Malpedia Library

Click here to download all references as Bib-File.•

2024-06-11 ⋅ Kroll ⋅ George Glass, Keith Wojcieszek, Laurie Iacono
PLAY Ransomware Group Gains Access via Citrix Bleed Vulnerability
PLAY

2024-06-11 ⋅ Invoke RE ⋅ Josh Reynolds
Parser Script for Havoc Config
Havoc

2024-06-11 ⋅ Zscaler ⋅ ThreatLabZ research team
A Brief History of SmokeLoader, Part 1
SmokeLoader

2024-06-10 ⋅ cyble ⋅ Cyble
Vietnamese Entities Targeted by China-Linked Mustang Panda in Cyber Espionage

2024-06-10 ⋅ Mandiant ⋅ Mandiant
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
Lumma Stealer MetaStealer Raccoon RedLine Stealer RisePro Vidar UNC5537

2024-06-10 ⋅ The Hacker News ⋅ Ravie Lakshmanan
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack
More_eggs

2024-06-07 ⋅ The Record ⋅ Daryna Antoniuk
Russia-linked Vermin hackers target Ukrainian military in new espionage campaign
UAC-0020

2024-06-07 ⋅ SOCRadar ⋅ SOCRadar
Grandoreiro Malware Campaign: A Global Threat to Banking Security
Grandoreiro

2024-06-06 ⋅ Morphisec ⋅ Arnold Osipov
Howling at the Inbox: Sticky Werewolf’s Latest Malicious Aviation Attacks
Angry Likho

2024-06-06 ⋅ Blackberry ⋅ Dmitry Melikov
Kimsuky is targeting an arms manufacturer in Europe.

2024-06-06 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
New Gitloker attacks wipe GitHub repos in extortion scheme
Gitloker

2024-06-06 ⋅ Hunt.io ⋅ Hunt.io
Tracking LightSpy: Certificates as Windows into Adversary Behavior
lightSpy

2024-06-06 ⋅ CrowdStrike ⋅ Alexandru Dinu, Dragoș Corlătescu, Mihaela Găman, Paul Sumedrea
EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

2024-06-06 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] DarkGate – Make AutoIt Great Again
DarkGate

2024-06-05 ⋅ Symantec ⋅ Symantec Threat Intelligence
RansomHub: New Ransomware has Origins in Older Knight
Knight RansomHub RansomHub

2024-06-05 ⋅ QuoIntelligence ⋅ Alixia Clarisse Rutayisire
European Election Security At Risk: A Detailed Analysis of State-Sponsored, eCrime, and Hacktivist Threats
Dragonbridge

2024-06-05 ⋅ Qurakslab ⋅ Fabrice Rossi, Florian Yger, Riccardo Mori, Robin David, Roxane Cohen
QBinDiff: A modular differ to enhance binary diffing and graph alignment (Slides)

2024-06-05 ⋅ ⋅ QuarksLab ⋅ Fabrice Rossi, Florian Yger, Riccardo Mori, Robin David, Roxane Cohen
QBinDiff: A modular differ to enhance binary diffing and graph alignment (Video)

2024-06-05 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR SPZ in tandem with the legitimate SyncThing ("SickSync" campaign) (CERT-UA#9934)
UAC-0020

2024-06-05 ⋅ ⋅ Sekoia ⋅ Charles Meslay
Reverse engineering of malicious code in CTI - Analysis of the evolution of an infection chain (Paper)
FlowCloud