Malpedia Library

Click here to download all references as Bib-File.•

2020-09-21 ⋅ Trend Micro ⋅ Raphael Centeno
Cybercriminals Distribute Backdoor With VPN Installer
NjRAT

2020-09-20 ⋅ Check Point Research ⋅ Check Point Research
Rampant Kitten – An Iranian Espionage Campaign
HookInjEx TelAndExt TelB

2020-09-18 ⋅ Trend Micro ⋅ Trend Micro
U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks
Cobalt Strike ColdLock SharPyShell

2020-09-18 ⋅ KELA ⋅ Raveed Laeb, Victoria Kivilevich
The Initial Access Broker’s Toolbox – Remote Monitoring and Management

2020-09-17 ⋅ PWC UK ⋅ PWC UK
Analysis of WellMail malware's Command and Control (C2) server
WellMail

2020-09-17 ⋅ FBI ⋅ FBI
FBI FLASH ME-000134-MW: Indicators of Compromise Associated with Rana Intelligence Computing, also known as APT39, Chafer, Cadelspy, Remexi, and ITG07

2020-09-17 ⋅ FBI ⋅ FBI
FBI PIN Number 20200917-001: IRGC-Associated Cyber Operations Against US Company Networks
MimiKatz Nanocore RAT

2020-09-17 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Treasury Sanctions Cyber Actors Backed by Iranian Intelligence Ministry

2020-09-17 ⋅ SophosLabs Uncut ⋅ Andrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze

2020-09-17 ⋅ Max Kersten's Blog ⋅ Max Kersten
Automatic ReZer0 payload and configuration extraction

2020-09-16 ⋅ RiskIQ ⋅ Jon Gross
RiskIQ: Adventures in Cookie Land - Part 2
8.t Dropper Chinoxy Poison Ivy

2020-09-16 ⋅ Zscaler ⋅ Aditya Sharma, Avinash Kumar
Malware Leveraging XML-RPC Vulnerability to Exploit WordPress Sites
WpBruteBot

2020-09-16 ⋅ Intel 471 ⋅ Intel 471
Partners in crime: North Koreans and elite Russian-speaking cybercriminals
TrickBot

2020-09-15 ⋅ CrowdStrike ⋅ CrowdStrike Overwatch Team
Nowhere to Hide - 2020 Threat Hunting Report
NedDnLoader RDAT TRACER KITTEN

2020-09-15 ⋅ Checkpoint ⋅ Amir Landau, David Driker
Rudeminer, Blacksquid and Lucifer Walk Into A Bar
Lucifer

2020-09-15 ⋅ Recorded Future ⋅ Insikt Group®
Back Despite Disruption: RedDelta Resumes Operations
PlugX

2020-09-14 ⋅ KELA ⋅ Sharon Bitton, Victoria Kivilevich
Back to School: Why Cybercriminals Continue to Target the Education Sector | Part Two

2020-09-14 ⋅ Trend Micro ⋅ Abraham Camba, Aprilyn Borja, Gilbert Sison, Jay Yaneza, Khristoffer Jocson, Ryan Maglaque
Analysis of a Convoluted Attack Chain Involving Ngrok

2020-09-13 ⋅ Twitter (@bartblaze) ⋅ BartBlaze
Tweet on Cryakl 2.0.0.0
Cryakl

2020-09-11 ⋅ RSA Conference (YouTube) ⋅ Brook Chelmo
Two weeks with a Russian Ransomware Cell
HILDACRYPT