Malpedia Library

Click here to download all references as Bib-File.•

2021-04-09 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Yanhui Jia
Emotet Command and Control Case Study
Emotet

2021-04-09 ⋅ Microsoft ⋅ Emily Hacker, Justin Carroll, Microsoft 365 Defender Threat Intelligence Team
Investigating a unique “form” of email delivery for IcedID malware
IcedID

2021-04-09 ⋅ Trend Micro ⋅ Daniel Lunghi, Kenney Lu
Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
HyperBro HyperSSL APT27

2021-04-08 ⋅ ESET Research ⋅ Filip Jurčacko
(Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor
Vyveva RAT

2021-04-08 ⋅ Palo Alto Networks Unit 42 ⋅ Ashutosh Chitwadgi, Ken Hsu, Vaibhav Singhal
Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

2021-04-08 ⋅ Juniper ⋅ Paul Kimayong
Sysrv Botnet Expands and Gains Persistence

2021-04-08 ⋅ Checkpoint ⋅ Check Point Research
Iran’s APT34 Returns with an Updated Arsenal
DNSpionage SideTwist TONEDEAF

2021-04-07 ⋅ Nozomi Networks ⋅ Nozomi Networks Labs
Threat Intelligence: Analysis of the SBIDIOT IoT Malware
SBIDIOT

2021-04-07 ⋅ Kaspersky ⋅ Vyacheslav Kopeytsev
Vulnerability in Fortigate VPN servers is exploited in Cring ransomware attacks
Cring

2021-04-07 ⋅ Talos ⋅ Chris Neal, Edmund Brumaghin, Nick Biasini, Paul Eubanks.
Sowing Discord: Reaping the benefits of collaboration app abuse

2021-04-07 ⋅ F5 ⋅ Aditya K. Sood
Dissecting the Design and Vulnerabilities in Azorult C&C Panels
Azorult

2021-04-07 ⋅ RiskIQ ⋅ Team RiskIQ
Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
Yanbian Gang

2021-04-07 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Wireshark Tutorial: Examining Traffic from Hancitor Infections
Hancitor

2021-04-07 ⋅ RiskIQ ⋅ Adam Castleman, Jordan Herman
Yanbian Gang Malware Continues with Wide-Scale Distribution and C2

2021-04-07 ⋅ Check Point Research ⋅ Aviran Hazum, Bodgan Melnykov, Israel Wenik
New Wormable Android Malware Spreads by Creating Auto-Replies to Messages in WhatsApp

2021-04-07 ⋅ Medium sixdub ⋅ Justin Warner
Using Kaitai Struct to Parse Cobalt Strike Beacon Configs
Cobalt Strike

2021-04-06 ⋅ McAfee ⋅ Alexandre Mundo, Thibault Seret, Thomas Roccia
McAfee ATR Threat Report: A Quick Primer on Cuba Ransomware
Cuba

2021-04-06 ⋅ Malwarebytes ⋅ Hossein Jazi
Aurora campaign: Attacking Azerbaijan using multiple RATs

2021-04-06 ⋅ Facebook ⋅ Facebook
March 2021 Coordinated Inauthentic Behavior Report

2021-04-06 ⋅ InfoSec Handlers Diary Blog ⋅ Jan Kopriva
Malspam with Lokibot vs. Outlook and RFCs
Loki Password Stealer (PWS)