Malpedia Library

Click here to download all references as Bib-File.•

2021-11-18 ⋅ Cisco ⋅ Josh Pyorre
BlackMatter, LockBit, and THOR
BlackMatter LockBit PlugX

2021-11-16 ⋅ Cisco ⋅ Asheer Malhotra, Chetan Raghuprasad, Vanja Svajcer
Attackers use domain fronting technique to target Myanmar with Cobalt Strike
Cobalt Strike

2021-11-10 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Kendall McKay
North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon

2021-11-09 ⋅ Cisco Talos ⋅ Claudio Bozzato, Lilith Wyatt
Cisco Talos finds 10 vulnerabilities in Azure Sphere’s Linux kernel, Security Monitor and Pluton

2021-11-03 ⋅ Cisco Talos ⋅ Caitlin Huey, Chetan Raghuprasad, Vanja Svajcer
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Babuk CHINACHOPPER

2021-10-26 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Mariano Graziano, Nick Mavis
SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle

2021-10-19 ⋅ Cisco Talos ⋅ Asheer Malhotra
Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India
DCRat Quasar RAT

2021-10-19 ⋅ Cisco ⋅ Artsiom Holub
STRRAT, ZLoader, and HoneyGain
STRRAT Zloader

2021-10-04 ⋅ Cisco ⋅ Tiago Pereira
Threat hunting in large datasets by clustering security events
BazarBackdoor TrickBot

2021-09-30 ⋅ Cisco ⋅ Arnaud Zobec, Vitor Ventura
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus

2021-09-16 ⋅ Cisco ⋅ Tiago Pereira, Vitor Ventura
Operation Layover: How we tracked an attack on the aviation industry to five years of compromise
AsyncRAT Houdini NjRAT

2021-08-31 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Vitor Ventura
Attracting flies with Honey(gain): Adversarial abuse of proxyware

2021-08-12 ⋅ Cisco Talos ⋅ Vanja Svajcer
Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT
Amadey Raccoon ServHelper

2021-07-02 ⋅ Cisco ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore CetaRAT Lilith NjRAT ReverseRAT

2021-06-22 ⋅ Cisco ⋅ Nick Biasini
Attackers in Executive Clothing - BEC continues to separate orgs from their money

2021-06-01 ⋅ Cisco ⋅ Josh Pyorre
Backdoors, RATs, Loaders evasion techniques
BazarNimrod GoldMax Oblique RAT

2021-05-26 ⋅ Cisco Talos ⋅ Vitor Ventura, Warren Mercer
Elizabethan England has nothing on modern-day Russia

2021-05-07 ⋅ Cisco Talos ⋅ Andrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck

2021-04-06 ⋅ Github (FrenchCisco) ⋅ FrenchCisco
Github Repository: RATel
RATel

2021-03-24 ⋅ Cisco ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Winter 2020-21
Egregor REvil WastedLocker