Malpedia Library

Click here to download all references as Bib-File.•

2023-07-24 ⋅ Mandiant ⋅ Conor Quigley, Daniel Kapellmann Zafra, David Mainor, Ryan Serabian
Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C.

2023-07-24 ⋅ Mandiant ⋅ Austin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor

2023-07-24 ⋅ Reuters ⋅ Gwladys Fouche, Louise Rasmussen, Terje Solsvik
Norway government ministries hit by cyber attack

2023-07-23 ⋅ Medium infoSec Write-ups ⋅ mov_eax_27
Unpacking an Emotet Trojan
Emotet

2023-07-22 ⋅ Github (0xperator) ⋅ 0xperator
HookBot Android Malware Builder Panel and APK Source
Hook

2023-07-21 ⋅ Mandiant ⋅ Doug Bienstock, Foti Castelan, James Nugent, Josh Murchie, Justin Moore
Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519)

2023-07-21 ⋅ Checkmarx ⋅ Tzachi Zornstein
First Known Targeted OSS Supply Chain Attacks Against the Banking Sector
Havoc

2023-07-20 ⋅ Gatewatcher ⋅ Gatewatcher
zip-files-make-it-bigger-to-avoid-edr-detection
AsyncRAT

2023-07-20 ⋅ Mandiant ⋅ Mandiant Intelligence
KillNet Showcases New Capabilities While Repeating Older Tactics
BlueHornet Zarya

2023-07-20 ⋅ SentinelOne ⋅ Tom Hegel
JumpCloud Intrusion | Attacker Infrastructure Links Compromise to North Korean APT Activity

2023-07-20 ⋅ paloalto Netoworks: Unit42 ⋅ Lior Rochberger, Shimi Cohen
Threat Group Assessment: Mallox Ransomware
TargetCompany

2023-07-19 ⋅ secrss ⋅ Weibu Online Research Response Center
Military topics become the focus: The threat of fake hunter APT organizations continues to be exposed

2023-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist, Nelson William Gamazo Sanchez, Unit 42
P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm
P2Pinfect

2023-07-19 ⋅ Lookout ⋅ Justin Albrecht, Kristina Balaam
Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41
DragonEgg WyrmSpy

2023-07-19 ⋅ Twitter (@h2jazi) ⋅ Hossein Jazi
Tweet on observation with Korean targeting, suspecting Lazarus
Unidentified 105

2023-07-19 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard
DeliveryCheck Kazuar

2023-07-18 ⋅ Symantec ⋅ Threat Hunter Team
FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
BlackCat Unidentified 103 (FIN8)

2023-07-18 ⋅ Cert-UA ⋅ Cert-UA
Targeted Turla attacks (UAC-0024, UAC-0003) using CAPIBAR and KAZUAR malware (CERT-UA#6981)
DeliveryCheck Kazuar

2023-07-18 ⋅ Kostas TS ⋅ Kostas
Ursnif VS Italy: Il PDF del Destino
Gozi ISFB Snifula

2023-07-18 ⋅ Positive Technologies ⋅ PTSecurity
Space Pirates: a look into the group's unconventional techniques, new attack vectors, and tools
Voidoor