Malpedia Library

2021-10-13 ⋅ Anchored Narratives on Threat Intelligence and Geopolitics ⋅ RJM
Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor.
Crimson RAT

2021-10-12 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet of re-emergence phorpiex with a new "Twizt" module
Phorpiex

2021-10-12 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team
ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity
Babuk BlackMatter DarkSide REvil Avaddon Babuk BlackMatter DarkSide LockBit Mailto REvil

2021-10-12 ⋅ Mandiant ⋅ Alyssa Rahman
Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis
Cobalt Strike

2021-10-12 ⋅ Elastic ⋅ Elastic Security Intelligence & Analytics Team
Going Coast to Coast - Climbing the Pyramid with the Deimos Implant
Deimos

2021-10-12 ⋅ IronNet ⋅ Brett Fitzpatrick, IronNet Threat Research, Joey Fitzpatrick, Morgan Demboski, Peter Rydzynski
Continued Exploitation of CVE-2021-26084

2021-10-12 ⋅ Avast ⋅ Jakub Kaloč, Jan Rubín
The King is Dead, Long Live MyKings! (Part 1 of 2)
MyKings Spreader

2021-10-12 ⋅ Infoblox ⋅ Avinash Shende
Malspam Campaign Delivers Dark Crystal RAT (dcRAT)
DCRat

2021-10-12 ⋅ Boris Larin, Costin Raiu
MysterySnail attacks with Windows zero-day
MysterySnail IronHusky

2021-10-11 ⋅ Secureworks ⋅ SecureWorks
2021 State of the Threat: A Year in Review

2021-10-11 ⋅ Accenture ⋅ Accenture Cyber Threat Intelligence
Moving Left of the Ransomware Boom
REvil Cobalt Strike MimiKatz RagnarLocker REvil

2021-10-11 ⋅ Telsy ⋅ Telsy
Lazarus Group continues AppleJeus Operation
AppleJeus

2021-10-11 ⋅ Microsoft ⋅ Microsoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors

2021-10-11 ⋅ NCC Group ⋅ NCCGroup
SnapMC skips ransomware, steals data

2021-10-11 ⋅ Juniper ⋅ Paul Kimayong
Necro Python Botnet Goes After Vulnerable VisualTools DVR
N3Cr0m0rPh

2021-10-10 ⋅ Facebook ⋅ Facebook
September 2021 Coordinated Inauthentic Behavior Report

2021-10-09 ⋅ JPMinty ⋅ Jai Minton
Reverse Engineering Analysis Lab - STRRAT
STRRAT

2021-10-08 ⋅ Virus Bulletin ⋅ Seongsu Park
Multi-universe of adversary: multiple campaigns of the Lazarus group and their connections
Dacls AppleJeus AppleJeus Bankshot BookCodes RAT Dacls DRATzarus LCPDot LPEClient

2021-10-08 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Actors Target Huawei Cloud Using Upgraded Linux Malware

2021-10-08 ⋅ ⋅ NTT ⋅ Fumio Ozawa, Hiroki Hada, Rintaro Koike
Malware Flagpro used by targeted attack group BlackTech
Flagpro