Malpedia Library

2024-06-21 ⋅ Elastic ⋅ Joe Desimone, Samir Bousseaden
GrimResource - Microsoft Management Console for initial access and evasion
Cobalt Strike

2024-06-20 ⋅ Red Canary ⋅ The Red Canary Team
Gourav Khandelwal, Akash Chaudhuri, Matthew Mesa, Sagar Patil, Uri Oren, Krithika Ramakrishnan
UNC4393

2024-06-20 ⋅ DARKReading ⋅ Elizabeth Montalbano
'Vortax' Meeting Software Builds Elaborate Branding, Spreads Infostealers
Markopolo

2024-06-20 ⋅ SOCRadar ⋅ SOCRadar
Dark Web Profile: SpaceBears
SpaceBears

2024-06-20 ⋅ cocomelonc ⋅ cocomelonc
Linux malware development 1: Intro to kernel hacking. Simple C example.

2024-06-20 ⋅ Cleafy ⋅ Federico Valentini, Simone Mattia
Medusa Reborn: A New Compact Variant Discovered
Medusa TangleBot

2024-06-20 ⋅ Hunt.io ⋅ Michael R
Caught in the Act: Uncovering SpyNote in Unexpected Places
SpyNote

2024-06-19 ⋅ Fortinet ⋅ Pei Han Liao
Fickle Stealer Distributed via Multiple Attack Chain
Fickle Stealer

2024-06-19 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi, Peter Girnus
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework
ValleyRAT Void Arachne

2024-06-19 ⋅ ANSSI ⋅ ANSSI
Malicious activities linked to the Nobelium intrusion set
WINELOADER

2024-06-19 ⋅ Joshua Penny, vc0RExor
Akira: The old-new style crime
Akira

2024-06-19 ⋅ BartBlaze, Nguyen Nguyen
New North Korean based backdoor packs a punch
NikiHTTP

2024-06-19 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Spectre (SPC) v9 Campaigns and Updates
Spectre Rat

2024-06-19 ⋅ AT&T ⋅ Fernando Dominguez
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations
SquidLoader

2024-06-18 ⋅ Positive Technologies ⋅ Positive Technologies
ExCobalt: GoRed, the hidden-tunnel technique
GoRed ExCobalt

2024-06-18 ⋅ Mandiant ⋅ Mandiant
Cloaked and Covert: Uncovering UNC3886 Espionage Operations

2024-06-17 ⋅ splunk ⋅ Splunk Threat Research Team
LNK or Swim: Analysis & Simulation of Recent LNK Phishing

2024-06-17 ⋅ Checkpoint ⋅ Checkpoint
17th June – Threat Intelligence Report
Sp1d3r UNC5537

2024-06-17 ⋅ CySecurity News ⋅ CySecurity News
Truist Bank Confirms Data Breach After Information Surfaces on Hacking Forum
Sp1d3r

2024-06-17 ⋅ Recorded Future ⋅ Insikt Group
The Travels of “markopolo”: Self-Proclaimed Meeting Software Vortax Spreads Infostealers, Unveils Expansive Network of Malicious macOS Applications
AMOS Rhadamanthys Stealc Markopolo