Malpedia Library

Click here to download all references as Bib-File.•

2021-06-15 ⋅ Trend Micro ⋅ Byron Gelera, Earle Earnshaw, Janus Agcaoili, Miguel Ang, Nikko Tamana
Ransomware Double Extortion and Beyond: REvil, Clop, and Conti
Clop Conti REvil

2021-06-15 ⋅ Nextron Systems ⋅ Nextron Systems
Use YARA math Module Extension in THOR TechPreview and THOR Lite

2021-06-15 ⋅ Elastic ⋅ Gabriel Landau
What you need to know about Process Ghosting, a new executable image tampering attack

2021-06-15 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
Hades Ransomware Operators Use Distinctive Tactics and Infrastructure
Cobalt Strike Hades

2021-06-15 ⋅ NCC Group ⋅ Michael Matthews, NCC RIFT, William Backhouse
Handy guide to a new Fivehands ransomware variant
FiveHands

2021-06-14 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
The Allegedly Ryuk Ransomware builder: #RyukJoke
Chaos

2021-06-14 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
A Step-by-Step Analysis of a New Version of DarkSide Ransomware
DarkSide

2021-06-14 ⋅ scotthelme.co.uk ⋅ Scott Helme
Introducing Script Watch: Detect Magecart style attacks, fast!
magecart

2021-06-14 ⋅ The Record ⋅ Catalin Cimpanu
G7 calls on Russia to crack down on ransomware gangs

2021-06-14 ⋅ nccgroup ⋅ Fox-IT Data Science Team, NCCGroup
Incremental Machine Learning by Example: Detecting Suspicious Activity with Zeek Data Streams, River, and JA3 Hashes

2021-06-14 ⋅ AlienVault ⋅ Fernando Martinez
Malware hosting domain Cyberium fanning out Mirai variants
Mirai

2021-06-14 ⋅ Blaze's Security Blog ⋅ BartBlaze
Digital artists targeted in RedLine infostealer campaign
RedLine Stealer

2021-06-14 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

2021-06-14 ⋅ The Record ⋅ Catalin Cimpanu
Apple patches two iOS zero-days in old-gen devices

2021-06-13 ⋅ SecJuice ⋅ Secprentice
Blue Team Detection: DarkSide Ransomware
DarkSide

2021-06-13 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.6
FluBot

2021-06-12 ⋅ Twitter (@AltShiftPrtScn) ⋅ Peter Mackenzie
A thread on RagnarLocker ransomware group's TTP seen in an Incident Response
Cobalt Strike RagnarLocker

2021-06-12 ⋅ YouTube (BSidesBoulder) ⋅ Kaspersky, Kurt Baumgartner
Same and Different - sesame street level attribution
Kazuar SUNBURST

2021-06-11 ⋅ Quick Heal ⋅ Digvijay Mane
Google Play store applications laced with Joker malware yet again
Joker

2021-06-11 ⋅ TEAMT5 ⋅ Linda Kuo, Zih-Cing Liao
Story of the ‘Phisherman’ -Dissecting Phishing Techniques of CloudDragon APT (slides)
Appleseed BabyShark