Malpedia Library

2020-10-03 ⋅ Trend Micro ⋅ Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Kazuki Fujisawa
Earth Akhlut: Exploring the Tools, Tactics, and Procedures of an Advanced Threat Actor Operating a Large Infrastructure
Dexbia TypeHash

2020-10-03 ⋅ Medium vishal_thakur ⋅ Vishal Thakur
Grinju Downloader: Anti-analysis (on steroids) | Part 2
Grinju Downloader

2020-10-02 ⋅ Lexfo ⋅ Lexfo
Lockbit analysis
LockBit

2020-10-02 ⋅ Twitter (@craiu) ⋅ Costin Raiu
Tweet about IAmTheKing / PowerPool actor naming
PowerPool

2020-10-02 ⋅ Check Point Research ⋅ Eyal Itkin, Itay Cohen
Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints

2020-10-02 ⋅ KrebsOnSecurity ⋅ Brian Krebs
Attacks Aimed at Disrupting the Trickbot Botnet
TrickBot

2020-10-02 ⋅ FBI ⋅ FBI
Alert Number I-100220-PSA: Spoofed Internet Domains and Email Accounts Pose Cyber and Disinformation Risks to Voters

2020-10-01 ⋅ KELA ⋅ Victoria Kivilevich
To Attack or Not to Attack: Targeting the Healthcare Sector in the Underground Ecosystem
Conti DoppelPaymer Mailto Maze REvil Ryuk SunCrypt

2020-10-01 ⋅ Centre for Cyber Security ⋅ Centre for Cyber Security
The Anatomy of Targeted Ransomware Attacks

2020-10-01 ⋅ CrowdStrike ⋅ Dylan Barker, Quinten Bowen, Ryan Campbell
Duck Hunting with Falcon Complete: Analyzing a Fowl Banking Trojan, Part 1
QakBot MALLARD SPIDER

2020-10-01 ⋅ Wired ⋅ Andy Greenberg
Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency
Cobalt Strike Meterpreter

2020-10-01 ⋅ FBI ⋅ FBI
Alert Number I-100120-PSA: Foreign Actors Likely to Use Online Journals to Spread Disinformation Regarding 2020 Elections

2020-10-01 ⋅ Proofpoint ⋅ Axel F, Proofpoint Threat Research Team
Emotet Makes Timely Adoption of Political and Elections Lures
Emotet

2020-09-30 ⋅ Aqua Nautilus ⋅ Assaf Morag
Threat Alert: TeamTNT is Back and Attacking Vulnerable Redis Servers
TeamTNT

2020-09-30 ⋅ RiskIQ ⋅ Jon Gross
Diving Into DONOT's Mobile Rabbit Hole
KnSpy

2020-09-30 ⋅ Google ⋅ Sebastian Porst, Łukasz Siewierski
The fall of Domino – a preinstalled hostile downloader

2020-09-30 ⋅ NTT Security ⋅ Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic (Paper)

2020-09-30 ⋅ NTT Security ⋅ Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic (Slides)

2020-09-30 ⋅ Team Cymru ⋅ Jacomo Piccolini, James Shank
Pandamic: Emissary Pandas in the Middle East
HyperBro HyperSSL

2020-09-30 ⋅ NTT Security ⋅ Fumio Ozawa, Rintaro Koike, Shogo Hayashi
Operation LagTime IT: colourful Panda footprint (Slides)
Cotx RAT nccTrojan Poison Ivy Tmanger