID

2023-07-27 ⋅ X (@BlackLotusLabs) ⋅ Black Lotus Labs
Tweet on update on AVrecon bot's migration to new infrastructure
AVrecon

2023-07-26 ⋅ DataBreaches.net ⋅ Dissent
Major Malaysian water utilities company hit by hackers; Ranhill offline; hackers claim databases and backups deleted
Desorden Group