Malpedia Library

Click here to download all references as Bib-File.•

2024-05-22 ⋅ Bleeping Computer ⋅ Bill Toulas
Chinese hackers hide on military and govt networks for 6 years
SilentGh0st Unfading Sea Haze

2024-05-22 ⋅ Mandiant ⋅ Michael Raggi
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders

2024-05-22 ⋅ Kaspersky Labs ⋅ GReAT
Stealers, stealers and more stealers

2024-05-22 ⋅ DARKReading ⋅ Elizabeth Montalbano
Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth
win.ghostengine

2024-05-21 ⋅ S-RM ⋅ Frank de Korte
Phobos ransomware launches new leak site and pivots towards double extortion
Phobos

2024-05-21 ⋅ Yoroi ⋅ Carmelo Ragusa, Luigi Martire
Uncovering an undetected KeyPlug implant attacking industries in Italy
KEYPLUG

2024-05-21 ⋅ Sekoia ⋅ Amaury G., Coline Chavane, Kilian Seznec, Sekoia TDR
Master of Puppets: Uncovering the DoppelGänger pro-Russian influence campaign

2024-05-20 ⋅ Checkpoint ⋅ Checkpoint
Bad Karma, No Justice: Void Manticore Destructive Activities in Israel
Void Manticore

2024-05-20 ⋅ cyble ⋅ Cyble
Tiny BackDoor Goes Undetected – Suspected Turla leveraging MSBuild to Evade detection

2024-05-17 ⋅ CTO at NCSC ⋅ Ollie Whitehouse
CTO at NCSC Summary: week ending May 19th
Kimsuky

2024-05-16 ⋅ cyble ⋅ Cyble
New Antidot Android Banking Trojan Masquerading as Fake Google Play Updates
Antidot

2024-05-16 ⋅ ⋅ AhnLab ⋅ ASEC
Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group)

2024-05-16 ⋅ SecurityIntelligence ⋅ Golo Mühr, Melissa Frydrych
Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns
Grandoreiro

2024-05-16 ⋅ Symantec ⋅ Threat Hunter Team
Springtail: New Linux Backdoor Added to Toolkit
Gomir Kimsuky

2024-05-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot SystemBC

2024-05-15 ⋅ ESET Research ⋅ Filip Jurčacko
To the Moon and back(doors): Lunar landing in diplomatic missions
LunarMail

2024-05-15 ⋅ Stairwell ⋅ Threat Research at Stairwell
Stairwell threat report: Black Basta overview and detection rules
Black Basta Black Basta

2024-05-15 ⋅ X (@bryceabdo) ⋅ Bryce Abdo
Tweet on UNC5449 exploiting CVE-2024-30051 to deliver QAKBOT
QakBot

2024-05-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot UNC4393

2024-05-14 ⋅ Darkowl ⋅ Darkowl
What are CVEs?
Ukrainian Cyber Alliance