Malpedia Library

Click here to download all references as Bib-File.•

2020-09-24 ⋅ ThreatFabric ⋅ ThreatFabric
Alien - the story of Cerberus' demise
Alien Cerberus

2020-09-24 ⋅ CARO ⋅ Giampaolo Dedola, Mark Lechtik
Cycldek aka Goblin Panda: Chronicles of the Goblin
NewCore RAT USBCulprit

2020-09-24 ⋅ Microsoft ⋅ Ben Koehl, Joe Hannon, Microsoft Identity Security Team
Microsoft Security—detecting empires in the cloud
CACTUSTORCH LazyCat APT40

2020-09-23 ⋅ Twitter (@IntezerLabs) ⋅ Intezer
Tweet about PWNLNX
PWNLNX

2020-09-23 ⋅ paloalto Netoworks: Unit42 ⋅ Brad Duncan
Case Study: Emotet Thread Hijacking, an Email Attack Technique
Emotet

2020-09-23 ⋅ Seqrite ⋅ Kalpesh Mantri
Operation SideCopy!
SideCopy

2020-09-23 ⋅ Kaspersky Labs ⋅ Noushin Shabab
Looking for sophisticated malware in IoT devices

2020-09-23 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Government software provider Tyler Technologies hit by ransomware
Defray

2020-09-23 ⋅ BleepingComputer ⋅ Lawrence Abrams
AgeLocker ransomware targets QNAP NAS devices, steals data

2020-09-23 ⋅ Seqrite ⋅ Goutam Tripathy, Kalpesh Mantri, Pawan CHaudhari
Operation SideCopy: An insight into Transparent Tribe’s sub-division which has been incorrectly attributed for years
CACTUSTORCH AllaKore

2020-09-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Understanding Uncertainty while Undermining Democracy

2020-09-23 ⋅ Group-IB ⋅ Oleg Skulkin, Rustam Mirkasymov
Big Game Hunting: Now in Russia

2020-09-23 ⋅ Twitter (@demonslay335) ⋅ Michael Gillespie
Tweet on Ironcat (Sodinokibi imposter)
Ironcat

2020-09-22 ⋅ vmware ⋅ Omar Elgebaly, Takahiro Haruyama
Detecting Threats in Real-time With Active C2 Information
Agent.BTZ Cobalt Strike Dacls NetWire RC PoshC2 Winnti

2020-09-22 ⋅ Sophos SecOps ⋅ Greg Iddon
MTR Casebook: Blocking a $15 million Maze ransomware attack
Maze

2020-09-22 ⋅ Youtube (Virus Bulletin) ⋅ Ignacio Sanmillan
Ramsay: A cyber-espionage toolkit tailored for air-gapped networks
Ramsay

2020-09-22 ⋅ Digital Shadows ⋅ Stefano De Blasi
DarkSide: The New Ransomware Group Behind Highly Targeted Attacks
DarkSide

2020-09-22 ⋅ ReversingLabs ⋅ Karlo Zanki
Taidoor - a truly persistent threat
taidoor Taidoor

2020-09-22 ⋅ FBI ⋅ FBI
Alert Number I-092220-PSA: Foreign Actors and Cybercriminals Likely to Spread Disinformation Regarding 2020 Election Results

2020-09-22 ⋅ Twitter (@Nocturnus) ⋅ Cybereason Nocturnus
Tweet on Outlaw Group using IRCBot, SSH bruteforce tool, port Scanner, and an XMRIG crypto miner for their hacking operation
PerlBot