Malpedia Library

Click here to download all references as Bib-File.•

2024-06-05 ⋅ ⋅ LAC ⋅ Yoshihiro Ishikawa
Thumtais, a malware targeting Japanese organizations
EagerBee

2024-06-05 ⋅ Symantec ⋅ Symantec Threat Intelligence
RansomHub: New Ransomware has Origins in Older Knight
Knight RansomHub RansomHub

2024-06-05 ⋅ QuoIntelligence ⋅ Alixia Clarisse Rutayisire
European Election Security At Risk: A Detailed Analysis of State-Sponsored, eCrime, and Hacktivist Threats
Dragonbridge

2024-06-05 ⋅ Qurakslab ⋅ Fabrice Rossi, Florian Yger, Riccardo Mori, Robin David, Roxane Cohen
QBinDiff: A modular differ to enhance binary diffing and graph alignment (Slides)

2024-06-05 ⋅ ⋅ QuarksLab ⋅ Fabrice Rossi, Florian Yger, Riccardo Mori, Robin David, Roxane Cohen
QBinDiff: A modular differ to enhance binary diffing and graph alignment (Video)

2024-06-05 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR SPZ in tandem with the legitimate SyncThing ("SickSync" campaign) (CERT-UA#9934)
UAC-0020

2024-06-05 ⋅ ⋅ Sekoia ⋅ Charles Meslay
Reverse engineering of malicious code in CTI - Analysis of the evolution of an infection chain (Paper)
FlowCloud

2024-06-05 ⋅ ⋅ Sekoia ⋅ Charles Meslay
The reverse engineering of malicious code in the ITC - Analysis of the evolution of a chain of infection (Slides)
FlowCloud

2024-06-05 ⋅ Cisco Talos ⋅ Cisco Talos
DarkGate switches up its tactics with new payload, email templates
DarkGate

2024-06-04 ⋅ Aquasec ⋅ Nitzan Yaakov
Muhstik Malware Targets Message Queuing Services Applications
Tsunami

2024-06-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0200: Targeted cyberattacks using DarkCrystal RAT and Signal as a trusted distribution vehicle (CERT-UA#9918)
DCRat

2024-06-03 ⋅ SpyCloud ⋅ James
Reversing Atomic macOS Stealer: Binaries, Backdoors & Browser Theft
AMOS

2024-06-03 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Sekoia TDR
PikaBot: a Guide to its Deep Secrets and Operations
Pikabot

2024-05-31 ⋅ Cybersecurity Insiders ⋅ Bogdan Glushko
Proven Data Restores PowerHost’s VMware Backups After SEXi Ransomware Attack
SEXi SEXi

2024-05-30 ⋅ Cloudflare ⋅ Cloudforce One
Disrupting FlyingYeti's campaign targeting Ukraine
COOKBOX FlyingYeti

2024-05-30 ⋅ Recorded Future ⋅ Insikt Group
GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns
Mocky LNK

2024-05-30 ⋅ Recorded Future ⋅ Insikt Group
GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns
Mocky LNK

2024-05-30 ⋅ Cloudflare ⋅ Cloudforce One
Disrupting FlyingYeti's campaign targeting Ukraine
FlyingYeti

2024-05-30 ⋅ Cisco Talos ⋅ Asheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid

2024-05-30 ⋅ Lumen ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo