Malpedia Library

Click here to download all references as Bib-File.•

2024-04-19 ⋅ ThreatMon ⋅ ThreatMon, ThreatMon Malware Research Team
APT44: The Famous Sandworm of Russia

2024-04-17 ⋅ Microsoft ⋅ Clint Watts, Microsoft Threat Analysis Center (MTAC)
Russian US election interference targets support for Ukraine after slow start

2024-04-17 ⋅ Microsoft ⋅ Microsoft Threat Analysis Center (MTAC)
Nation-states engage in US-focused influence operations ahead of US presidential election

2024-04-16 ⋅ HarfangLab ⋅ CYBER THREAT RESEARCH TEAM
Analysis of the APT31 Indictment
RAWDOOR APT31

2024-04-12 ⋅ Volexity ⋅ Volexity Threat Research
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
UPSTYLE UTA0218

2024-04-12 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400
UPSTYLE

2024-04-10 ⋅ 2024-04-10 ⋅ Antonio Pirozzi, Sarthak Misraa
XZ Utils Backdoor | Threat Actor Planned to Inject Further Vulnerabilities
xzbot

2024-04-09 ⋅ Hunt.io ⋅ Hunt.io
BlueShell: Four Years On, Still A Formidable Threat
BlueShell

2024-04-04 ⋅ Microsoft ⋅ Clint Watts, Microsoft Threat Analysis Center (MTAC)
China tests US voter fault lines and ramps AI content to boost its geopolitical interests

2024-04-04 ⋅ Twitter (@embee_research) ⋅ Embee_research
TLS Certificate For Threat Intelligence - Identifying MatanBuchus Domains Through Hardcoded Certificate Values
Matanbuchus

2024-04-04 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team, Team Cymru, TEAM CYMRU S2 THREAT RESEARCH
Latrodectus: This Spider Bytes Like Ice
IcedID Latrodectus

2024-04-03 ⋅ ThreatMon ⋅ Kerime Gencay
XZ Utils Backdoor Research Report CVE-2024-3094
xzbot

2024-04-01 ⋅ Microsoft ⋅ Microsoft Threat Analysis Center (MTAC)
Same targets, new playbooks: East Asia threat actors employ unique methods

2024-04-01 ⋅ ThreatMon ⋅ Kerime Gencay
RisePro Stealer Malware Analysis Report
RisePro

2024-03-24 ⋅ Securonix ⋅ Securonix
Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors
BeaverTail

2024-03-21 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Security Brief: TA450 Uses Embedded Links in PDF Attachments in Latest Campaign

2024-03-18 ⋅ ThreatMon ⋅ Kerime Gencay
Planet Stealer Malware Analysis Report (Paywall)

2024-03-05 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
Anxun and Chinese APT Activity
ShadowPad

2024-03-01 ⋅ Gatewatcher ⋅ Gatewatcher
CYBER THREATS SEMESTER REPORT (July - December 2023) (paywall)

2024-02-27 ⋅ Mandiant ⋅ Chen Evgi, Jonathan Leathery, Ofir Rozmann
When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors
LIGHTRAIL MINIBIKE MINIBUS UNC1549