Malpedia Library

Click here to download all references as Bib-File.•

2022-03-27 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hive ransomware ports its Linux VMware ESXi encryptor to Rust
BlackCat Hive Hive

2022-03-23 ⋅ vmware ⋅ Sagar Daundkar, Threat Analysis Unit
SysJoker – An Analysis of a Multi-OS RAT
SysJoker SysJoker SysJoker

2022-03-09 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Exploitation of VMware Horizon Servers by TunnelVision Threat Actor
Drokbk

2022-03-04 ⋅ vmware ⋅ Giovanni Vigna, Oleg Boyarchuk, Stefano Ortolani, Threat Analysis Unit
Hermetic Malware: Multi-component Threat Targeting Ukraine Organizations
HermeticWiper

2022-02-25 ⋅ vmware ⋅ Sudhir Devkar, Threat Analysis Unit
AvosLocker – Modern Linux Ransomware Threats
Avoslocker

2022-02-17 ⋅ SentinelOne ⋅ Amitai Ben, Shushan Ehrlich
Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
APT35

2022-02-09 ⋅ vmware ⋅ VMWare
Exposing Malware in Linux-Based Multi-Cloud Environments
ACBackdoor BlackMatter DarkSide Erebus HelloKitty Kinsing PLEAD QNAPCrypt RansomEXX REvil Sysrv-hello TeamTNT Vermilion Strike Cobalt Strike

2022-02-07 ⋅ vmware ⋅ Jason Zhang, Threat Analysis Unit
Emotet Is Not Dead (Yet) – Part 2
Emotet

2022-01-27 ⋅ vmware ⋅ VMWare
BlackSun Ransomware – The Dark Side of PowerShell
BlackSun

2022-01-24 ⋅ Trend Micro ⋅ Junestherry Dela Cruz
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit LockBit

2022-01-21 ⋅ vmware ⋅ Jason Zhang, Threat Analysis Unit
Emotet Is Not Dead (Yet)
Emotet

2022-01-20 ⋅ Morphisec ⋅ Michael Gorelik
Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk
Cobalt Strike

2022-01-17 ⋅ Cybleinc ⋅ Cyble
AvosLocker Ransomware Linux Version Targets VMware ESXi Servers
Avoslocker AvosLocker

2022-01-15 ⋅ Huntress Labs ⋅ Team Huntress
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401)
Cobalt Strike

2022-01-11 ⋅ Twitter (@cglyer) ⋅ Christopher Glyer
Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware
Cobalt Strike NightSky

2021-12-23 ⋅ vmware ⋅ Threat Analysis Unit
Introducing DARTH: Distributed Analysis for Research and Threat Hunting

2021-12-03 ⋅ vmware ⋅ VMWare
TigerRAT – Advanced Adversaries on the Prowl
Tiger RAT

2021-11-16 ⋅ vmware ⋅ Takahiro Haruyama
Monitoring Winnti 4.0 C2 Servers for Two Years
Winnti

2021-11-11 ⋅ vmware ⋅ Giovanni Vigna, Jason Zhang, Stefano Ortolani, Threat Analysis Unit
Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer
Phorpiex QakBot

2021-09-21 ⋅ vmware ⋅ Bob Plankers
VMSA-2021-0020: What You Need to Know (CVE-2021-22005)