Malpedia Library

Click here to download all references as Bib-File.•

2023-07-13 ⋅ malware.love ⋅ Robert Giczewski
TrueBot Analysis Part IV - Config Extraction
Silence

2023-07-13 ⋅ MSSP Lab ⋅ cocomelonc
Malware analysis report: BlackCat ransomware
BlackCat BlackCat

2023-07-13 ⋅ Trend Micro ⋅ Fernando Mercês
Detecting BPFDoor Backdoor Variants Abusing BPF Filters
BPFDoor Symbiote

2023-07-12 ⋅ Lumen ⋅ Black Lotus Labs
Routers From The Underground: Exposing AVrecon
AVrecon

2023-07-12 ⋅ Fortinet ⋅ Cara Lin
LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros
Loki Password Stealer (PWS)

2023-07-12 ⋅ ⋅ JPCERT/CC ⋅ Yuma Masubuchi
DangerousPassword attacks targeting developers' Windows, macOS, and Linux environments

2023-07-12 ⋅ Mandiant ⋅ Dan Black, Gabby Roncone
The GRU's Disruptive Playbook
CaddyWiper INDUSTROYER2 XakNet

2023-07-12 ⋅ Dragos ⋅ Dragos
Mitigating CVE-2023-3595 and CVE-2023-3596 Impacting Rockwell Automation ControlLogix Firmware

2023-07-11 ⋅ AhnLab ⋅ ASEC
Analysis of the Rekoobe Backdoor Being Used In Attacks Against Linux Systems in Korea
Rekoobe

2023-07-11 ⋅ Microsoft ⋅ Microsoft
Storm-0978 attacks reveal financial and espionage motives
ROMCOM RAT

2023-07-10 ⋅ Mandiant ⋅ Jennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats

2023-07-08 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit
ROMCOM RAT

2023-07-07 ⋅ Cert-UA ⋅ Cert-UA
UAC-0057 Targeted Cyber Attack Against Government Agencies Using PicassoLoader/njRAT (CERT-UA#6948)
PicassoLoader Ghostwriter

2023-07-07 ⋅ Zscaler ⋅ Niraj Shivtarkar, Preet Kamal
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region

2023-07-07 ⋅ Lab52 ⋅ Lab52
Beyond appearances: unknown actor using APT29’s TTP against Chinese users
Cobalt Strike

2023-07-06 ⋅ Microsoft ⋅ Microsoft Incident Response
The five-day job: A BlackByte ransomware intrusion case study
BlackByte ExByte

2023-07-06 ⋅ Github (Helixo32) ⋅ Helixo32
NimBlackout
NimBlackout

2023-07-06 ⋅ CISA ⋅ CISA
Increased Truebot Activity Infects U.S. and Canada Based Networks
Silence

2023-07-05 ⋅ Aqua Nautilus ⋅ Assaf Morag, Ofek Itach
Threat Alert: Anatomy of Silentbob’s Cloud Attack
TeamTNT Tsunami

2023-07-05 ⋅ Qianxin ⋅ Red Raindrop Team
Patchwork Group Utilizing WarHawk Backdoor Variant "Spyder" for Espionage against Multiple Countries
Spyder Patchwork