Malpedia Library

Click here to download all references as Bib-File.•

2021-08-20 ⋅ Symantec ⋅ Threat Hunter Team
LockFile: Ransomware Uses PetitPotam Exploit to Compromise Windows Domain Controllers
LockFile

2021-08-19 ⋅ cyble ⋅ Cyble
ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems

2021-08-19 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Ragnar Locker – Malware analysis
RagnarLocker

2021-08-19 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Looking at the new Krypton crypter and recent Data Exfiltrator Samples

2021-08-19 ⋅ Sekoia ⋅ sekoia
An insider insights into Conti operations – Part two
Cobalt Strike Conti

2021-08-19 ⋅ Microsoft ⋅ David Atch, Gil Regev, Ross Bevington
How to proactively defend against Mozi IoT botnet
Mozi

2021-08-19 ⋅ Talos ⋅ Asheer Malhotra, Vanja Svajcer, Vitor Ventura
Malicious Campaign Targets Latin America: The seller, The operator and a curious link
AsyncRAT NjRAT

2021-08-19 ⋅ Huntress Labs ⋅ John Hammond
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit

2021-08-19 ⋅ Sentinel LABS ⋅ Joey Chen, Yi-Jhen Hsieh
ShadowPad | A Masterpiece of Privately Sold Malware in Chinese Espionage
ShadowPad

2021-08-19 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware
Cobalt Strike Dridex TA575

2021-08-18 ⋅ AhnLab ⋅ ASEC Analysis Team
Infostealer Malware Azorult Being Distributed Through Spam Mails
Azorult

2021-08-18 ⋅ Recorded Future ⋅ Insikt Group®
China Propaganda Network Targets BBC Media, UK in Large-Scale Influence Campaign

2021-08-18 ⋅ Intezer ⋅ Ryan Robinson
Cobalt Strike: Detect this Persistent Threat
Cobalt Strike

2021-08-18 ⋅ FireEye ⋅ Aaron Stephens
Detecting Embedded Content in OOXML Documents

2021-08-18 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Diavol ransomware sample shows stronger connection to TrickBot gang
Diavol

2021-08-17 ⋅ Medium amgedwageh ⋅ Amged Wageh
LockBit Ransomware Analysis Notes
LockBit

2021-08-17 ⋅ ClearSky ⋅ ClearSky Research Team
New Iranian Espionage Campaign By “Siamesekitten” – Lyceum
LYCEUM

2021-08-17 ⋅ Recorded Future ⋅ Insikt Group®
Operation Secondary Infektion Continues Targeting Democratic Institutions and Regional Geopolitics

2021-08-17 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike Hunting — DLL Hijacking/Attack Analysis
Cobalt Strike

2021-08-17 ⋅ Sekoia ⋅ sekoia
An insider insights into Conti operations – Part one
Cobalt Strike Conti