Malpedia Library

2021-08-27 ⋅ Sophos ⋅ Mark Loman
LockFile ransomware’s box of tricks: intermittent encryption and evasion
LockFile

2021-08-26 ⋅ MIT Technology Review ⋅ Patrick Howell O'Neill
Hackers are trying to topple Belarus’s dictator, with help from the inside

2021-08-26 ⋅ npr ⋅ Dina Temple-Raston
China's Microsoft Hack May Have Had A Bigger Purpose Than Just Spying

2021-08-26 ⋅ The New York Times ⋅ Chris Buckley, Paul Mozur
Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship

2021-08-26 ⋅ Minerva Labs ⋅ Minerva Labs
Become A VIP Victim With New Discord Distributed Malware
BlackNET RAT RedLine Stealer

2021-08-26 ⋅ CrowdStrike ⋅ Yaron Zinar
NTLM Keeps Haunting Microsoft

2021-08-26 ⋅ Advanced Intelligence ⋅ Anastasia Sentsova
From Russia With… LockBit Ransomware: Inside Look & Preventive Solutions
LockBit

2021-08-26 ⋅ Twitter (@ViriBack) ⋅ Dee
Tweet on Vulturi Stealer and it's c2 panel
Vulturi

2021-08-26 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Widespread credential phishing campaign abuses open redirector links

2021-08-26 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Ragnarok ransomware releases master decryptor after shutdown
Ragnarok

2021-08-25 ⋅ DataBreaches.net ⋅ Dissent
Advisories are published, but are enough entities reading them and taking precautions?
ALTDOS

2021-08-25 ⋅ Trend Micro ⋅ Hara Hiroaki, Ted Lee
Earth Baku An APT Group Targeting Indo-Pacific Countries With New Stealth Loaders and Backdoor
Cobalt Strike DUSTPAN SideWalk

2021-08-25 ⋅ TheC0mpany
GrowtopiaStealer
Growtopia

2021-08-25 ⋅ Recorded Future ⋅ Insikt Group®
The Business of Fraud SIM Swapping

2021-08-25 ⋅ Bitdefender ⋅ Bogdan Botezatu, Cristina Vatamanu, Eduard Budaca, Victor Vrabie
FIN8 Threat Actor Goes Agile with New Sardonic Backdoor

2021-08-25 ⋅ GoggleHeadedHacker Blog ⋅ Jacob Pimental
Reverse Engineering Crypto Functions: RC4 and Salsa20
REvil

2021-08-25 ⋅ Cybleinc ⋅ cybleinc
LockFile Ransomware: Exploiting Microsoft Exchange Vulnerabilities Using ProxyShell
LockFile

2021-08-25 ⋅ Trend Micro ⋅ Bin Lin, William Gamazo Sanchez
New Campaign Sees LokiBot Delivered Via Multiple Methods
Loki Password Stealer (PWS)

2021-08-25 ⋅ FBI ⋅ FBI
MC-000150-MW: Indicators of Compromise Associated with Hive Ransomware
Hive

2021-08-25 ⋅ RiskIQ ⋅ Jordan Herman
EITest: Linkages to the Ongoing Malware Delivery Campaign Referred to as "Gootloader"
GootLoader