Malpedia Library

Click here to download all references as Bib-File.•

2021-02-12 ⋅ CERT-FR ⋅ CERT-FR
The Malware-Aa-A-Service Emotet
Emotet

2021-02-12 ⋅ Fortinet ⋅ Xiaopeng Zhang
New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part II
BazarBackdoor

2021-02-12 ⋅ Fortinet ⋅ Xiaopeng Zhang
New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part I
BazarBackdoor

2021-02-12 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
A twitter thread on discussing updated attack chain of EVILNUM group and their use PYVIL malware
PyVil

2021-02-12 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams

2021-02-12 ⋅ InfoSec Handlers Diary Blog ⋅ Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla

2021-02-12 ⋅ Trustwave ⋅ Diana Lopera, Rodel Mendrez
The Many Roads Leading To Agent Tesla
Agent Tesla

2021-02-11 ⋅ Cyber And Ramen blog ⋅ Mike R
BlackTech Updates Elf-Plead Backdoor
PLEAD

2021-02-11 ⋅ Twitter (@malwrhunterteam) ⋅ MalwareHunterTeam
Tweet on one of the first Fedex-themed lures for FluBot
FluBot

2021-02-11 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
A Baza Valentine’s Day
BazarBackdoor

2021-02-11 ⋅ AGARI ⋅ Crane Hassold
Cosmic Lynx Returns in 2021 with Updated Tricks

2021-02-11 ⋅ CrowdStrike ⋅ Radu Vlad
Press #1 to Play: A Look Into eCrime Menu-style Toolkits
Mailto CIRCUS SPIDER

2021-02-11 ⋅ US-CERT ⋅ CISA, FBI
Alert (AA21-042A): Compromise of U.S. Water Treatment Facility

2021-02-11 ⋅ InfoSec Handlers Diary Blog ⋅ Jan Kopriva
Agent Tesla hidden in a historical anti-malware tool
Agent Tesla

2021-02-11 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise

2021-02-11 ⋅ DomainTools ⋅ Joe Slowik
Visibility, Monitoring, and Critical Infrastructure Security
Industroyer Stuxnet Triton

2021-02-11 ⋅ CTI LEAGUE ⋅ CTI LEAGUE
CTIL Darknet Report – 2021
Conti Mailto Maze REvil Ryuk

2021-02-11 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Hancitor Activity followed by cobaltsrike beacon
Cobalt Strike Hancitor

2021-02-11 ⋅ Morphisec ⋅ Morphisec
An Analysis of the Egregor Ransomware
Egregor

2021-02-10 ⋅ Anomali ⋅ Anomali Threat Research, Gage Mele, Winston Marydasan, Yury Polozov
Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies