Malpedia Library

Click here to download all references as Bib-File.•

2023-07-11 ⋅ sysdig ⋅ Alessandro Brucato
SCARLETEEL 2.0: Fargate, Kubernetes, and Crypto
SCARLETEEL

2023-07-11 ⋅ AhnLab ⋅ ASEC
Analysis of the Rekoobe Backdoor Being Used In Attacks Against Linux Systems in Korea
Rekoobe

2023-07-11 ⋅ Cloudsek ⋅ Bablu Kumar
Breaking into the Bandit Stealer Malware Infrastructure
Bandit Stealer

2023-07-11 ⋅ Mandiant ⋅ Ng Choon Kiat, Rommel Joven
The Spies Who Loved You: Infected USB Drives to Steal Secrets
PlugX

2023-07-11 ⋅ Microsoft ⋅ Microsoft
Storm-0978 attacks reveal financial and espionage motives
ROMCOM RAT

2023-07-08 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit
ROMCOM RAT

2023-07-08 ⋅ Gi7w0rm
CloudEyE — From .lnk to Shellcode
CloudEyE Remcos

2023-07-07 ⋅ Cert-UA ⋅ Cert-UA
UAC-0057 Targeted Cyber Attack Against Government Agencies Using PicassoLoader/njRAT (CERT-UA#6948)
PicassoLoader Ghostwriter

2023-07-07 ⋅ Zscaler ⋅ Niraj Shivtarkar, Preet Kamal
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region

2023-07-07 ⋅ Lab52 ⋅ Lab52
Beyond appearances: unknown actor using APT29’s TTP against Chinese users
Cobalt Strike

2023-07-07 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example.

2023-07-06 ⋅ Microsoft ⋅ Microsoft Incident Response
The five-day job: A BlackByte ransomware intrusion case study
BlackByte ExByte

2023-07-06 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Examining Formbook Campaign via Phishing Emails
Formbook

2023-07-06 ⋅ Github (Helixo32) ⋅ Helixo32
NimBlackout
NimBlackout

2023-07-06 ⋅ WeLiveSecurity ⋅ Jakub Kaloč
What’s up with Emotet?
Emotet

2023-07-06 ⋅ CISA ⋅ CISA
Increased Truebot Activity Infects U.S. and Canada Based Networks
Silence

2023-07-05 ⋅ Aqua Nautilus ⋅ Assaf Morag, Ofek Itach
Threat Alert: Anatomy of Silentbob’s Cloud Attack
TeamTNT Tsunami

2023-07-05 ⋅ Qianxin ⋅ Red Raindrop Team
Patchwork Group Utilizing WarHawk Backdoor Variant "Spyder" for Espionage against Multiple Countries
Spyder Patchwork

2023-07-05 ⋅ The Record ⋅ Daryna Antoniuk
Belarusian hacktivists сlaim to breach country’s leading state university
Cyber Partisans

2023-07-05 ⋅ SentinelOne ⋅ Phil Stokes
BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection
RustBucket