Malpedia Library

Click here to download all references as Bib-File.•

2018-11-23 ⋅ Certego ⋅ Matteo Lodi
Sload hits Italy. Unveil the power of powershell as a downloader
sLoad

2018-11-22 ⋅ nccgroup ⋅ Matt Lewis
Turla PNG Dropper is back
Uroburos Turla

2018-11-21 ⋅ Bleeping Computer ⋅ Ionut Ilascu
MageCart Group Sabotages Rival to Ruin Data and Reputation
MageCart

2018-11-20 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
APT28

2018-11-20 ⋅ Trend Micro ⋅ Joelson Soares, Lenart Bermejo
Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America
BLINDTOAD

2018-11-20 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
Cannon

2018-11-20 ⋅ enSilo ⋅ Ben Hunter
L0RDIX: MULTIPURPOSE ATTACK TOOL
L0rdix

2018-11-20 ⋅ GIthub (tillmannw) ⋅ Tillmann Werner
Information, tools, and signatures around the Conficker computer worm
Conficker

2018-11-20 ⋅ ESET Research ⋅ ESET Research
Sednit: What’s going on with Zebrocy?
Zebrocy

2018-11-19 ⋅ Bleeping Computer ⋅ Lawrence Abrams
VisionDirect Data Breach Caused by MageCart Attack
MageCart

2018-11-19 ⋅ FireEye ⋅ Andrew Thompson, Ben Withnell, Jonathan Leathery, Matthew Dunwoody, Michael Matonis, Nick Carr
Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
Cobalt Strike

2018-11-17 ⋅ Youtube (Demonslay335) ⋅ Michael Gillespie
Analyzing Ransomware - Beginner Static Analysis
Hermes

2018-11-16 ⋅ Palo Alto Networks Unit 42 ⋅ Kyle Wilhoit, Robert Falcone
Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery
OilRig

2018-11-16 ⋅ CyberThreatIntelligence Blog ⋅ Action09
(C)0ld Case : From Aerospace to China’s interests.
Sakula RAT

2018-11-16 ⋅ ⋅ Kim Yejun
Return to ROKRAT!! (feat. FAAAA...Sad...)
RokRAT

2018-11-15 ⋅ Proofpoint ⋅ Proofpoint Staff
tRat: New modular RAT appears in multiple email campaigns
tRat

2018-11-13 ⋅ Fortinet ⋅ Fortinet
Enter The DarkGate - New Cryptocurrency Mining and Ransomware Campaign
DarkGate Golroted

2018-11-13 ⋅ Recorded Future ⋅ Insikt Group
Chinese Threat Actor TEMP.Periscope Targets UK-Based Engineering Company Using Russian APT Techniques
SeDll APT40

2018-11-12 ⋅ ccdcoe ⋅ Ensar Şeker, İhsan Burak Tolga
National Cyber Security Organisation: TURKEY

2018-11-12 ⋅ Malwarebytes ⋅ hasherezade
What’s new in TrickBot? Deobfuscating elements
TrickBot