Malpedia Library

Click here to download all references as Bib-File.•

2021-12-14 ⋅ Trend Micro ⋅ Nick Dai, Ted Lee, Vickie Su
Collecting In the Dark: Tropic Trooper Targets Transportation and Government
ChiserClient Ghost RAT Lilith Quasar RAT xPack APT23

2021-12-14 ⋅ Gigamon ⋅ Joe Slowik
Network Security Monitoring Opportunities and Best Practices for Log4j Defense

2021-12-14 ⋅ Recorded Future ⋅ Insikt Group®
Full Spectrum Detections for 5 Popular Web Shells: Alfa, SharPyShell, Krypton, ASPXSpy, and TWOFACE
TwoFace

2021-12-14 ⋅ Lab52 ⋅ Th3spis
Cuba Ransomware Analysis
Cuba

2021-12-14 ⋅ Cado Security ⋅ Matt Muir
Analysis of Novel Khonsari Ransomware Deployed by the Log4Shell Vulnerability
Khonsari

2021-12-14 ⋅ Medium s2wlab ⋅ S2W TALON
Logs of Log4shell (CVE-2021-44228): log4j is ubiquitous
Kinsing Mirai Tsunami

2021-12-14 ⋅ Zscaler ⋅ Nagraj Seshadri
Neutralizing Apache Log4j Exploits with Identity-Based Segmentation

2021-12-14 ⋅ Mandiant ⋅ Adrien Bataille, Anders Vejlby, Jared Scott Wilson, Nader Zaveri
Azure Run Command for Dummies

2021-12-14 ⋅ Symantec ⋅ Threat Hunter Team
Espionage Campaign Targets Telecoms Organizations across Middle East and Asia
MimiKatz

2021-12-14 ⋅ Prevailion ⋅ Matt Stafford, Sherman Smith
DarkWatchman: A new evolution in fileless techniques
DarkWatchman

2021-12-14 ⋅ Kaspersky Labs ⋅ Paul Rascagnères, Pierre Delcher
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa

2021-12-13 ⋅ RiskIQ ⋅ Jordan Herman
RiskIQ: Connections between Nanocore, Netwire, and AsyncRAT and Vjw0rm dynamic DNS C2 infrastructure
AsyncRAT Nanocore RAT NetWire RC Vjw0rm

2021-12-13 ⋅ Cado Security ⋅ Cado Security
Analysis of Initial In The Wild Attacks Exploiting Log4Shell/Log4J/CVE-2021-44228
Kinsing Mirai Tsunami

2021-12-13 ⋅ Mandiant ⋅ Alyssa Rahman
Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits

2021-12-13 ⋅ Trend Micro ⋅ Abdelrhman Sharshar, Jay Yaneza, Sherif Magdy
A Look Into Purple Fox’s Server Infrastructure
PurpleFox

2021-12-13 ⋅ The DFIR Report ⋅ The DFIR Report
Diavol Ransomware
BazarBackdoor Conti Diavol

2021-12-13 ⋅ Zscaler ⋅ Avinash Kumar, Dennis Schwarz
Return of Emotet: Malware Analysis
Emotet

2021-12-12 ⋅ Cyber And Ramen blog ⋅ Mike R
More Flagpro, More Problems
Flagpro

2021-12-12 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
Log4Shell: Reconnaissance and post exploitation network detection

2021-12-12 ⋅ Sophos ⋅ Sean Gallagher
Log4Shell Hell: anatomy of an exploit outbreak