Malpedia Library

Click here to download all references as Bib-File.•

2023-06-01 ⋅ vmware ⋅ Fae Carlisle
Carbon Black’s TrueBot Detection
Silence

2023-06-01 ⋅ Lumen ⋅ Black Lotus Labs
Qakbot: Retool, Reinfect, Recycle
QakBot

2023-05-31 ⋅ Trend Micro ⋅ Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Jeffrey Francis Bonaobra, Katherine Casona, Trend Micro
Investigating BlackSuit Ransomware’s Similarities to Royal
BlackSuit BlackSuit

2023-05-30 ⋅ IBM Security ⋅ IBM Security X-Force Team
BlackCat (ALPHV) ransomware levels up for stealth, speed and exfiltration
BlackCat BlackCat

2023-05-30 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês, Lord Alfred Remorin, Stephen Hilt
Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals
ROMCOM RAT RomCom

2023-05-29 ⋅ kn0s-organization
BlackLotus stage 2 bootkit-rootkit analysis
BlackLotus

2023-05-26 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (aka Volt Typhoon)
Volt Typhoon

2023-05-25 ⋅ Hive Pro ⋅ Hive Pro
Pikabot A Stealthy Backdoor with Ingenious Evasion Tactics
Pikabot

2023-05-25 ⋅ YouTube (BSidesCharm) ⋅ Asheer Malhotra
it’s all Magic(RAT) – A look into recent North Korean nation-state attacks
MagicRAT VSingle YamaBot

2023-05-24 ⋅ cyble ⋅ Cyble
Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023
UserSec

2023-05-24 ⋅ Check Point Research ⋅ Jiri Vinopal, Marc Salinas Fernandez
Agrius Deploys MoneyBird in Targeted Attacks against Israeli Organizations
Pink Sandstorm

2023-05-24 ⋅ CISA ⋅ CISA
AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

2023-05-23 ⋅ ClearSky ⋅ ClearSky Research Team
Fata Morgana: Watering hole attack on shipping and logistics websites

2023-05-23 ⋅ CrowdStrike ⋅ CrowdStrike
Modern Adversaries and Evasion Techniques: Why Legacy AV Is an Easy Target
GOLD REBELLION

2023-05-23 ⋅ CrowdStrike ⋅ CrowdStrike
Modern Adversaries and Evasion Techniques: Why Legacy AV Is an Easy Target

2023-05-23 ⋅ Secplicity ⋅ Ryan Estes
Scratching the Surface of Rhysida Ransomware
Rhysida

2023-05-23 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Treasury Targets DPRK Malicious Cyber and Illicit IT Worker Activities

2023-05-23 ⋅ Kaspersky Labs ⋅ Giampaolo Dedola
Meet the GoldenJackal APT group. Don’t expect any howls
Jackal GoldenJackal

2023-05-22 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Espionage activity of UAC-0063 against Ukraine, Kazakhstan, Kyrgyzstan, Mongolia, Israel, India (CERT-UA#6549)
CHERRYSPY UAC-0063

2023-05-22 ⋅ The DFIR Report ⋅ The DFIR Report
IcedID Macro Ends in Nokoyawa Ransomware
IcedID Nokoyawa Ransomware PhotoLoader