Malpedia Library

Click here to download all references as Bib-File.•

2021-11-29 ⋅ Kaspersky ⋅ Maher Yamout
WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
WIRTE

2021-11-29 ⋅ The DFIR Report ⋅ The DFIR Report
CONTInuing the Bazar Ransomware Story
BazarBackdoor Cobalt Strike Conti

2021-11-29 ⋅ Trend Micro ⋅ Jaromír Hořejší
Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites
AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos

2021-11-29 ⋅ Certitude ⋅ Peter Wagner
Unpatched Exchange Servers distribute Phishing Links (SquirrelWaffle)
Squirrelwaffle

2021-11-29 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling

2021-11-29 ⋅ Mandiant ⋅ Brandan Schondorfer, Tyler McLellan
Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again
Cobalt Strike ROLLCOAST

2021-11-27 ⋅ trickster0's Nest ⋅ trickster0
Halo's Gate Evolves -> Tartarus' Gate

2021-11-26 ⋅ Twitter (@jhencinski) ⋅ Jon Hencinski
Twitter Thread on weelky MDR recap from expel.io
GootKit Squirrelwaffle

2021-11-25 ⋅ imp0rtp3 blog ⋅ imp0rtp3
A Deep Dive Into SoWaT: APT31’s Multifunctional Router Implant
SoWaT

2021-11-25 ⋅ ⋅ DSIH ⋅ Charles Blanc-Rolin
Emotet de retour, POC Exchange, 0-day Windows : à quelle sauce les attaquants prévoient de nous manger cette semaine?
Emotet

2021-11-24 ⋅ Telsy ⋅ Telsy Research Team
Possible attack to Telco company in Middle East
GRUNT

2021-11-24 ⋅ ⋅ vladtv ⋅ vladtv
Vladimir hacker, who developed a program for hacking banking systems, received a suspended sentence

2021-11-24 ⋅ safebreach ⋅ Tomer Bar
New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability to Spy on Farsi Speakers
PowerShortShell

2021-11-24 ⋅ Google ⋅ Google Cybersecurity Action Team, Google Threat Analysis Group
Threat Horizons Cloud Threat Intelligence November 2021. Issue 1
BlackMatter

2021-11-24 ⋅ Lasq's Security Blog ⋅ Lasq's Security Blog
From the archive #1: OSTap downloader deobfuscation and analysis
ostap

2021-11-24 ⋅ Sansec ⋅ Sansec Threat Research Team
CronRAT malware hides behind February 31st
CronRAT

2021-11-23 ⋅ NSFOCUS ⋅ NSFOCUS
2021 Analysis Report on Lorec53 Group
SaintBear

2021-11-23 ⋅ 0ffset Blog ⋅ Chuong Dong
HANCITOR: Analysing The Malicious Document
Hancitor

2021-11-23 ⋅ Minerva Labs ⋅ Natalie Zargarov
A Long List Of Arkei Stealer's Crypto Browser Wallets
Arkei Stealer

2021-11-23 ⋅ Morphisec ⋅ Arnold Osipov, Hido Cohen
Babadeda Crypter targeting crypto, NFT, and DeFi communities
Babadeda BitRAT LockBit Remcos