Malpedia Library

Click here to download all references as Bib-File.•

2021-11-16 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 ⋅ Malwarebytes ⋅ Malwarebytes Threat Intelligence Team
TrickBot helps Emotet come back from the dead
Emotet TrickBot

2021-11-13 ⋅ Just Still ⋅ Still Hsu
Threat Spotlight - Domain Fronting
Cobalt Strike

2021-11-12 ⋅ CUJOAI ⋅ Albert Zsigovits
New Threat Alert: Krane Malware

2021-11-11 ⋅ vmware ⋅ Giovanni Vigna, Jason Zhang, Stefano Ortolani, Threat Analysis Unit
Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer
Phorpiex QakBot

2021-11-11 ⋅ Google ⋅ Erye Hernandez, Google Threat Analysis Group
Analyzing a watering hole campaign using macOS exploits
CDDS

2021-11-11 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts
Squirrelwaffle

2021-11-11 ⋅ splunk ⋅ Splunk Threat Research Team
FIN7 Tools Resurface in the Field – Splinter or Copycat?
JSSLoader Remcos

2021-11-11 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT

2021-11-10 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard, Google Threat Analysis Group
Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe

2021-11-10 ⋅ Sekoia ⋅ Cyber Threat Intelligence team
Walking on APT31 infrastructure footprints
Rekoobe Unidentified ELF 004 Cobalt Strike

2021-11-09 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Eli Salem
THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware
Cobalt Strike Conti

2021-11-09 ⋅ Prevailion ⋅ Accenture Cyber Threat Intelligence, Prevailion
Who are latest targets of cyber group Lyceum?
Milan Shark LYCEUM

2021-11-08 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus

2021-11-04 ⋅ Deep instinct ⋅ Shaul Vilkomir-Preisman
Understanding the Windows JavaScript Threat Landscape
STRRAT Griffon BlackByte Houdini Vjw0rm FIN7

2021-11-04 ⋅ ⋅ NSHC RedAlert Labs ⋅ Red Alert
Threat Actor targeted attack against Finance and Investment industry

2021-11-04 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
Threat Thursday: Karma Ransomware
Karma

2021-11-04 ⋅ splunk ⋅ Splunk Threat Research Team
Detecting IcedID... Could It Be A Trickbot Copycat?
IcedID

2021-11-03 ⋅ Telsy ⋅ Telsy Research Team
Dissecting new AppleSeed backdoor of Kimsuky threat actor
Appleseed

2021-11-03 ⋅ Team Cymru ⋅ tcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader