Malpedia Library

Click here to download all references as Bib-File.•

2021-11-30 ⋅ Canadian Centre for Cyber Security ⋅ Canadian Centre for Cyber Security
Ransomware playbook ITSM.00.099

2021-11-30 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Cyberspace's Magic Eye: PROMETHIUM Fakes attack activity analysis of NotePads and installation packages
StrongPity

2021-11-30 ⋅ 360 netlab ⋅ Alex.Turing, Hui Wang
EwDoor Botnet Is Attacking AT&T Customers
EwDoor

2021-11-30 ⋅ Medium nusenu ⋅ nusenu
Is "KAX17" performing de-anonymization Attacks against Tor Users?
KAX17

2021-11-30 ⋅ Red Canary ⋅ Harrison van Riper
ProxyShell exploitation leads to BlackByte ransomware
BlackByte

2021-11-30 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
Just another analysis of the njRAT malware – A step-by-step approach
NjRAT

2021-11-30 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Yanluowang ransomware operation matures with experienced affiliates
FiveHands

2021-11-29 ⋅ ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
APT-Q-12: An intelligence espionage campaign targeting the trade industry
Unidentified 100 (APT-Q-12) APT-C-60

2021-11-29 ⋅ cyble ⋅ Cyble
Pysa Ransomware Under the Lens: A Deep-Dive Analysis
Mespinoza

2021-11-29 ⋅ Kaspersky ⋅ GReAT
ScarCruft surveilling North Korean defectors and human rights activists
Chinotto Chinotto PoorWeb

2021-11-29 ⋅ Kaspersky ⋅ Maher Yamout
WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
WIRTE

2021-11-29 ⋅ The DFIR Report ⋅ The DFIR Report
CONTInuing the Bazar Ransomware Story
BazarBackdoor Cobalt Strike Conti

2021-11-29 ⋅ Trend Micro ⋅ Jaromír Hořejší
Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites
AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos

2021-11-29 ⋅ Certitude ⋅ Peter Wagner
Unpatched Exchange Servers distribute Phishing Links (SquirrelWaffle)
Squirrelwaffle

2021-11-29 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling

2021-11-29 ⋅ Mandiant ⋅ Brandan Schondorfer, Tyler McLellan
Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again
Cobalt Strike ROLLCOAST

2021-11-27 ⋅ trickster0's Nest ⋅ trickster0
Halo's Gate Evolves -> Tartarus' Gate

2021-11-26 ⋅ Twitter (@jhencinski) ⋅ Jon Hencinski
Twitter Thread on weelky MDR recap from expel.io
GootKit Squirrelwaffle

2021-11-25 ⋅ imp0rtp3 blog ⋅ imp0rtp3
A Deep Dive Into SoWaT: APT31’s Multifunctional Router Implant
SoWaT

2021-11-25 ⋅ ⋅ DSIH ⋅ Charles Blanc-Rolin
Emotet de retour, POC Exchange, 0-day Windows : à quelle sauce les attaquants prévoient de nous manger cette semaine?
Emotet