Malpedia Library

Click here to download all references as Bib-File.•

2024-08-29 ⋅ Google ⋅ Clement Lecigne, Josh Atkins, Luke Jenkins
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
ANDROSNATCH Unidentified APK 009 (Chrome Recon) COOKIESNATCH VALIDVICTOR

2024-08-29 ⋅ Netskope ⋅ Leandro Froes
Latrodectus Rapid Evolution Continues With Latest New Payload Features
Latrodectus

2024-08-29 ⋅ Securonix ⋅ Den Iyzvyk, Tim Peck
From Cobalt Strike to Mimikatz: A Deep Dive into the SLOW#TEMPEST Campaign Targeting Chinese Users
Cobalt Strike MimiKatz

2024-08-28 ⋅ Talos Intelligence ⋅ Craig Jackson, James Nutland, Terryn Valikodath
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
BlackByte

2024-08-27 ⋅ DailyDarkWeb ⋅ DailyDarkWeb
Threat Actor Claimed to Breach Database of DimeCuba
SILKFIN AGENCY

2024-08-27 ⋅ Lumen ⋅ Black Lotus Labs
Taking the Crossroads: The Versa Director Zero-Day Exploitation
VersaMem

2024-08-26 ⋅ Netskope ⋅ Leandro Froes
Static Unpacker for Latrodectus
Latrodectus

2024-08-26 ⋅ The DFIR Report ⋅ The DFIR Report
BlackSuit Ransomware
BlackSuit Cobalt Strike SystemBC

2024-08-24 ⋅ YouTube (Black Hat) ⋅ Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices (Video)
SEASPY UNC4841

2024-08-23 ⋅ ITOCHU ⋅ Suguru Ishimaru, Yusuke Niwa
Pirates of The Nang Hai: Follow the Artifacts No One Know
Cobalt Strike Xiangoop

2024-08-23 ⋅ DailyDarkWeb ⋅ DailyDarkWeb
A Threat Actor Alleged Breach of Sri Lankan Farmers Community Database
SILKFIN AGENCY

2024-08-22 ⋅ S2W Inc. ⋅ S2W
Analysis of the North Korea-backed puNK-003’s Lilith RAT ported to AutoIt Script
Lilith puNK-003

2024-08-22 ⋅ Mandiant ⋅ Aaron Lee, Praveeth DSouza
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
CryptBot Emmenhtal HijackLoader Lumma Stealer

2024-08-22 ⋅ ⋅ NTT ⋅ Rintaro Koike
AppDomainManager Injectionを悪用したマルウェアによる攻撃について
Cobalt Strike Earth Baxia

2024-08-22 ⋅ NTT Security ⋅ Rintaro Koike, Ryu Hiyoshi
Attacks by malware abusing AppDomainManager Injection

2024-08-21 ⋅ Cisco Talos ⋅ Asheer Malhotra, Guilherme Venere, Vitor Ventura
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
MoonPeak XenoRAT UAT-5394

2024-08-21 ⋅ OODA Loop ⋅ OODA Loop
Toyota Customer, Employee Data Leaked in Confirmed Data Breach
ZeroSevenGroup

2024-08-20 ⋅ Kroll ⋅ Dan Cox, Marc Messer, Sarah Becker
FOG Ransomware Targets Higher Education
Fog

2024-08-20 ⋅ SiliconAngle ⋅ Duncan Riley
Toyota alleges stolen customer data published on hacking site came from outside supplier
ZeroSevenGroup

2024-08-20 ⋅ DailyDarkWeb ⋅ DailyDarkWeb
Threat Actor Claims Breach of Siam Cement Group Database
SILKFIN AGENCY