Malpedia Library

Click here to download all references as Bib-File.•

2022-11-03 ⋅ Group-IB ⋅ Rustam Mirkasymov
Financially motivated, dangerously activated: OPERA1ER APT in Africa
Cobalt Strike Common Raven

2022-10-31 ⋅ paloalto Netoworks: Unit42 ⋅ Or Chechik
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Dridex Kronos TrickBot Zeus

2022-10-14 ⋅ Cloudsek ⋅ Aastha Mittal, Anandeshwar Unnikrishnan
Technical Analysis of BlueSky Ransomware
BlueSky

2022-10-12 ⋅ Trend Micro ⋅ Ian Kenefick, Lucas Silva, Nicole Hernandez
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
Black Basta Brute Ratel C4 Cobalt Strike QakBot

2022-10-03 ⋅ Check Point ⋅ Marc Salinas Fernandez
Bumblebee: increasing its capacity and evolving its TTPs
BumbleBee Cobalt Strike Meterpreter Sliver Vidar

2022-10-01 ⋅ Yahoo Finance ⋅ Diego Oré
Analysis-Mexico data hack exposes government cybersecurity vulnerability
Guacamaya

2022-09-30 ⋅ Cloudsek ⋅ Anandeshwar Unnikrishnan
Technical Analysis of MedusaLocker Ransomware
MedusaLocker

2022-09-16 ⋅ Cloudsek ⋅ Anandeshwar Unnikrishnan
Recordbreaker: The Resurgence of Raccoon
Raccoon RecordBreaker

2022-09-11 ⋅ Github (0xTriboulet) ⋅ Steve S
Github Repository for Revenant
Revenant

2022-09-06 ⋅ Check Point ⋅ Check Point Research
DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa
AsyncRAT Meterpreter PoshC2 DangerousSavanna

2022-08-30 ⋅ Medium the_abjuri5t ⋅ John F
NanoCore RAT Hunting Guide
Nanocore RAT

2022-08-29 ⋅ AT&T ⋅ Fernando Martinez
Crypto miners’ latest techniques

2022-08-29 ⋅ InQuest ⋅ David Ledbetter
Office Files, RTF files, Shellcode and more shenanigans
CloudEyE

2022-08-16 ⋅ Huntress Labs ⋅ Dray Agha
Cleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPY

2022-08-04 ⋅ Cloudsek ⋅ Aastha Mittal, Anandeshwar Unnikrishnan
Technical Analysis of Bumblebee Malware Loader
BumbleBee

2022-07-30 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers
FAKEUPDATES Raspberry Robin

2022-07-21 ⋅ ⋅ ASEC ⋅ ASEC Analysis Team
Dissemination of AppleSeed to Specific Military Maintenance Companies
Appleseed

2022-07-12 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

2022-06-28 ⋅ Mandiant ⋅ Mandiant Threat Intelligence
Pro-PRC DRAGONBRIDGE Influence Campaign Targets Rare Earths Mining Companies in Attempt to Thwart Rivalry to PRC Market Dominance

2022-06-13 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool