Malpedia Library

2024-06-03 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Sekoia TDR
PikaBot: a Guide to its Deep Secrets and Operations
Pikabot

2024-06-02 ⋅ Microsoft ⋅ Clint Watts
How Russia is trying to disrupt the 2024 Paris Olympic Games
Storm-1679

2024-06-01 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 28: RC4 payload encryption. Simple Nim example.

2024-05-31 ⋅ TEHTRIS ⋅ TEHTRIS
Ransomware spotted in active development phase: a successful early detection operation
CashRansomware

2024-05-31 ⋅ Cybersecurity Insiders ⋅ Bogdan Glushko
Proven Data Restores PowerHost’s VMware Backups After SEXi Ransomware Attack
SEXi SEXi

2024-05-30 ⋅ Cloudflare ⋅ Cloudforce One
Disrupting FlyingYeti's campaign targeting Ukraine
COOKBOX FlyingYeti

2024-05-30 ⋅ Recorded Future ⋅ Insikt Group
GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns
Mocky LNK

2024-05-30 ⋅ Recorded Future ⋅ Insikt Group
GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns
Mocky LNK

2024-05-30 ⋅ Cloudflare ⋅ Cloudforce One
Disrupting FlyingYeti's campaign targeting Ukraine
FlyingYeti

2024-05-30 ⋅ Cisco Talos ⋅ Asheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid

2024-05-30 ⋅ Lumen ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-30 ⋅ Trend Micro ⋅ Sunil Bharti
Decoding Water Sigbin's Latest Obfuscation Tricks
Water Sigbin

2024-05-30 ⋅ Hunt.io ⋅ Hunt.io
SolarMarker: Hunt Insights and Findings
solarmarker

2024-05-30 ⋅ Akamai ⋅ Maxim Zavodchik, Ryan Barnett, Stiv Kupchik
RedTail Cryptominer Threat Actors Adopt PAN-OS CVE-2024-3400 Exploit
RedTail

2024-05-30 ⋅ Centurylink ⋅ Black Lotus Labs
The Pumpkin Eclipse
Chalubo

2024-05-30 ⋅ Europol ⋅ Europol
Largest ever operation against botnets hits dropper malware ecosystem
BumbleBee IcedID SmokeLoader SystemBC TrickBot

2024-05-30 ⋅ circleid ⋅ WhoisXML API
A DNS Investigation of the Phobos Ransomware 8Base Attack
8Base Phobos

2024-05-29 ⋅ Medium (DoingFedTime) ⋅ DoingFedTime
80-000 records exposed in shell data breach by threat actor
Threat Actor 888

2024-05-29 ⋅ eSentire ⋅ eSentire
Fake Browser Updates delivering BitRAT and Lumma Stealer
BitRAT Lumma Stealer

2024-05-28 ⋅ HarfangLab ⋅ HarfangLab CTR
AllaSenha: AllaKore variant leverages Azure cloud C2 to steal banking details in Latin America
AllaKore AllaSenha