Malpedia Library

Click here to download all references as Bib-File.•

2021-11-11 ⋅ SophosLabs Uncut ⋅ Andrew Brandt
BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism
BazarBackdoor

2021-11-11 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments

2021-11-11 ⋅ SentinelOne ⋅ Niranjan Jayanand
Is SquirrelWaffle the New Emotet? How to Detect the Latest MalSpam Loader
Squirrelwaffle

2021-11-11 ⋅ splunk ⋅ Splunk Threat Research Team
FIN7 Tools Resurface in the Field – Splinter or Copycat?
JSSLoader Remcos

2021-11-11 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT

2021-11-10 ⋅ Malware.News ⋅ malware news
Playstation 5 hacked—twice!
Fail0verflow

2021-11-10 ⋅ ⋅ AhnLab ⋅ ASEC Analysis Team
Analysis Report of Lazarus Group’s NukeSped Malware
DarkComet Tiger RAT

2021-11-10 ⋅ Group-IB ⋅ Group-IB
REDCURL: The awakening
RedCurl

2021-11-10 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.

2021-11-10 ⋅ CIRCL ⋅ CIRCL
TR-64 - Exploited Exchange Servers - Mails with links to malware from known/valid senders
QakBot

2021-11-10 ⋅ ⋅ RT on the Russian ⋅ Aleksey Polyakov, Alena Goinskaya, Ekaterina Suslova, Elizaveta Koroleva
"He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime
REvil REvil

2021-11-10 ⋅ zimperium ⋅ Aazim Yaswant
PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens
PhoneSpy

2021-11-10 ⋅ Trend Micro ⋅ Trend Micro Research
Void Balaur and the Rise of the Cybermercenary Industry
ZStealer Void Balaur

2021-11-10 ⋅ Trend Micro ⋅ Trend Micro Research
Void Balaur and the Rise of the Cybermercenary Industry (IOCs)

2021-11-10 ⋅ CrowdStrike ⋅ Antonio Parata
Ploutus ATM Malware Case Study: Automated Deobfuscation of a Strongly Obfuscated .NET Binary
Ploutus ATM

2021-11-10 ⋅ open source dfir ⋅ Alexander Jäger
Use EVTX files on VirusTotal with Timesketch and Sigma (Part 2)

2021-11-10 ⋅ Blackberry ⋅ Codi Starks, Ryan Chapman
REvil Under the Microscope
GootKit REvil

2021-11-10 ⋅ Microsoft ⋅ John Lambert
The hunt for NOBELIUM, the most sophisticated nation-state attack in history

2021-11-10 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Kendall McKay
North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon

2021-11-10 ⋅ Randori ⋅ Randori Attack Team
Zero-Day Disclosure: Palo Alto Networks GlobalProtect VPN CVE-2021-3064