Malpedia Library

Click here to download all references as Bib-File.•

2021-09-13 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)

2021-08-27 ⋅ ⋅ Seguranca Informatica ⋅ Pedro Tavares
Fraude personificando a marca Continente espalha-se através do WhatsApp: Não se deixe enganar!

2021-08-24 ⋅ CitizenLab ⋅ Ali Abdulemam, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits
Chrysaor

2021-08-23 ⋅ Marco Ramilli
Paradise Ransomware: The Builder
Paradise

2021-07-18 ⋅ Twitter (@billmarczak) ⋅ Bill Marczak
Twitter thread with a couple of interesting bits from AmnestyTech's new report on Pegasus
Chrysaor

2021-07-18 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware
Chrysaor

2021-07-15 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Ron Deibert
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot

2021-07-04 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
Babuk Ransomware: The Builder
Babuk Babuk

2021-06-24 ⋅ SentinelOne ⋅ Marco Figueroa
Evasive Maneuvers | Massive IcedID Campaign Aims For Stealth with Benign Macros
IcedID

2021-06-17 ⋅ Kaspersky ⋅ Marc Rivero López
Black Kingdom ransomware
BlackKingdom Ransomware

2021-06-14 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
The Allegedly Ryuk Ransomware builder: #RyukJoke
Chaos

2021-05-20 ⋅ SentinelOne ⋅ Marco Figueroa
Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers

2021-05-12 ⋅ Palo Alto Networks Unit 42 ⋅ Ramarcus Baylor
DarkSide Ransomware Gang: An Overview
DarkSide

2021-05-07 ⋅ Marco Ramilli
MuddyWater: Binder Project (Part 2)

2021-05-01 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
Muddywater: Binder Project

2021-04-23 ⋅ xorl %eax, %eax ⋅ Anastasios Pingios
Analysis of the CardingMafia March 2021 data breach

2021-04-22 ⋅ splunk ⋅ Dave Herrald, Drew Church, James Brodsky, John Stoner, Katie Brown, Marcus LaFerrera, Michael Natkin, Mick Baccio, Ryan Kovar
SUPERNOVA Redux, with a Generous Portion of Masquerading
SUPERNOVA

2021-04-21 ⋅ splunk ⋅ Bill Wright, Dave Herrald, James Brodsky, John Stoner, Kelly Huang, Marcus LaFerrerra, Michael Natkin, Mick Baccio, Ryan Kovar, Shannon Davis, Tamara Chacon
Monitoring Pulse Connect Secure With Splunk (CISA Emergency Directive 21-03)

2021-04-19 ⋅ Sentinel LABS ⋅ Marco Figueroa
A Deep Dive into Zebrocy’s Dropper Docs
Downdelph

2021-04-16 ⋅ Team Cymru ⋅ Joshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT