Malpedia Library

Click here to download all references as Bib-File.•

2021-10-01 ⋅ ZeroFox ⋅ Stephan Simon
Babuk Ransomware Variant Delta Plus Used in Live Attacks After Source Code Leaked
Babuk

2021-09-30 ⋅ Kaspersky Labs ⋅ Kaspersky Labs
GhostEmperor’s infection chain and post-exploitation toolset: technical detail
GhostEmperor GhostEmperor

2021-09-30 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Masters of Mimicry: new APT group ChamelGang and its arsenal
Cobalt Strike

2021-09-30 ⋅ Fortinet ⋅ Fred Gutierrez, Shunichi Imano
Ranion Ransomware - Quiet and Persistent RaaS
Ranion

2021-09-30 ⋅ PTSecurity ⋅ PT Expert Security Center
Masters of Mimicry: new APT group ChamelGang and its arsenal
DoorMe Chamelgang

2021-09-30 ⋅ G Data ⋅ Karsten Hahn
All your hashes are belong to us: An overview of malware hashing algorithms

2021-09-30 ⋅ Medium proferosec-osm ⋅ Brenton Morris
RansomEXX, Fixing Corrupted Ransom
RansomEXX

2021-09-30 ⋅ Cisco ⋅ Arnaud Zobec, Vitor Ventura
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus

2021-09-30 ⋅ Trend Micro ⋅ Luis Magisa, Steven Du
Mac Users Targeted by Trojanized iTerm2 App
ZuRu

2021-09-30 ⋅ PT Expert Security Center
Masters of Mimicry: new APT group ChamelGang and its arsenal
Cobalt Strike

2021-09-30 ⋅ lacework ⋅ Lacework Labs
Mirai goes Stealth – TLS & IoT Malware
Mirai VPNFilter

2021-09-30 ⋅ SentinelOne ⋅ Amitai Ben Shushan Ehrlich
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Apostle

2021-09-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brady Stout
Credential Harvesting at Scale Without Malware

2021-09-30 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: xLoader Infostealer
Xloader Formbook

2021-09-30 ⋅ Kaspersky ⋅ Aseel Kayal, Mark Lechtik, Paul Rascagnères, Vasily Berdnikov
GhostEmperor: From ProxyLogon to kernel mode
GhostEmperor GhostEmperor

2021-09-30 ⋅ CrowdStrike ⋅ Falcon OverWatch Team
Hunting for the Confluence Exploitation: When Falcon OverWatch Becomes the First Line of Defense
Cobalt Strike

2021-09-29 ⋅ Silent Push ⋅ Silent Push
Evaluating the Value of Security Intelligence Feeds with Silent Push

2021-09-29 ⋅ Malware Traffic Analysis ⋅ Brad Duncan
Hancitor with Cobalt Strike
Cobalt Strike Hancitor

2021-09-29 ⋅ Check Point ⋅ Bohdan Melnykov, Israel Wernik
PixStealer: a new wave of Android banking Trojans abusing Accessibility Services

2021-09-29 ⋅ Kaspersky Labs ⋅ Ivan Kwiatkowski, Pierre Delcher
DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris Storm-0473