Malpedia Library

2021-08-27 ⋅ Morphisec ⋅ Morphisec Labs
ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors
Cobalt Strike

2021-08-27 ⋅ The Record ⋅ Catalin Cimpanu
Phorpiex botnet shuts down, source code goes up for sale
Phorpiex

2021-08-27 ⋅ Juniper ⋅ Asher Langton
RealTek CVE-2021-35394 Exploited in the Wild

2021-08-27 ⋅ Sophos ⋅ Mark Loman
LockFile ransomware’s box of tricks: intermittent encryption and evasion
LockFile

2021-08-26 ⋅ MIT Technology Review ⋅ Patrick Howell O'Neill
Hackers are trying to topple Belarus’s dictator, with help from the inside

2021-08-26 ⋅ npr ⋅ Dina Temple-Raston
China's Microsoft Hack May Have Had A Bigger Purpose Than Just Spying

2021-08-26 ⋅ The New York Times ⋅ Chris Buckley, Paul Mozur
Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship

2021-08-26 ⋅ Minerva Labs ⋅ Minerva Labs
Become A VIP Victim With New Discord Distributed Malware
BlackNET RAT RedLine Stealer

2021-08-26 ⋅ CrowdStrike ⋅ Yaron Zinar
NTLM Keeps Haunting Microsoft

2021-08-26 ⋅ Advanced Intelligence ⋅ Anastasia Sentsova
From Russia With… LockBit Ransomware: Inside Look & Preventive Solutions
LockBit

2021-08-26 ⋅ Twitter (@ViriBack) ⋅ Dee
Tweet on Vulturi Stealer and it's c2 panel
Vulturi

2021-08-26 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Widespread credential phishing campaign abuses open redirector links

2021-08-26 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Ragnarok ransomware releases master decryptor after shutdown
Ragnarok

2021-08-25 ⋅ DataBreaches.net ⋅ Dissent
Advisories are published, but are enough entities reading them and taking precautions?
ALTDOS

2021-08-25 ⋅ Trend Micro ⋅ Hara Hiroaki, Ted Lee
Earth Baku An APT Group Targeting Indo-Pacific Countries With New Stealth Loaders and Backdoor
Cobalt Strike DUSTPAN SideWalk

2021-08-25 ⋅ TheC0mpany
GrowtopiaStealer
Growtopia

2021-08-25 ⋅ Recorded Future ⋅ Insikt Group®
The Business of Fraud SIM Swapping

2021-08-25 ⋅ Bitdefender ⋅ Bogdan Botezatu, Cristina Vatamanu, Eduard Budaca, Victor Vrabie
FIN8 Threat Actor Goes Agile with New Sardonic Backdoor

2021-08-25 ⋅ GoggleHeadedHacker Blog ⋅ Jacob Pimental
Reverse Engineering Crypto Functions: RC4 and Salsa20
REvil

2021-08-25 ⋅ Cybleinc ⋅ cybleinc
LockFile Ransomware: Exploiting Microsoft Exchange Vulnerabilities Using ProxyShell
LockFile