Malpedia Library

Click here to download all references as Bib-File.•

2024-05-17 ⋅ CTO at NCSC ⋅ Ollie Whitehouse
CTO at NCSC Summary: week ending May 19th
Kimsuky

2024-05-16 ⋅ cyble ⋅ Cyble
New Antidot Android Banking Trojan Masquerading as Fake Google Play Updates
Antidot

2024-05-16 ⋅ ⋅ AhnLab ⋅ ASEC
Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group)

2024-05-16 ⋅ Elastic ⋅ Daniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Latrodectus

2024-05-16 ⋅ SecurityIntelligence ⋅ Golo Mühr, Melissa Frydrych
Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns
Grandoreiro

2024-05-16 ⋅ Symantec ⋅ Threat Hunter Team
Springtail: New Linux Backdoor Added to Toolkit
Gomir Kimsuky

2024-05-16 ⋅ ANY.RUN ⋅ ANY.RUN
Malware trend: Latrodectus
Latrodectus

2024-05-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot SystemBC

2024-05-15 ⋅ ESET Research ⋅ Filip Jurčacko
To the Moon and back(doors): Lunar landing in diplomatic missions
LunarMail

2024-05-15 ⋅ Stairwell ⋅ Threat Research at Stairwell
Stairwell threat report: Black Basta overview and detection rules
Black Basta Black Basta

2024-05-15 ⋅ X (@bryceabdo) ⋅ Bryce Abdo
Tweet on UNC5449 exploiting CVE-2024-30051 to deliver QAKBOT
QakBot

2024-05-15 ⋅ Twitter (@embee_research) ⋅ Embee_research
Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia

2024-05-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot UNC4393

2024-05-14 ⋅ Darkowl ⋅ Darkowl
What are CVEs?
Ukrainian Cyber Alliance

2024-05-14 ⋅ NBC ⋅ Dan De Luce, Jean-Nicholas Fievet
China-linked group uses malware to try to spy on commercial shipping, new report says

2024-05-14 ⋅ YouTube (botconf eu) ⋅ Yassir Laaouissi
Panni pelmeni: Turla loves dumplings
Pelmeni

2024-05-14 ⋅ Bern University of Applied Science ⋅ Benjamin Fehrensen, Dominic Schmutz, Robin Rapp
Forensic analysis of hook Android malware
Hook

2024-05-14 ⋅ Check Point Research ⋅ Antonis Terefos, Tera0017
Foxit PDF “Flawed Design” Exploitation
Rafel RAT Agent Tesla AsyncRAT DCRat DONOT Nanocore RAT NjRAT Pony Remcos Venom RAT XWorm

2024-05-14 ⋅ Kaspersky ⋅ Boris Larin, Mert Degirmenci
QakBot attacks with Windows zero-day (CVE-2024-30051)
Cobalt Strike QakBot

2024-05-14 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury