Malpedia Library

2017-03-27 ⋅ Microsoft ⋅ Microsoft Defender ATP Research Team
Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005
APT31

2017-03-23 ⋅ FireEye ⋅ Christopher Truncer
WMImplant – A WMI Based Agentless Post-Exploitation RAT Developed in PowerShell
WMImplant

2017-03-22 ⋅ Trend Micro ⋅ Cedric Pernet
Winnti Abuses GitHub for C&C Communications
EASYNIGHT APT41

2017-03-22 ⋅ Cylance ⋅ Cylance Threat Research Team
El Machete's Malware Attacks Cut Through LATAM
Machete El Machete

2017-03-22 ⋅ Cylance ⋅ Threat Research Team
El Machete's Malware Attacks Cut Through LATAM
El Machete

2017-03-22 ⋅ Trend Micro ⋅ Cedric Pernet
Winnti Abuses GitHub for C&C Communications
Winnti

2017-03-21 ⋅ DomainTools ⋅ DomainTools
Hunt Case Study: Hunting Campaign Indicators on Privacy Protected Attack Infrastructure
CopyKittens

2017-03-17 ⋅ Fortinet ⋅ David Wang, He Xu
Grabbot is Back to Nab Your Data
GrabBot

2017-03-16 ⋅ Threatpost ⋅ Michael Mimoso
Fileless Malware Campaigns Tied to Same Attacker
FIN7

2017-03-15 ⋅ Trend Micro ⋅ Trend Micro Cyber Safety Solutions Team
MajikPOS Combines PoS Malware and RATs to Pull Off its Malicious Tricks
MajikPos

2017-03-15 ⋅ Github (MinervaLabsResearch) ⋅ Minerva Labs
Vaccinating against Spora ransomware: a proof-of-concept tool by Minerva
Spora

2017-03-14 ⋅ ClearSky ⋅ ClearSky Research Team
Operation Electric Powder – Who is targeting Israel Electric Company?
Molerat Loader

2017-03-14 ⋅ Arnaud Delmas ⋅ Arnaud Delmas
Analyzing and Deobfuscating FlokiBot Banking Trojan
FlokiBot

2017-03-14 ⋅ Kaspersky Labs ⋅ Anton Ivanov, Fedor Sinitsyn
PetrWrap: the new Petya-based ransomware used in targeted attacks
PetrWrap

2017-03-14 ⋅ ClearSky ⋅ ClearSky Research Team
Operation Electric Powder – Who is targeting Israel Electric Company?
ElectricPowder

2017-03-13 ⋅ Google ⋅ Bernhard Grill, Megan Ruthven, Xin Zhao
Detecting and eliminating Chamois, a fraud botnet on Android
Chamois

2017-03-08 ⋅ Cylance ⋅ Threat Research Team
RawPOS Malware Rides Again
RawPOS

2017-03-07 ⋅ Kaspersky Labs ⋅ GReAT
FROM SHAMOON TO STONEDRILL: Wipers attacking Saudi organizations and beyond
StoneDrill

2017-03-06 ⋅ bashis
0-Day: Dahua backdoor Generation 2 and 3
BrickerBot

2017-03-02 ⋅ Laboratory of Cryptography and System Security ⋅ Boldizsar Bencsath
Update on the Fancy Bear Android malware (poprd30.apk)
X-Agent