Malpedia Library

Click here to download all references as Bib-File.•

2020-09-15 ⋅ CrowdStrike ⋅ CrowdStrike Overwatch Team
Nowhere to Hide - 2020 Threat Hunting Report
NedDnLoader RDAT TRACER KITTEN

2020-09-15 ⋅ Checkpoint ⋅ Amir Landau, David Driker
Rudeminer, Blacksquid and Lucifer Walk Into A Bar
Lucifer

2020-09-15 ⋅ US-CERT ⋅ US-CERT
Malware Analysis Report (AR20-259A): Iranian Web Shells
CHINACHOPPER

2020-09-15 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-259A): Iran-Based Threat Actor Exploits VPN Vulnerabilities
CHINACHOPPER Fox Kitten

2020-09-15 ⋅ Recorded Future ⋅ Insikt Group®
Back Despite Disruption: RedDelta Resumes Operations
PlugX

2020-09-14 ⋅ KELA ⋅ Sharon Bitton, Victoria Kivilevich
Back to School: Why Cybercriminals Continue to Target the Education Sector | Part Two

2020-09-14 ⋅ Github (AlessandroZ) ⋅ AlessandroZ
The LaZagne Project !!!
LaZagne

2020-09-14 ⋅ Trend Micro ⋅ Abraham Camba, Aprilyn Borja, Gilbert Sison, Jay Yaneza, Khristoffer Jocson, Ryan Maglaque
Analysis of a Convoluted Attack Chain Involving Ngrok

2020-09-14 ⋅ US-CERT ⋅ US-CERT
Alert (AA20-258A): Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

2020-09-13 ⋅ Twitter (@bartblaze) ⋅ BartBlaze
Tweet on Cryakl 2.0.0.0
Cryakl

2020-09-11 ⋅ VinCSS ⋅ m4n0w4r
[RE016] Malware Analysis: ModiLoader
DBatLoader

2020-09-11 ⋅ RSA Conference (YouTube) ⋅ Brook Chelmo
Two weeks with a Russian Ransomware Cell
HILDACRYPT

2020-09-11 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on discovery of a sample
Turla SilentMoon

2020-09-11 ⋅ ThreatConnect ⋅ ThreatConnect Research Team
Research Roundup: Activity on Previously Identified APT33 Domains
Emotet PlugX APT33

2020-09-11 ⋅ ⋅ KISA ⋅ KrCERT
Analysis of attacker's strategy of using malicious code

2020-09-10 ⋅ QuoSec GmbH ⋅ Quosec Blog
grap: Automating QakBot strings decryption
QakBot

2020-09-10 ⋅ Kaspersky Labs ⋅ GReAT
An overview of targeted attacks and APTs on Linux
Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent

2020-09-10 ⋅ FBI ⋅ FBI, National Cyber Investigative Joint Task Force (NCIJTF)
FBI PIN NUMBER 20200910-001: Cyber Actors Conduct CredentialStuffing Attacks Against US Financial Sector

2020-09-10 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
STRONTIUM: Detecting new patterns in credential harvesting
APT28

2020-09-10 ⋅ Group-IB ⋅ Oleg Skulkin, Semyon Rogachev
Lock Like a Pro: Dive in Recent ProLock's Big Game Hunting
PwndLocker QakBot