Malpedia Library

Click here to download all references as Bib-File.•

2021-02-03 ⋅ Sophos Managed Threat Response (MTR) ⋅ Greg Iddon
MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server
RagnarLocker

2021-02-03 ⋅ Google Project Zero ⋅ Maddie Stone
Déjà vu-lnerability A Year in Review of 0-days Exploited In-The-Wild in 2020

2021-02-03 ⋅ Medium s2wlab ⋅ Hyunmin Suh, Minjei Cho
W1 Feb| EN | Story of the week: Stealers on the Darkweb
Azorult Raccoon Vidar

2021-02-03 ⋅ Medium Confiant ⋅ Jerome Dangu
Malvertising: Made in China
Holcus Installer (Adware)

2021-02-03 ⋅ Vice Motherboard ⋅ Joseph Cox, Lorenzo Franceschi-Bicchierai
A Spyware Vendor Seemingly Made a Fake WhatsApp to Hack Targets

2021-02-03 ⋅ Trustwave ⋅ Trustwave SpiderLabs
New Vulnerabilities Discovered in SolarWinds Products by Trustwave SpiderLabs

2021-02-03 ⋅ ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
Dissemination of malicious code disguised as a document of'Amendment of Ministry of Defense's Business Report in 2021

2021-02-03 ⋅ SentinelOne ⋅ Jim Walter
Zeoticus 2.0 | Ransomware With No C2 Required
Zeoticus

2021-02-03 ⋅ Palo Alto Networks Unit 42 ⋅ Ariel Zelivansky, Aviv Sasson, Jay Chen
Hildegard: New TeamTNT Malware Targeting Kubernetes
TeamTNT TeamTNT

2021-02-03 ⋅ Avast Decoded ⋅ Jan Rubín, Jan Vojtěšek
Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests

2021-02-03 ⋅ Stratosphere Lab ⋅ Kamila Babayeva, Sebastian García
Dissecting a RAT. Analysis of DroidJack v4.4 RAT network traffic.
DroidJack

2021-02-03 ⋅ InfoSec Handlers Diary Blog ⋅ Brad Duncan
Excel spreadsheets push SystemBC malware
Cobalt Strike SystemBC

2021-02-02 ⋅ ⋅ CRONUP ⋅ Germán Fernández
De ataque con Malware a incidente de Ransomware
Avaddon BazarBackdoor Buer Clop Cobalt Strike Conti DanaBot Dharma Dridex Egregor Emotet Empire Downloader FriedEx GootKit IcedID MegaCortex Nemty Phorpiex PwndLocker PyXie QakBot RansomEXX REvil Ryuk SDBbot SmokeLoader TrickBot Zloader

2021-02-02 ⋅ Trend Micro ⋅ Abraham Camba, Byron Gelera, Catherine Loveria
Finding and Decoding Multi-Step Obfuscated Malware

2021-02-02 ⋅ Malwarebytes ⋅ Jérôme Segura
Credit card skimmer piggybacks on Magento 1 hacking spree

2021-02-02 ⋅ Click All the Things! Blog ⋅ Jamie
XLSB: Analyzing a Microsoft Excel Binary Spreadsheet

2021-02-02 ⋅ The Wall Street Journal ⋅ Robert McMillan
Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says

2021-02-02 ⋅ Reuters ⋅ Christopher Bing, Jack Stubbs, Joseph Menn, Raphael Satter
Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency - sources

2021-02-02 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Babyk Ransomware won't hit charities, unless they support LGBT, BLM
Babuk

2021-02-02 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on recent dridex post infection activity
Cobalt Strike Dridex