Malpedia Library

2021-11-03 ⋅ MITRE ⋅ MITRE
Threat-Informed Defense Adoption Handbook: September 2021 Edition, Volume 1

2021-11-03 ⋅ Avast ⋅ Martin Chlumecký
DirtyMoe: Deployment
DirtyMoe

2021-11-03 ⋅ Bleeping Computer ⋅ Lawrence Abrams
BlackMatter ransomware moves victims to LockBit after shutdown
BlackMatter BlackMatter LockBit

2021-11-03 ⋅ Telsy ⋅ Telsy Research Team
Dissecting new AppleSeed backdoor of Kimsuky threat actor
Appleseed

2021-11-03 ⋅ RiskIQ ⋅ Kelsey Clapp
Vagabon PhishKit - An Example of Shared Code Modularity

2021-11-03 ⋅ nviso ⋅ Didier Stevens
Cobalt Strike: Using Process Memory To Decrypt Traffic – Part 3
Cobalt Strike

2021-11-03 ⋅ Microsoft ⋅ Cristin Goodwin
Understanding Nation State Threats

2021-11-03 ⋅ Team Cymru ⋅ tcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader

2021-11-03 ⋅ Malwarebytes ⋅ Jérôme Segura
Credit card skimmer evades Virtual Machines
magecart

2021-11-03 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
TeamTNT

2021-11-03 ⋅ CERT-FR ⋅ ANSSI
Identification of a new cybercriminal group: Lockean
DoppelPaymer Egregor Maze PwndLocker REvil

2021-11-03 ⋅ Check Point Research ⋅ Abedalla Hadra, Arie Olshtein
Mekotio Banker Returns with Improved Stealth and Ancient Encryption
Mekotio

2021-11-03 ⋅ Cisco Talos ⋅ Caitlin Huey, Chetan Raghuprasad, Vanja Svajcer
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Babuk CHINACHOPPER

2021-11-03 ⋅ The Record ⋅ Catalin Cimpanu
BlackMatter ransomware says its shutting down due to pressure from local authorities
BlackMatter

2021-11-02 ⋅ boschko.ca blog ⋅ Olivier Laflamme
Cobalt Strike Process Injection
Cobalt Strike

2021-11-02 ⋅ Microsoft ⋅ Ashwin Patil
Hunting for potential network beaconing patterns using Apache Spark via Azure Synapse – Part 1

2021-11-02 ⋅ Twitter (@malwrhunterteam) ⋅ malwrhunterteam
Tweet on linux version of Hive Ransomware group's command to shut down ESXI VMs
Hive

2021-11-02 ⋅ CyberScoop ⋅ Jeff Stone
US seeks extradition of alleged Ukrainian scammer arrested at Polish border stop

2021-11-02 ⋅ InQuest ⋅ Dmitry Melikov
Adults Only Malware Lures
Agent Tesla

2021-11-02 ⋅ sysdig ⋅ Alberto Pellitteri
Malware analysis: Hands-On Shellbot malware
PerlBot