Malpedia Library

Click here to download all references as Bib-File.•

2021-02-09 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Threat actors now target Docker via container escape features

2021-02-09 ⋅ Securehat ⋅ Securehat
Extracting the Cobalt Strike Config from a TEARDROP Loader
Cobalt Strike TEARDROP

2021-02-09 ⋅ Talos ⋅ Chris Neal, Vitor Ventura, Warren Mercer
Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows
Loda

2021-02-09 ⋅ Max Kersten's Blog ⋅ Max Kersten
Ghidra script to decrypt strings in Amadey 1.09
Amadey

2021-02-09 ⋅ Cofense ⋅ Zachary Bailey
BazarBackdoor’s Stealthy Infiltration Evades Multiple SEGs
BazarBackdoor

2021-02-08 ⋅ Dragos ⋅ Gus Serino
Recommendations Following the Oldsmar Water Treatment Facility Cyber Attack

2021-02-08 ⋅ Wired ⋅ Andy Greenberg
A Hacker Tried to Poison a Florida City's Water Supply, Officials Say

2021-02-08 ⋅ Morphisec ⋅ Michael Dereviashkin
Long Live, Osiris; Banking Trojan Targets German IP Addresses
Kronos

2021-02-08 ⋅ CrowdStrike ⋅ Seb Walla, Tom Henry, Tom Simpson
Blocking SolarMarker Backdoor
solarmarker

2021-02-08 ⋅ Medium kurtikleiton ⋅ kleiton0x7e
Evade EDR with Shellcode Injection and gain persistence using Registry Run Keys

2021-02-08 ⋅ Checkpoint ⋅ Checkpoint Research, Safebreach Labs
After Lightning Comes Thunder
Infy Tonnerre

2021-02-08 ⋅ GRNET CERT ⋅ Dimitris Kolotouros, Marios Levogiannis
Reverse engineering Emotet – Our approach to protect GRNET against the trojan
Emotet

2021-02-08 ⋅ Medium Sebdraven ⋅ sebdraven
Babuk is distributed packed
Babuk

2021-02-08 ⋅ Checkpoint ⋅ Check Point Research
Domestic Kitten – An Inside Look at the Iranian Surveillance Operations
FurBall Domestic Kitten

2021-02-07 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New phishing attack uses Morse code to hide malicious URLs

2021-02-06 ⋅ ⋅ Clairvoyance Security Lab ⋅ Advanced threat research team
Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises
Ave Maria

2021-02-06 ⋅ Medium mariohenkel ⋅ Mario Henkel
Decrypting AzoRult traffic for fun and profit
Azorult

2021-02-05 ⋅ Silent Push ⋅ Ken
Behavior Clustering just got easier using new characteristics.

2021-02-05 ⋅ Palo Alto Networks Unit 42 ⋅ Efi Barkayev, Gal De Leon, Nadav Markus
Exploits in the Wild for WordPress File Manager RCE Vulnerability (CVE-2020-25213)
Kinsing

2021-02-05 ⋅ Trend Micro ⋅ Don Ovid Ladores, Junestherry Salvador, Llalum Victoria, Monte de Jesus, Nikko Tamana, Raphael Centeno
New in Ransomware: Seth-Locker, Babuk Locker, Maoloa, TeslaCrypt, and CobraLocker
Babuk TeslaCrypt