Malpedia Library

Click here to download all references as Bib-File.•

2024-06-06 ⋅ Blackberry ⋅ Dmitry Melikov
Kimsuky is targeting an arms manufacturer in Europe.
NikiHTTP

2024-06-05 ⋅ ⋅ LAC ⋅ Yoshihiro Ishikawa
Thumtais, a malware targeting Japanese organizations
EagerBee

2024-05-30 ⋅ Cisco Talos ⋅ Asheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid

2024-05-30 ⋅ Lumen ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-30 ⋅ Centurylink ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-28 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
BlackSuit Attack Analysis
BlackSuit

2024-05-16 ⋅ Elastic ⋅ Daniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Latrodectus

2024-05-15 ⋅ Stairwell ⋅ Threat Research at Stairwell
Stairwell threat report: Black Basta overview and detection rules
Black Basta Black Basta

2024-05-10 ⋅ Rapid7 Labs ⋅ Evan McCann, Thomas Elkins, Tyler McGraw
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Black Basta Black Basta Cobalt Strike NetSupportManager RAT

2024-05-10 ⋅ CISA ⋅ CISA
AA24-131A: #StopRansomware: Black Basta
Black Basta Black Basta

2024-04-30 ⋅ 0x0d4y ⋅ 0x0d4y
Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement?
Latrodectus

2024-04-19 ⋅ YouTube (Decipher) ⋅ Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant

2024-04-17 ⋅ Mandiant ⋅ Alden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Luke Jenkins, Nick Simonian, Ryan Hall, Tyler McLellan
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Sandworm

2024-04-16 ⋅ Mandiant ⋅ Alden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm

2024-04-09 ⋅ ⋅ Israel National Cyber Directorate ⋅ Israel National Cyber Directorate
קבוצת התקיפה האיראנית Black Shadow

2024-04-09 ⋅ Claroty ⋅ Team82
Unpacking the Blackjack Group's Fuxnet Malware
BlackJack

2024-03-22 ⋅ Mandiant ⋅ Dan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER

2024-02-27 ⋅ Mandiant ⋅ Ashley Frazer, Ashley Pearson, Austin Larsen, Jacob Thompson, Matt Lin, Robert Wallace, Ryan Gandrud
Cutting Edge, Part 3: Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts
BUSHWALK Kubo Injector PITFUEL PITHOOK PITSOCK

2024-02-13 ⋅ Proofpoint ⋅ Axel F, Selena Larson
Bumblebee Buzzes Back in Black
BumbleBee

2024-02-07 ⋅ Lumen ⋅ Black Lotus Labs
KV-Botnet: Don’t call it a Comeback
KV