Malpedia Library

Click here to download all references as Bib-File.•

2020-09-17 ⋅ FBI ⋅ FBI
FBI PIN Number 20200917-001: IRGC-Associated Cyber Operations Against US Company Networks
MimiKatz Nanocore RAT

2020-09-17 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Treasury Sanctions Cyber Actors Backed by Iranian Intelligence Ministry

2020-09-17 ⋅ SophosLabs Uncut ⋅ Andrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze

2020-09-17 ⋅ Max Kersten's Blog ⋅ Max Kersten
Automatic ReZer0 payload and configuration extraction

2020-09-16 ⋅ RiskIQ ⋅ Jon Gross
RiskIQ: Adventures in Cookie Land - Part 2
8.t Dropper Chinoxy Poison Ivy

2020-09-16 ⋅ Zscaler ⋅ Aditya Sharma, Avinash Kumar
Malware Leveraging XML-RPC Vulnerability to Exploit WordPress Sites
WpBruteBot

2020-09-16 ⋅ Intel 471 ⋅ Intel 471
Partners in crime: North Koreans and elite Russian-speaking cybercriminals
TrickBot

2020-09-15 ⋅ CrowdStrike ⋅ CrowdStrike Overwatch Team
Nowhere to Hide - 2020 Threat Hunting Report
NedDnLoader RDAT TRACER KITTEN

2020-09-15 ⋅ Checkpoint ⋅ Amir Landau, David Driker
Rudeminer, Blacksquid and Lucifer Walk Into A Bar
Lucifer

2020-09-15 ⋅ Recorded Future ⋅ Insikt Group®
Back Despite Disruption: RedDelta Resumes Operations
PlugX

2020-09-14 ⋅ KELA ⋅ Sharon Bitton, Victoria Kivilevich
Back to School: Why Cybercriminals Continue to Target the Education Sector | Part Two

2020-09-14 ⋅ Trend Micro ⋅ Abraham Camba, Aprilyn Borja, Gilbert Sison, Jay Yaneza, Khristoffer Jocson, Ryan Maglaque
Analysis of a Convoluted Attack Chain Involving Ngrok

2020-09-13 ⋅ Twitter (@bartblaze) ⋅ BartBlaze
Tweet on Cryakl 2.0.0.0
Cryakl

2020-09-11 ⋅ RSA Conference (YouTube) ⋅ Brook Chelmo
Two weeks with a Russian Ransomware Cell
HILDACRYPT

2020-09-11 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on discovery of a sample
Turla SilentMoon

2020-09-11 ⋅ ⋅ KISA ⋅ KrCERT
Analysis of attacker's strategy of using malicious code

2020-09-10 ⋅ QuoSec GmbH ⋅ Quosec Blog
grap: Automating QakBot strings decryption
QakBot

2020-09-10 ⋅ Kaspersky Labs ⋅ GReAT
An overview of targeted attacks and APTs on Linux
Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent

2020-09-10 ⋅ FBI ⋅ FBI, National Cyber Investigative Joint Task Force (NCIJTF)
FBI PIN NUMBER 20200910-001: Cyber Actors Conduct CredentialStuffing Attacks Against US Financial Sector

2020-09-10 ⋅ Group-IB ⋅ Oleg Skulkin, Semyon Rogachev
Lock Like a Pro: Dive in Recent ProLock's Big Game Hunting
PwndLocker QakBot