Malpedia Library

Click here to download all references as Bib-File.•

2024-03-04 ⋅ Proofpoint ⋅ Kelsey Merriman, Selena Larson, Tommy Madjar
TA577’s Unusual Attack Chain Leads to NTLM Data Theft

2024-03-04 ⋅ ⋅ Weixin ⋅ Hunting Shadow Lab
Shadow Hunting: Analysis of APT37’s attack activities against South Korea using North Korean political topics
RokRAT

2024-03-03 ⋅ OALabs ⋅ herrcore
GitHub Bug Used to Infect Game Hackers With Lua Malware
SmartLoader

2024-02-29 ⋅ Vipyr Security ⋅ Vipyr Security
Novel ELF64 Remote Access Tool Embedded in Malicious PyPI Uploads
SimpleTea

2024-02-29 ⋅ CrowdStrike ⋅ Jean-Philippe Teissier
The Anatomy of an ALPHA SPIDER Ransomware Attack
BlackCat Alpha Spider

2024-02-29 ⋅ StrikeReady ⋅ StrikeReady Labs
Don't get BITTER about being targeted -- fight back with the help of the community.
Bitter RAT

2024-02-28 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
XRed Backdoor: The Hidden Threat in Trojanized Programs
XRed

2024-02-28 ⋅ EchoCTI ⋅ Bilal BAKARTEPE, bixploit
Raccoon Stealer V2.0 Technical Analysis
Raccoon

2024-02-27 ⋅ Mandiant ⋅ Ashley Frazer, Ashley Pearson, Austin Larsen, Jacob Thompson, Matt Lin, Robert Wallace, Ryan Gandrud
Cutting Edge, Part 3: Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts
BUSHWALK Kubo Injector PITFUEL PITHOOK PITSOCK

2024-02-27 ⋅ Cisco Talos ⋅ Guilherme Venere, Jacob Finn, Jacob Stanfill, James Nutland, Tucker Favreau
TimbreStealer campaign targets Mexican users with financial lures
TimbreStealer

2024-02-27 ⋅ Mandiant ⋅ Chen Evgi, Jonathan Leathery, Ofir Rozmann
When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors
LIGHTRAIL MINIBIKE MINIBUS UNC1549

2024-02-27 ⋅ Doubleagent.net ⋅ haxrob
GTPDOOR - A novel backdoor tailored for covert access over the roaming exchange
GTPDOOR

2024-02-27 ⋅ US Department of Defense ⋅ US Department of Defense
Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations
MooBot

2024-02-26 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0149 Attack Detection: Hackers Launch a Targeted Attack Against the Armed Forces of Ukraine, as CERT-UA Reports
COOKBOX UAC-0149

2024-02-26 ⋅ Twitter (@embee_research) ⋅ Embee_research
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples
NetSupportManager RAT

2024-02-26 ⋅ NCSC UK ⋅ NCSC UK
SVR cyber actors adapt tactics for initial cloud access

2024-02-25 ⋅ YouTube (Embee Research) ⋅ Embee_research
My Longest CyberChef Recipe Ever - 22 Operation Configuration Extractor
NetSupportManager RAT

2024-02-24 ⋅ Cert-UA ⋅ Cert-UA
UAC-0149: Targeted selective attacks against the Defense Forces of Ukraine using COOKBOX (CETRT-UA#9204)
COOKBOX UAC-0149

2024-02-23 ⋅ Cyfirma ⋅ cyfirma
Xeno RAT: A New Remote Access Trojan with Advance Capabilities
XenoRAT

2024-02-21 ⋅ YouTube (SentinelOne) ⋅ Kris McConkey
LABSCon23 Replay | Chasing Shadows | The rise of a prolific espionage actor
9002 RAT PlugX ShadowPad Spyder Earth Lusca