Malpedia Library

Click here to download all references as Bib-File.•

2020-05-28 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Goodbye Mworm, Hello Nworm: TrickBot Updates Propagation Module
TrickBot

2020-05-28 ⋅ Github Security Lab ⋅ Alvaro Muñoz
The Octopus Scanner Malware: Attacking the open source supply chain
Octopus Scanner

2020-05-28 ⋅ Twitter (@BushidoToken) ⋅ BushidoToken
Tweet on OZH RAT
OZH RAT

2020-05-27 ⋅ GAIS-CERT ⋅ GAIS-CERT
Dridex Banking Trojan Technical Analysis Report
Dridex

2020-05-27 ⋅ SophosLabs ⋅ Andrew Brandt, Gabor Szappanos
Netwalker ransomware tools give insight into threat actor
Mailto

2020-05-26 ⋅ CrowdStrike ⋅ The Falcon Complete Team
Falcon Complete Disrupts Malvertising Campaign Targeting AnyDesk

2020-05-26 ⋅ CrowdStrike ⋅ Connor McGarr
Know Your Enemy: Exploiting the Dell BIOS Driver Vulnerability to Defend Against It

2020-05-26 ⋅ CISA ⋅ US-CERT
Alert (AA21-116A): Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
elf.wellmess WellMess

2020-05-26 ⋅ DataBreaches.net ⋅ Dissent
A former DarkSide listing shows up on REvil’s leak site
DarkSide REvil

2020-05-26 ⋅ Youtube (GRIMM Cyber) ⋅ Konstantin Klinger
Passive DNS for Threat Detection & Hunting (Discussing some infrastructure related to APT32)
METALJACK

2020-05-26 ⋅ Bleeping Computer ⋅ Ionut Ilascu
New [F]Unicorn ransomware hits Italy via fake COVID-19 infection map
HiddenTear

2020-05-26 ⋅ CrowdStrike ⋅ Guillermo Taibo
Weaponized Disk Image Files: Analysis, Trends and Remediation
Nanocore RAT

2020-05-26 ⋅ Seguranca Informatica ⋅ Pedro Tavares
The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks
Grandoreiro

2020-05-25 ⋅ Twitter (@JAMESWT_MHT) ⋅ JamesWT
Tweet on FuckUnicorn instance of HiddenTear
HiddenTear

2020-05-24 ⋅ Palo Alto Networks Unit 42 ⋅ Ajaya Neupane, Stefan Achleitner
Using AI to Detect Malicious C2 Traffic
Emotet Sality

2020-05-24 ⋅ Positive Technologies ⋅ PT ESC Threat Intelligence
Operation TA505: network infrastructure. Part 3.
AndroMut Buhtrap SmokeLoader

2020-05-24 ⋅ Malware and Stuff ⋅ Andreas Klopsch
Examining Smokeloader’s Anti Hooking technique
SmokeLoader

2020-05-23 ⋅ Australian Cyber Security Centre ⋅ Australian Cyber Security Centre (ACSC)
Summary of Tradecraft Trends for 2019-20: Tactics, Techniques and Procedures Used to Target Australian Networks

2020-05-22 ⋅ Positive Technologies ⋅ PT ESC Threat Intelligence
Operation TA505: investigating the ServHelper backdoor with NetSupport RAT. Part 2.
NetSupportManager RAT ServHelper

2020-05-22 ⋅ ESET Research ⋅ Lukáš Štefanko
Insidious Android malware gives up all malicious features but one to gain stealth
DEFENSOR ID