Malpedia Library

Click here to download all references as Bib-File.•

2021-11-18 ⋅ Group-IB ⋅ Ivan Pisarev
The awakening: Group-IB uncovers new corporate espionage attacks by RedCurl

2021-11-18 ⋅ Twitter (@tccontre18) ⋅ Br3akp0int
Tweet on how to decrypt 4 layers of encryption & obfuscation of vjw0rm
Vjw0rm

2021-11-18 ⋅ Red Canary ⋅ The Red Canary Team
Intelligence Insights: November 2021
Andromeda Conti LockBit QakBot Squirrelwaffle

2021-11-18 ⋅ Sophos ⋅ Elida Leite, Ferenc László Nagy, Gabor Szappanos, Harinder Bhathal, Kyle Link, Nirav Parekh, Rahul Dugar, Ratul Ghosh, Robert Weiland, Sean Gallagher, Sergio Bestuilic, Vikas Singh
New ransomware actor uses password-protected archives to bypass encryption protection

2021-11-18 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
Conti Ransomware Group In-Depth Analysis
Conti

2021-11-18 ⋅ 360 netlab ⋅ Alex.Turing, Hui Wang, litao3rd, YANG XU
The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service
Specter

2021-11-18 ⋅ Sansec ⋅ Sansec Threat Research Team
Linux malware agent hits eCommerce sites

2021-11-18 ⋅ Medium 0xchina ⋅ Hamad Alnakal
Malware reverse engineering (Ryuk Ransomware)
Ryuk

2021-11-18 ⋅ Microsoft ⋅ Microsoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iranian targeting of IT sector on the rise
MimiKatz ShellClient RAT Cuboid Sandstorm

2021-11-18 ⋅ Mandiant ⋅ Chris Sistrunk, Daniel Kapellmann, Glen Chason, Ken Proska
Introducing Mandiant's Digital Forensics and Incident Response Framework for Embedded OT Systems

2021-11-18 ⋅ US Department of Justice ⋅ Department of Justice
Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 U.S. Presidential Election ( Seyyed Mohammad Hosein Musa Kazemi & Sajjad Kashian )

2021-11-18 ⋅ US Department of Justice ⋅ Department of Justice
Indictment of Seyyed Mohammad Hosein Musa Kazemi

2021-11-18 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Treasury Sanctions Iran Cyber Actors for Attempting to Influence the 2020 U.S. Presidential Election

2021-11-18 ⋅ Elliptic ⋅ Elliptic Intel
Conti Ransomware Nets at Least $25.5 Million in Four Months
Conti

2021-11-18 ⋅ eSentire ⋅ eSentire
Emotet Activity Identified
Emotet

2021-11-17 ⋅ Black Hills Information Security ⋅ Kyle Avery
DNS Over HTTPS for Cobalt Strike
Cobalt Strike

2021-11-17 ⋅ Infoblox ⋅ Gaetano Pellegrino
Deep Analysis of a Recent Lokibot Attack
Loki Password Stealer (PWS)

2021-11-17 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-17 ⋅ ARMOR ⋅ Amer Elsad
Astaroth: Banking Trojan
Astaroth

2021-11-17 ⋅ Github (cube0x0) ⋅ cube0x0
GitHub - cube0x0 / SharpMapExec
SharpMapExec