Malpedia Library

Click here to download all references as Bib-File.•

2024-06-07 ⋅ SOCRadar ⋅ SOCRadar
Grandoreiro Malware Campaign: A Global Threat to Banking Security
Grandoreiro

2024-06-07 ⋅ Security Affairs ⋅ Pierluigi Paganini
Pandabuy was extorted twice by the same Threat Actor
IntelBroker

2024-06-06 ⋅ Morphisec ⋅ Arnold Osipov
Howling at the Inbox: Sticky Werewolf’s Latest Malicious Aviation Attacks
Angry Likho

2024-06-06 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
New Gitloker attacks wipe GitHub repos in extortion scheme
Gitloker

2024-06-06 ⋅ Hunt.io ⋅ Hunt.io
Tracking LightSpy: Certificates as Windows into Adversary Behavior
lightSpy

2024-06-06 ⋅ CrowdStrike ⋅ Alexandru Dinu, Dragoș Corlătescu, Mihaela Găman, Paul Sumedrea
EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

2024-06-06 ⋅ Medium b.magnezi ⋅ 0xMrMagnezi
Remcos RAT Analysis
Remcos

2024-06-06 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] DarkGate – Make AutoIt Great Again
DarkGate

2024-06-05 ⋅ Mandiant ⋅ Jamie Collier, Michelle Cantos
Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics
Callisto

2024-06-05 ⋅ Symantec ⋅ Symantec Threat Intelligence
RansomHub: New Ransomware has Origins in Older Knight
Knight RansomHub RansomHub

2024-06-05 ⋅ QuoIntelligence ⋅ Alixia Clarisse Rutayisire
European Election Security At Risk: A Detailed Analysis of State-Sponsored, eCrime, and Hacktivist Threats
Dragonbridge

2024-06-05 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR SPZ in tandem with the legitimate SyncThing ("SickSync" campaign) (CERT-UA#9934)
UAC-0020

2024-06-05 ⋅ S-RM ⋅ David Broom, Gavin Hull
Exmatter malware levels up: S-RM observes new variant with simultaneous remote code execution and data targeting
BlackCat BlackMatter Conti ExMatter LockBit REvil Ryuk

2024-06-05 ⋅ Cisco Talos ⋅ Cisco Talos
DarkGate switches up its tactics with new payload, email templates
DarkGate

2024-06-04 ⋅ Qianxin ⋅ Red Raindrop Team
Operation Veles: Decade-Long Espionage Targeting the Global Research and Education Sector
UTG-Q-008

2024-06-04 ⋅ Aquasec ⋅ Nitzan Yaakov
Muhstik Malware Targets Message Queuing Services Applications
Tsunami

2024-06-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0200: Targeted cyberattacks using DarkCrystal RAT and Signal as a trusted distribution vehicle (CERT-UA#9918)
DCRat

2024-06-03 ⋅ SYGNIA ⋅ Sygnia Team
China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence
PlugX

2024-06-03 ⋅ SpyCloud ⋅ James
Reversing Atomic macOS Stealer: Binaries, Backdoors & Browser Theft
AMOS

2024-06-03 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Sekoia TDR
PikaBot: a Guide to its Deep Secrets and Operations
Pikabot