Malpedia Library

Click here to download all references as Bib-File.•

2021-02-16 ⋅ SophosLabs Uncut ⋅ Michael Heller
A Conti ransomware attack day-by-day
Conti

2021-02-15 ⋅ Medium s2wlab ⋅ Sojun Ryu
Operation SyncTrek
AbaddonPOS Azorult Clop DoppelDridex DoppelPaymer Dridex PwndLocker

2021-02-15 ⋅ Wired ⋅ Andy Greenberg
France Ties Russia's Sandworm to a Multiyear Hacking Spree
Exaramel Exaramel

2021-02-15 ⋅ cyble ⋅ cybleinc
Ngrok Platform Abused by Hackers to Deliver a New Wave of Phishing Attacks

2021-02-15 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Qakbot post infection discovery activity
QakBot

2021-02-15 ⋅ stan's blog ⋅ Stanislas Arnoud
Analysis of an APT41 rootkit

2021-02-14 ⋅ Cyware ⋅ Cyware
Hildegard: TeamTNT’s New Feature-Rich Malware Targeting Kubernetes
TeamTNT

2021-02-14 ⋅ Objective-See ⋅ Patrick Wardle
Arm'd & Dangerous malicious code, now native on apple silicon
Pirrit

2021-02-12 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
A twitter thread on discussing updated attack chain of EVILNUM group and their use PYVIL malware
PyVil

2021-02-12 ⋅ InfoSec Handlers Diary Blog ⋅ Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla

2021-02-11 ⋅ Cyber And Ramen blog ⋅ Mike R
BlackTech Updates Elf-Plead Backdoor
PLEAD

2021-02-11 ⋅ AGARI ⋅ Crane Hassold
Cosmic Lynx Returns in 2021 with Updated Tricks

2021-02-11 ⋅ CrowdStrike ⋅ Radu Vlad
Press #1 to Play: A Look Into eCrime Menu-style Toolkits
Mailto CIRCUS SPIDER

2021-02-11 ⋅ InfoSec Handlers Diary Blog ⋅ Jan Kopriva
Agent Tesla hidden in a historical anti-malware tool
Agent Tesla

2021-02-11 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise

2021-02-11 ⋅ DomainTools ⋅ Joe Slowik
Visibility, Monitoring, and Critical Infrastructure Security
Industroyer Stuxnet Triton

2021-02-11 ⋅ CTI LEAGUE ⋅ CTI LEAGUE
CTIL Darknet Report – 2021
Conti Mailto Maze REvil Ryuk

2021-02-11 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Hancitor Activity followed by cobaltsrike beacon
Cobalt Strike Hancitor

2021-02-10 ⋅ Anomali ⋅ Anomali Threat Research, Gage Mele, Winston Marydasan, Yury Polozov
Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies

2021-02-10 ⋅ 360 netlab ⋅ Liu Ya
Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed