Malpedia Library

Click here to download all references as Bib-File.•

2022-07-29 ⋅ ENISA ⋅ Apostolos Malatras, Eleni Tsekmezoglou, Ifigeneia Lella, Rossen Naydenov, Sebastian García, Veronica Valeros
ENISA Threat Landscape for Ransomware Attacks

2022-07-06 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI
Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Maui Ransomware

2022-07-06 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI
CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)
Maui Ransomware

2022-07-01 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI, FINCEN
Alert (AA22-181A): #StopRansomware: MedusaLocker
MedusaLocker

2022-06-30 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI, FINCEN
CSA (AA22-181A): #StopRansomware: MedusaLocker
MedusaLocker

2022-06-27 ⋅ InQuest ⋅ Isabelle Quinn
GlowSand

2022-06-01 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI, FINCEN
Alert (AA22-152A): Karakurt Data Extortion Group
MimiKatz

2022-06-01 ⋅ CISA ⋅ CISA, Department of the Treasury (Treasury), FBI, FINCEN
Joint Cybersecurity Advisory (Product ID AA22-152A): Karakurt Data Extortion Group
MimiKatz

2022-05-04 ⋅ Twitter (@ESETresearch) ⋅ Twitter (@ESETresearch)
Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper

2022-05-03 ⋅ Cluster25 ⋅ Cluster25
The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader: IsaacWiper Vs Vatet
Cobalt Strike IsaacWiper PyXie

2022-05-02 ⋅ Trend Micro ⋅ Alvin Nieto, Christoper Ordonez
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
AvosLocker

2022-04-27 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, New Zealand National Cyber Security Centre (NZ NCSC), NSA, United Kingdom’s National Cyber Security Centre (NCSC-UK)
Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities

2022-04-20 ⋅ CISA ⋅ CISA
TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot TraderTraitor

2022-04-20 ⋅ CISA ⋅ CISA
Alert (AA22-110A): Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader Killnet

2022-04-20 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, Government Communications Security Bureau, National Crime Agency (NCA), NCSC UK, NSA
AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader

2022-04-18 ⋅ CISA ⋅ CISA, FBI, U.S. Department of the Treasury
Alert (AA22-108A): TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot

2022-04-18 ⋅ CISA ⋅ CISA, FBI, U.S. Department of the Treasury
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies (PDF)
FastCash Bankshot

2022-04-14 ⋅ Group-IB ⋅ Ivan Pisarev
Old Gremlins, new methods
TinyFluff OldGremlin

2022-04-14 ⋅ Group-IB ⋅ Ivan Pisarev
Old Gremlins, new methods

2022-04-13 ⋅ CISA, Department of Energy (DOE), FBI, NSA
APT Cyber Tools Targeting ICS/SCADA Devices