Malpedia Library

Click here to download all references as Bib-File.•

2017-12-11 ⋅ Group-IB ⋅ Dmitry Volkov
MoneyTaker: in pursuit of the invisible
MoneyTaker

2017-12-08 ⋅ RSA ⋅ Kent Beckman
GratefulPOS credit card stealing malware - just in time for the shopping season
Grateful POS

2017-12-08 ⋅ ESET Research ⋅ Filip Kafka
StrongPity2 spyware replaces FinFisher in MitM campaign – ISP involved?
StrongPity

2017-12-07 ⋅ FireEye ⋅ Jacqueline O’Leary, Manish Sardiwal, Nalani Fraser, Nick Richard, Vincent Cannon, Yogesh Londhe
New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit
OilRig

2017-12-06 ⋅ Cisco ⋅ Christopher Marczewski, Holger Unterbrink
Recam Redux - DeConfusing ConfuserEx
NetWire RC

2017-12-06 ⋅ The Citizen Lab ⋅ Bill Marczak, Geoffrey Alexander, John Scott-Railton, Ron Deibert, Sarah McKune
Champing at the Cyberbit Ethiopian Dissidents Targeted with New Commercial Spyware
PC Surveillance System

2017-12-05 ⋅ ClearSky Research Team
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets
DownPaper

2017-12-04 ⋅ RSA ⋅ Jack Wesley Riley
The Shadows of Ghosts Inside the response of a unique Carbanak intrusion
GOTROJ MimiKatz

2017-12-03 ⋅ Karsten Hahn
Malware Analysis - ROKRAT Unpacking from Injected Shellcode

2017-12-01 ⋅ ClearSky ⋅ ClearSky Research Team
Charming Kitten
DownPaper Charming Kitten

2017-12-01 ⋅ Check Point ⋅ Neomi Rona, Stanislav Skuratovich
Nine circles of Cerber
Cerber

2017-11-28 ⋅ RiskIQ ⋅ Yonathan Klijnsma
Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions
Cobalt

2017-11-28 ⋅ FireEye ⋅ Abhay Vaish, Sandor Nemes
Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection
ISFB

2017-11-28 ⋅ Cisco ⋅ Jungsoo An, Paul Rascagnères, Warren Mercer
ROKRAT Reloaded
RokRAT

2017-11-27 ⋅ Blacklake ⋅ Brian Krebs
WHO WAS THE NSA CONTRACTOR ARRESTED FOR LEAKING THE ‘SHADOW BROKERS’ HACKING TOOLS?
The Shadow Brokers

2017-11-26 ⋅ Github (infoskirmish) ⋅ infoskirmish
Source Code of HIVE
Hive (Vault 8)

2017-11-25 ⋅ Kaspersky Labs ⋅ Alexey Shulmin, Dmitry Karasovsky, Vasily Berdnikov
MICROCIN MALWARE: TECHNICAL DETAILS AND INDICATORS OF COMPROMISE
Microcin Vicious Panda

2017-11-24 ⋅ Bleeping Computer ⋅ Catalin Cimpanu
Mirai Activity Picks up Once More After Publication of PoC Exploit Code
Mirai

2017-11-22 ⋅ Flashpoint ⋅ Vitali Kremez
Trickbot Gang Evolves, Incorporates Account Checking Into Hybrid Attack Model
TrickBot

2017-11-21 ⋅ bugaroo ⋅ Oscar Juárez
New banking malware in Brazil - XPCTRA RAT ANALYSIS
XPCTRA