Malpedia Library

Click here to download all references as Bib-File.•

2024-03-22 ⋅ Mandiant ⋅ Dan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER

2024-03-21 ⋅ Mandiant ⋅ Adam Aprahamian, Austin Larsen, Dan Kelly, Marcin Siedlarz, Mathew Potaczek, Michael Raggi
Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect
GOREVERSE SNOWLIGHT

2024-03-21 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Security Brief: TA450 Uses Embedded Links in PDF Attachments in Latest Campaign

2024-03-20 ⋅ K7 Security ⋅ Shanmugasundharam E
Python Ciphering : Delving into Evil Ant’s Ransomware’s Tactics
Evil Ant

2024-03-18 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware
RandomQuery

2024-03-18 ⋅ XLab ⋅ Acey9, wanghao
Mirai Nomi: A Botnet Leveraging DGA
Mirai

2024-03-18 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks
DinodasRAT PlugX Reshell ShadowPad Earth Krahang

2024-03-18 ⋅ The Hacker News ⋅ Newsroom
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
MASEPIE OCEANMAP

2024-03-12 ⋅ ⋅ Alyac ⋅ YALYX4
North Kimsuky organization's policy advisor camouflaged spear phishing beware

2024-03-12 ⋅ ShadowStackRE ⋅ ShadowStackRE
Donex ransomware
Donex

2024-03-11 ⋅ SOCRadar ⋅ SOCRadar
Acuity Federal Contractor Breach, Okta Customers Leak, DCRat Exploit and Access Sales
DCRat CyberNiggers

2024-03-11 ⋅ Dr.Web ⋅ Dr.Web
Study of a targeted attack on a Russian enterprise in the mechanical-engineering sector
WhiteSnake Stealer

2024-03-09 ⋅ Asobancaria ⋅ CSIRT Financiero
New Backdoor Activity Socks5Systemz
Socks5 Systemz

2024-03-08 ⋅ Nofix.re ⋅ Nofix
KrustyLoader - Leveraging rust compilation artifacts to obtain reliable compilation timestamps and pivoting
KrustyLoader

2024-03-07 ⋅ ESET Research ⋅ Anh ho, Facundo Muñoz
Evasive Panda leverages Monlam Festival to target Tibetans
MgBot Nightdoor

2024-03-07 ⋅ Twitter (@H4ckManac) ⋅ HackManac
Duvel reportedly compromised by Stormous ransomware group
Stormous

2024-03-06 ⋅ Proofpoint ⋅ Dusty Miller, Jake G, Selena Larson
TA4903: Actor Spoofs U.S. Government, Small Businesses in Phishing, BEC Bids
TA4903

2024-03-06 ⋅ BushidoToken ⋅ BushidoToken
Tracking Adversaries: UAC-0050, Cracking The DaVinci Code

2024-03-05 ⋅ CIP ⋅ paloalto Networks: Unit42, State Service of Special Communication and Information Protection of Ukraine (CIP)
Semi-Annual Chronicles of UAC-0006 Operations
SmokeLoader

2024-03-05 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
Anxun and Chinese APT Activity
ShadowPad