Malpedia Library

Click here to download all references as Bib-File.•

2018-08-09 ⋅ Intrusiontruth ⋅ Intrusiontruth
More on Huaying Haitai and Laoying Baichaun, the companies associated with APT10. Is there a state connection?

2018-08-09 ⋅ Github (ewhitehats) ⋅ eWhitehats
Kovter Uncovered: Malware Teardown
Kovter

2018-08-08 ⋅ Nozomi Networks ⋅ Alessandro Di Pinto, Andrea Carcano, Younes Dragoni
TRITON: The First ICS Cyber Attack on Safety Instrument Systems
Triton

2018-08-08 ⋅ Dissecting Malware ⋅ MLWRDSSCTNG
Export JRAT/Adwind Config with x32dbg

2018-08-06 ⋅ Cyberbit ⋅ Boris Erbesfeld, Hod Gavriel
BackSwap Banker Malware Hides Inside Replicas of Legitimate Programs
BackSwap

2018-08-06 ⋅ rinse and REpeat analysis ⋅ James Haughom
Reversing Cerber - RaaS
Cerber

2018-08-05 ⋅ Vitali Kremez Blog ⋅ Vitali Kremez
Let's Learn: Diving into the Latest "Ramnit" Banker Malware via "sLoad" PowerShell
sLoad

2018-08-03 ⋅ JPCERT/CC ⋅ Takuya Endo, Yukako Uchida
Volatility Plugin for Detecting Cobalt Strike Beacon
Cobalt Strike

2018-08-02 ⋅ Palo Alto Networks Unit 42 ⋅ David Fuertes, Josh Grunzweig, Kyle Wilhoit, Robert Falcone
The Gorgon Group: Slithering Between Nation State and Cybercrime
Loki Password Stealer (PWS) Nanocore RAT NjRAT Quasar RAT Remcos Revenge RAT

2018-08-02 ⋅ David Fuertes, Josh Grunzweig, Kyle Wilhoit, Robert Falcone
The Gorgon Group: Slithering Between Nation State and Cybercrime
The Gorgon Group

2018-08-01 ⋅ Netlab ⋅ JiaYu
Threat Alert: DDG 3013 is Out
DDG

2018-08-01 ⋅ Kryptos Logic ⋅ Kryptos Logic
Inside Look at Emotet's Global Victims and Malspam Qakbot Payloads
Emotet

2018-08-01 ⋅ FireEye ⋅ Barry Vengerik, Kimberly Goody, Nick Carr, Steve Miller
On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation
BELLHOP POWERPIPE BABYMETAL SocksBot FIN7

2018-07-31 ⋅ Palo Alto Networks Unit 42 ⋅ Kaoru Hayashi, Vicky Ray
Bisonal Malware Used in Attacks Against Russia and South Korea
Korlia

2018-07-31 ⋅ Palo Alto Networks Unit 42 ⋅ Kaoru Hayashi, Vicky Ray
Bisonal Malware Used in Attacks Against Russia and South Korea

2018-07-30 ⋅ Proofpoint ⋅ Proofpoint Staff
New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign
Azorult Hermes

2018-07-29 ⋅ Sophos ⋅ Felix Weyne
AdKoob information thief targets Facebook ad purchase info
AdKoob

2018-07-28 ⋅ Bleeping Computer ⋅ Catalin Cimpanu
New Underminer Exploit Kit Discovered Pushing Bootkits and CoinMiners
Hidden Bee

2018-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone, Tom Lancaster
New Threat Actor Group DarkHydrus Targets Middle East Government
RogueRobin DarkHydrus

2018-07-26 ⋅ IEEE Symposium on Security and Privacy (SP) ⋅ Alex C. Snoeren, Damon McCoy, Danny Yuxing Huang, Elie Bursztein, Jonathan Levin, Kirill Levchenko, Kylie McRoberts, Luca Invernizzi, Maxwell Matthaios Aliapoulios, Vector Guo Li
Tracking Ransomware End-to-end
Cerber Locky WannaCryptor