Malpedia Library

Click here to download all references as Bib-File.•

2024-04-29 ⋅ The DFIR Report ⋅ The DFIR Report
From IcedID to Dagon Locker Ransomware in 29 Days
IcedID Mount Locker

2024-04-27 ⋅ CySecurity News ⋅ CySecurity News
Cryptocurrency Chaos: El Salvador's Bitcoin Wallet Code Leaked, Privacy at Risk
CiberInteligenciaSV

2024-04-25 ⋅ Mandiant ⋅ Jamie Collier, Kelli Vanderlee
Poll Vaulting: Cyber Threats to Global Elections
Callisto

2024-04-25 ⋅ SOCRadar ⋅ SOCRadar
Dark Web Profile: Red Ransomware

2024-04-24 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover
Cobalt Strike Latrodectus

2024-04-24 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Pakistani APTs Escalate Attacks on Indian Gov. Seqrite Labs Unveils Threats and Connections
AllaKore Crimson RAT

2024-04-24 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Qakbot 5.0 – Decrypt strings and configuration
QakBot

2024-04-24 ⋅ Cisco ⋅ Cisco Talos
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
ArcaneDoor Storm-1849

2024-04-24 ⋅ NCSC UK ⋅ NCSC UK
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices.

2024-04-24 ⋅ NCSC UK ⋅ NCSC UK
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices.

2024-04-23 ⋅ Infoblox ⋅ Renée Burton
Muddling Meerkat: The Great Firewall Manipulator

2024-04-22 ⋅ Wired ⋅ Matt Burgess
North Koreans Secretly Animated Amazon and Max Shows, Researchers Say

2024-04-19 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine
Kapeka reGeorg

2024-04-19 ⋅ Raffaele Sabato
Gold Pickaxe iOS Technical Analysis: IPA Overview and C2 Communication Start up

2024-04-19 ⋅ DARKReading ⋅ Nate Nelson
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware

2024-04-19 ⋅ YouTube (Decipher) ⋅ Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant

2024-04-19 ⋅ ⋅ Spiegel Online ⋅ Christoph Giesen, Hakan Tanriverdi, Simon Hage
VW-Konzern wurde jahrelang ausspioniert – von China?
CHINACHOPPER PlugX

2024-04-18 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0149 cyberattack exploiting Signal, CVE-2023-38831 vulnerability, and COOKBOX malware (CERT-UA#9522)
COOKBOX

2024-04-18 ⋅ EchoCTI ⋅ Bilal BAKARTEPE, bixploit
Turla APT Analysis with TinyTurla-NG
TinyTurlaNG

2024-04-17 ⋅ Microsoft ⋅ Clint Watts, Microsoft Threat Analysis Center (MTAC)
Russian US election interference targets support for Ukraine after slow start