Malpedia Library

Click here to download all references as Bib-File.•

2021-08-04 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
Detecting Cobalt Strike: Cybercrime Attacks (GOLD LAGOON)
Cobalt Strike

2021-07-30 ⋅ RiskIQ ⋅ Team Atlas
Bear Tracks: Infrastructure Patterns Lead to More Than 30 Active APT29 C2 Servers
elf.wellmess WellMess

2021-07-29 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
Lemon Duck

2021-07-29 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
BazaCall: Phony call centers lead to exfiltration and ransomware
BazarBackdoor Cobalt Strike

2021-07-28 ⋅ Digital Shadows ⋅ Photon Research Team
REvil: Analysis of Competing Hypotheses
REvil REvil

2021-07-27 ⋅ Elastic ⋅ Elastic Security Intelligence & Analytics Team
Collecting and operationalizing threat data from the Mozi botnet
Mozi

2021-07-27 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages
elf.wellmess ElectroRAT BazarNimrod Buer Cobalt Strike Remcos Snake TeleBot WellMess Zebrocy

2021-07-27 ⋅ SYGNIA ⋅ Amitai Ben Shushan Ehrlich, Amnon Kushnir, Arie Zilberstein, Asaf Eitani, Gil Biton, Itay Shohat, Martin Korman, Noam Lifshitz, Sygnia Incident Response Team
TG1021: "Praying Mantis" Dissecting an Advanced Memory-Resident Attack

2021-07-22 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
Lemon Duck

2021-07-22 ⋅ Twitter (@HackSysTeam) ⋅ HackSys Team
Tweet on analysis of Pegasus
Chrysaor

2021-07-21 ⋅ ⋅ TEAMT5 ⋅ Jason3e7, Peter, Tom
"Le" is not tired of this, IE is really naughty
Magniber

2021-07-21 ⋅ splunk ⋅ Splunk Threat Research Team
Detecting Trickbot with Splunk
TrickBot

2021-07-20 ⋅ ⋅ Advanced threat research team
Lazarus organizes social engineering attacks on the cryptocurrency industry

2021-07-20 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group
TeamTNT

2021-07-20 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran
CHINACHOPPER MimiKatz RGDoor

2021-07-19 ⋅ Proofpoint ⋅ Joe Wise, Konstantin Klinger, Proofpoint Threat Research Team, Selena Larson
New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook Caliente Bandits

2021-07-17 ⋅ ZecOps ⋅ ZecOps Research Team
Meet WiFiDemon – iOS WiFi RCE 0-Day Vulnerability, and a Zero-Click Vulnerability That Was Silently Patched

2021-07-15 ⋅ Kryptos Logic ⋅ Kryptos Logic Vantage Team
Adjusting the Anchor
Anchor

2021-07-15 ⋅ ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
APT attack (by Kimsuky) attempt on a specific person using a word document

2021-07-14 ⋅ Advanced Intelligence ⋅ AdvIntel Security & Development Team, Yelisey Boguslavskiy
REvil Vanishes From Underground - Infrastructure Down
REvil