Malpedia Library

Click here to download all references as Bib-File.•

2024-12-15 ⋅ Malwarebytes ⋅ Jérôme Segura
Malicious ad distributes SocGholish malware to Kaiser Permanente employees
FAKEUPDATES

2024-12-13 ⋅ Netskope ⋅ Jan Michael Alcantara, Nikhil Hegde
New Yokai Side-loaded Backdoor Targets Thai Officials
Yokai

2024-12-13 ⋅ Forcepoint ⋅ Prashant Kumar
VIPKeyLogger Infostealer in the Wild
VIP Keylogger

2024-12-13 ⋅ Bleeping Computer ⋅ Bill Toulas
Germany blocks BadBox malware loaded on 30,000 Android devices
BADBOX

2024-12-13 ⋅ Medium 0x_b0mb3r ⋅ Louis Schürmann
Technical Analysis: Magecart Skimmer
magecart

2024-12-13 ⋅ Securite360.net ⋅ Muffin
A Painful Quickheal
QuickHeal

2024-12-12 ⋅ Bleeping Computer ⋅ Bill Toulas
New IOCONTROL malware used in critical infrastructure attacks
elf.iocontrol

2024-12-12 ⋅ Hunt.io ⋅ Hunt.io
Oyster’s Trail: Resurgence of Infrastructure Linked to Ransomware and Cybercrime Actors
Broomstick

2024-12-12 ⋅ XLab ⋅ XLab Team
Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals
Winnti Glutton

2024-12-12 ⋅ Kaspersky ⋅ Georgy Kucherin & Marc Rivero López
The Mask Has Been Unmasked Again
Careto

2024-12-11 ⋅ Silent Push ⋅ Silent Push
Silent Push Unwraps the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign
Aggressive Inventory Zombies

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-11 ⋅ Lookout ⋅ Kyle Schmittle, Paul Shunk
Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT
BoneSpy DroidWatcher PlainGnome

2024-12-11 ⋅ Lookout ⋅ Kristina Balaam
Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus
EagleMsgSpy

2024-12-11 ⋅ Sublime ⋅ Sublime Security
Xloader deep dive: Link-based malware delivery via SharePoint impersonation
Xloader Formbook

2024-12-11 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Amadey Kazuar Wipbot FlyingYeti

2024-12-10 ⋅ cyble ⋅ Cyble
Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor
PhantomCore Head Mare

2024-12-10 ⋅ Zscaler ⋅ ThreatLabZ research team
Inside Zloader’s Latest Trick: DNS Tunneling
GhostSocks Zloader

2024-12-10 ⋅ Patreon (OALABS) ⋅ Sergei Frankoff
Live Stream VOD: The Many Faces of CryptBot (Paywall)
CryptBot

2024-12-10 ⋅ Hunt.io ⋅ Hunt.io
“Million OK !!!!” and the Naver Facade: Tracking Recent Suspected Kimsuky Infrastructure
Kimsuky