Malpedia Library

2022-02-25 ⋅ Threatray ⋅ Carlos Rubio, Markel Picado
Threat updates – A new IcedID GZipLoader variant
IcedID Downloader

2022-02-25 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations
HermeticWiper

2022-02-24 ⋅ Talos ⋅ Mitch Neff
Threat Advisory: Current executive guidance for ongoing cyberattacks in Ukraine
VPNFilter EternalPetya

2022-02-24 ⋅ Cisco Talos ⋅ Talos
Threat Advisory: Cyclops Blink
VPNFilter

2022-02-24 ⋅ nviso ⋅ Michel Coene
Threat Update – Ukraine & Russia conflict
EternalPetya GreyEnergy HermeticWiper Industroyer KillDisk WhisperGate

2022-02-24 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Ukraine: Disk-wiping Attacks Precede Russian Invasion
HermeticWiper

2022-02-23 ⋅ Fortinet ⋅ Derek Manky
Global Threat Landscape Report A Semiannual Report by FortiGuard Labs

2022-02-23 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
APT-C-58 (Gorgon Group) attack warning
Agent Tesla

2022-02-23 ⋅ Twitter (@threatintel) ⋅ Symantec Threat Intelligence
Tweet on new wiper malware being used in attacks on Ukraine
HermeticWiper

2022-02-22 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
IcedID to Cobalt Strike In Under 20 Minutes
Cobalt Strike IcedID PhotoLoader

2022-02-17 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
Threat Thursday: Arkei Infostealer Expands Reach Using SmokeLoader to Target Crypto Wallets and MFA
Arkei Stealer SmokeLoader

2022-02-17 ⋅ NCC Group ⋅ Michael Mullen, Richard Footman, Simon Biggs
Detecting Karakurt – an extortion focused threat actor

2022-02-17 ⋅ SentinelOne ⋅ Amitai Ben, Shushan Ehrlich
Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
APT35

2022-02-16 ⋅ CrowdStrike ⋅ CrowdStrike
Global Threat Report 2022
Sea Turtle

2022-02-16 ⋅ Threat Post ⋅ Elizabeth Montalbano
Emotet Now Spreading Through Malicious Excel Files
Emotet

2022-02-16 ⋅ Threat Post ⋅ Tara Seals
TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands
TrickBot

2022-02-15 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Increase in Emotet Activity and Cobalt Strike Deployment
Cobalt Strike Emotet

2022-02-15 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
ShadowPad Malware Analysis
ShadowPad

2022-02-15 ⋅ Threat Post ⋅ Elizabeth Montalbano
TA2541: APT Has Been Shooting RATs at Aviation for Years
AsyncRAT Houdini NetWire RC Parallax RAT

2022-02-11 ⋅ Cisco Talos ⋅ Talos
Threat Roundup for February 4 to February 11
DarkComet Ghost RAT Loki Password Stealer (PWS) Tinba Tofsee Zeus