Malpedia Library

2021-10-23 ⋅ Cado Security ⋅ Cado Security
Links to Previous Attacks in UAParserJS Compromise

2021-10-22 ⋅ Amazon ⋅ Adam Palmer, Nick Coval
Building an open source IDS/IPS service on AWS with Suricata

2021-10-22 ⋅ Zscaler ⋅ Amandeep Kumar, Stuti Chaturvedi
New MultiloginBot Phishing Campaign

2021-10-22 ⋅ Elliptic ⋅ Elliptic Intel
DarkSide bitcoins on the move following government cyberattack against REvil ransomware group
BlackMatter DarkSide BlackMatter DarkSide

2021-10-22 ⋅ The Record ⋅ Catalin Cimpanu
DarkSide ransomware gang moves some of its Bitcoin after REvil got hit by law enforcement
BlackMatter DarkSide BlackMatter DarkSide

2021-10-22 ⋅ Bleeping Computer ⋅ Ionut Ilascu
DarkSide ransomware rushes to cash out $7 million in Bitcoin
BlackMatter DarkSide BlackMatter DarkSide

2021-10-22 ⋅ Twitter (@GelosSnake) ⋅ Omri Segev Moyal
Tweet on List of wallets used by Darkside/Blackmatter Operator to split out the money
BlackMatter DarkSide BlackMatter DarkSide

2021-10-22 ⋅ Huntress Labs ⋅ Caleb Stewart
Threat Advisory: Hackers Are Exploiting a Vulnerability in Popular Billing Software to Deploy Ransomware

2021-10-22 ⋅ HUNT & HACKETT ⋅ Krijn de Mik
Advanced IP Scanner: the preferred scanner in the A(P)T toolbox
Conti DarkSide Dharma Egregor Hades REvil Ryuk

2021-10-22 ⋅ Darkowl ⋅ Darkowl
“Page Not Found”: REvil Darknet Services Offline After Attack Last Weekend
REvil REvil

2021-10-22 ⋅ Fortinet ⋅ Cara Lin
Recent Attack Uses Vulnerability on Confluence Server
Tsunami BillGates

2021-10-22 ⋅ Medium Jang ⋅ Jang
50 Shades of SolarWinds Orion Deserialization (Part 1: CVE-2021–35215)

2021-10-22 ⋅ Reuters ⋅ Christopher Bing, Joseph Menn
EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline
REvil REvil

2021-10-22 ⋅ TEAMT5 ⋅ TeamT5
Assassinations of "MiniNinja" in Various APAC Countries
ToddyCat

2021-10-21 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Evil Corp demands $40 million in new Macaw ransomware attacks
Macaw

2021-10-21 ⋅ APNIC ⋅ James Shank
How to: Threat hunting and threat intelligence

2021-10-21 ⋅ Bitdefender ⋅ Bitdefender
Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions
NetfilterRootkit

2021-10-21 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Massive campaign uses YouTube to push password-stealing malware
Raccoon RedLine Stealer

2021-10-21 ⋅ Quick Heal ⋅ Sameer Patil
Multi-Staged JSOutProx RAT Targets Indian Co-operative Banks and Finance Companies
JSOutProx

2021-10-21 ⋅ CrowdStrike ⋅ Alex Clinton, Tasha Robinson
Stopping GRACEFUL SPIDER: Falcon Complete’s Fast Response to Recent SolarWinds Serv-U Exploit Campaign
Cobalt Strike FlawedGrace TinyMet