Malpedia Library

Click here to download all references as Bib-File.•

2021-12-01 ⋅ Trend Micro ⋅ Trend Micro Research
Analyzing How TeamTNT Used Compromised Docker Hub Accounts
TeamTNT

2021-12-01 ⋅ Check Point ⋅ Shmuel Cohen
Smishing Botnets Going Viral in Iran

2021-12-01 ⋅ Proofpoint ⋅ Michael Raggi
Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors

2021-12-01 ⋅ NCC Group ⋅ Michael Sandee, Nikolaos Pantazopoulos
Tracking a P2P network related to TA505
FlawedGrace Necurs

2021-11-30 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Yanluowang: Further Insights on New Ransomware Threat
BazarBackdoor Cobalt Strike FiveHands

2021-11-30 ⋅ Deep instinct ⋅ Ron Ben Yizhak
The Re-Emergence of Emotet
Emotet

2021-11-30 ⋅ Canadian Centre for Cyber Security ⋅ Canadian Centre for Cyber Security
Ransomware playbook ITSM.00.099

2021-11-30 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Cyberspace's Magic Eye: PROMETHIUM Fakes attack activity analysis of NotePads and installation packages
StrongPity

2021-11-30 ⋅ 360 netlab ⋅ Alex.Turing, Hui Wang
EwDoor Botnet Is Attacking AT&T Customers
EwDoor

2021-11-30 ⋅ Medium nusenu ⋅ nusenu
Is "KAX17" performing de-anonymization Attacks against Tor Users?
KAX17

2021-11-30 ⋅ Red Canary ⋅ Harrison van Riper
ProxyShell exploitation leads to BlackByte ransomware
BlackByte

2021-11-30 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
Just another analysis of the njRAT malware – A step-by-step approach
NjRAT

2021-11-30 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Yanluowang ransomware operation matures with experienced affiliates
FiveHands

2021-11-29 ⋅ ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
APT-Q-12: An intelligence espionage campaign targeting the trade industry
Unidentified 100 (APT-Q-12) APT-C-60

2021-11-29 ⋅ cyble ⋅ Cyble
Pysa Ransomware Under the Lens: A Deep-Dive Analysis
Mespinoza

2021-11-29 ⋅ Kaspersky ⋅ GReAT
ScarCruft surveilling North Korean defectors and human rights activists
Chinotto Chinotto PoorWeb

2021-11-29 ⋅ Kaspersky ⋅ Maher Yamout
WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
WIRTE

2021-11-29 ⋅ The DFIR Report ⋅ The DFIR Report
CONTInuing the Bazar Ransomware Story
BazarBackdoor Cobalt Strike Conti

2021-11-29 ⋅ Trend Micro ⋅ Jaromír Hořejší
Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites
AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos

2021-11-29 ⋅ Certitude ⋅ Peter Wagner
Unpatched Exchange Servers distribute Phishing Links (SquirrelWaffle)
Squirrelwaffle