Malpedia Library

Click here to download all references as Bib-File.•

2020-11-05 ⋅ SCYTHE ⋅ Jorge Orchilles, Sean Lyngaas
#ThreatThursday - Ryuk
BazarBackdoor Ryuk

2020-11-05 ⋅ tccontre Blog ⋅ tcontre
Interesting FormBook Crypter - unconventional way to store encrypted data
Formbook

2020-11-05 ⋅ The DFIR Report ⋅ The DFIR Report
Ryuk Speed Run, 2 Hours to Ransom
BazarBackdoor Cobalt Strike Ryuk

2020-11-05 ⋅ ZDNet ⋅ Charlie Osborne
Capcom quietly discloses cyberattack impacting email, file servers
RagnarLocker

2020-11-05 ⋅ Checkpoint ⋅ Ido Solomon, Omer Ventura, Ori Hamama
INJ3CTOR3 Operation – Leveraging Asterisk Servers for Monetization

2020-11-05 ⋅ Gdata ⋅ Karsten Hahn
Babax stealer rebrands to Osno, installs rootkit
Osno

2020-11-05 ⋅ Intezer ⋅ Twitter (IntezerLabs)
Tweet on Ngioweb botnet
Ngioweb

2020-11-05 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Japanese game dev Capcom hit by cyberattack, business impacted
RagnarLocker

2020-11-04 ⋅ FireEye ⋅ Jacob Thompson, Jeffrey Martin, Rapid7
In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871

2020-11-04 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Persistent Actor Targets Ledger Cryptocurrency Wallets

2020-11-04 ⋅ ZDNet ⋅ Catalin Cimpanu
REvil ransomware gang 'acquires' KPOT malware
KPOT Stealer REvil

2020-11-04 ⋅ VMRay ⋅ Giovanni Vigna
Trick or Threat: Ryuk ransomware targets the health care industry
BazarBackdoor Cobalt Strike Ryuk TrickBot

2020-11-04 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
The Enigmatic Energetic Bear
EternalPetya Havex RAT

2020-11-04 ⋅ US Department of Justice ⋅ US Department of Justice
United States Seizes 27 Additional Domain Names Used by Iran’s Islamic Revolutionary Guard Corps to Further a Global, Covert Influence Campaign

2020-11-04 ⋅ Recorded Future ⋅ Insikt Group®
Ransomware-as-a-Service Becomes Increasingly Accessible via Social Media and Open Sources

2020-11-04 ⋅ Sophos ⋅ Gabor Szappanos
A new APT uses DLL side-loads to “KilllSomeOne”
KilllSomeOne PlugX

2020-11-04 ⋅ ⋅ ESTsecurity ⋅ Alyac
북한 연계 해킹조직 탈륨, 미국 대선 예측 언론 문서로 위장한 APT 공격 수행 출처
BabyShark

2020-11-03 ⋅ Comodo ⋅ Comodo
Versions of PsiXBot
PsiX

2020-11-03 ⋅ BleepingComputer ⋅ Lawrence Abrams
New RegretLocker ransomware targets Windows virtual machines
RegretLocker

2020-11-03 ⋅ InfoSec Handlers Diary Blog ⋅ Renato Marinho
Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike
Cobalt Strike