Malpedia Library

Click here to download all references as Bib-File.•

2024-05-10 ⋅ Rapid7 Labs ⋅ Evan McCann, Thomas Elkins, Tyler McGraw
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Black Basta Black Basta Cobalt Strike NetSupportManager RAT

2024-05-10 ⋅ CISA ⋅ CISA
AA24-131A: #StopRansomware: Black Basta
Black Basta Black Basta

2024-04-30 ⋅ 0x0d4y ⋅ 0x0d4y
Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement?
Latrodectus

2024-04-19 ⋅ YouTube (Decipher) ⋅ Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant

2024-04-17 ⋅ Mandiant ⋅ Alden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Luke Jenkins, Nick Simonian, Ryan Hall, Tyler McLellan
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Sandworm

2024-04-16 ⋅ Mandiant ⋅ Alden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm

2024-04-09 ⋅ ⋅ Israel National Cyber Directorate ⋅ Israel National Cyber Directorate
קבוצת התקיפה האיראנית Black Shadow

2024-04-09 ⋅ Claroty ⋅ Team82
Unpacking the Blackjack Group's Fuxnet Malware
BlackJack

2024-03-22 ⋅ Mandiant ⋅ Dan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER

2024-02-13 ⋅ Proofpoint ⋅ Axel F, Selena Larson
Bumblebee Buzzes Back in Black
BumbleBee

2024-02-07 ⋅ Lumen ⋅ Black Lotus Labs
KV-Botnet: Don’t call it a Comeback
KV

2024-01-29 ⋅ SonicWall ⋅ Security News
Blackwood APT Group Has a New DLL Loader
NSPX30 Blackwood

2024-01-12 ⋅ Mandiant ⋅ Dimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178

2024-01-09 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira

2023-12-13 ⋅ Lumen ⋅ Black Lotus Labs
Routers Roasting on an Open Firewall: the KV-botnet Investigation
KV

2023-12-11 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT

2023-12-08 ⋅ Security Intelligence ⋅ Claire Zaboeva, Golo Mühr, Joe Fasulo
ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware
Headlace

2023-11-30 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team, Dmitry Bestuzhev
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry
AeroBlade

2023-11-20 ⋅ PWC ⋅ Sveva Vittoria Scenarelli
King of Thieves: Black Alicanto and the Ecosystem of North Korea-Based Cyber Operations
RustBucket CageyChameleon RustBucket

2023-11-16 ⋅ The Register ⋅ Connor Jones
BlackCat plays with malvertising traps to lure corporate victims
BlackCat