Malpedia Library

Click here to download all references as Bib-File.•

2024-03-30 ⋅ Github (smx-smx) ⋅ smx
Gist with XZ Backdoor analysis
xzbot

2024-03-29 ⋅ boehs.org ⋅ Evan Boehs
Everything I Know About the XZ Backdoor
xzbot

2024-03-29 ⋅ Github (thesamsam) ⋅ Sam James
Gist with XZ Backdoor analysis
xzbot

2024-03-29 ⋅ Openwall ⋅ Andres Freund
Initial email disclosing suspected backdoor in xz tarballs
xzbot

2024-03-24 ⋅ Securonix ⋅ Securonix
Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors
BeaverTail

2024-03-22 ⋅ Mandiant ⋅ Dan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER

2024-03-21 ⋅ Mandiant ⋅ Adam Aprahamian, Austin Larsen, Dan Kelly, Marcin Siedlarz, Mathew Potaczek, Michael Raggi
Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect
GOREVERSE SNOWLIGHT

2024-03-21 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Security Brief: TA450 Uses Embedded Links in PDF Attachments in Latest Campaign

2024-03-20 ⋅ K7 Security ⋅ Shanmugasundharam E
Python Ciphering : Delving into Evil Ant’s Ransomware’s Tactics
Evil Ant

2024-03-18 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware
RandomQuery

2024-03-18 ⋅ XLab ⋅ Acey9, wanghao
Mirai Nomi: A Botnet Leveraging DGA
Mirai

2024-03-18 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks
DinodasRAT PlugX Reshell ShadowPad Earth Krahang

2024-03-18 ⋅ The Hacker News ⋅ Newsroom
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
MASEPIE OCEANMAP

2024-03-12 ⋅ ⋅ Alyac ⋅ YALYX4
North Kimsuky organization's policy advisor camouflaged spear phishing beware

2024-03-12 ⋅ ShadowStackRE ⋅ ShadowStackRE
Donex ransomware
Donex

2024-03-11 ⋅ SOCRadar ⋅ SOCRadar
Acuity Federal Contractor Breach, Okta Customers Leak, DCRat Exploit and Access Sales
DCRat CyberNiggers

2024-03-11 ⋅ Dr.Web ⋅ Dr.Web
Study of a targeted attack on a Russian enterprise in the mechanical-engineering sector
WhiteSnake Stealer

2024-03-09 ⋅ Asobancaria ⋅ CSIRT Financiero
New Backdoor Activity Socks5Systemz
Socks5 Systemz

2024-03-08 ⋅ Nofix.re ⋅ Nofix
KrustyLoader - Leveraging rust compilation artifacts to obtain reliable compilation timestamps and pivoting
KrustyLoader

2024-03-07 ⋅ ESET Research ⋅ Anh ho, Facundo Muñoz
Evasive Panda leverages Monlam Festival to target Tibetans
MgBot Nightdoor