Malpedia Library

Click here to download all references as Bib-File.•

2025-01-31 ⋅ ConnectWise ⋅ Blake Eakin
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks
Black Basta Black Basta ReedBed

2025-01-29 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret

2025-01-27 ⋅ Zscaler ⋅ ThreatLabZ research team, Zscaler
Technical Analysis of Xloader Versions 6 and 7 | Part 1
Xloader

2025-01-27 ⋅ SecurityScorecard ⋅ STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign

2025-01-25 ⋅ Sophos ⋅ Anthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393

2025-01-23 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Helldown Ransomware Malware Analysis Report
HellDown

2025-01-21 ⋅ Knownsec ⋅ Knownsec 404 Team
Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia
GamaCopy

2025-01-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet about affiliates of DarkScorpius using Social Engineering via MS Teams
UNC4393

2025-01-13 ⋅ Halcyon ⋅ Halcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger

2025-01-08 ⋅ ThreatMon ⋅ Alp Cihangir Aslan, Aziz Kaplan, Ozan Ünal, ThreatMon, ThreatMon Malware Research Team
Akira Ransomware Group & Malware Analysis Report
Akira

2024-12-20 ⋅ Team Cymru ⋅ Lewis Henderson
Jingle Shells: How Virtual Offices Enable a Facade of Legitimacy

2024-12-18 ⋅ Claroty ⋅ Team82
Inside a New Cyberweapon: IOCONTROL
elf.iocontrol

2024-12-18 ⋅ KELA ⋅ KELA’s Research Team
Three Months After the Storm: Did Cybercriminals Move to Telegram Alternatives?

2024-12-17 ⋅ Trend Micro ⋅ Feike Hacquebord, Stephen Hilt
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

2024-12-16 ⋅ Zscaler ⋅ ThreatLabZ research team
Technical Analysis of RiseLoader
RiseLoader

2024-12-12 ⋅ Spamhaus ⋅ Spamhaus Team
PEC “invoice scam” - Stealing time, money, and trust from businesses
MintsLoader

2024-12-12 ⋅ XLab ⋅ XLab Team
Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals
Winnti Glutton

2024-12-10 ⋅ Claroty ⋅ Team82
Inside a New OT/IoT Cyberweapon: IOCONTROL
elf.iocontrol

2024-12-10 ⋅ Zscaler ⋅ ThreatLabZ research team
Inside Zloader’s Latest Trick: DNS Tunneling
GhostSocks Zloader

2024-12-03 ⋅ Hunt.io ⋅ Hunt.io
Rare Watermark Links Cobalt Strike 4.10 Team Servers to Ongoing Suspicious Activity
Cobalt Strike