Malpedia Library

Click here to download all references as Bib-File.•

2019-09-26 ⋅ Microsoft ⋅ Microsoft Defender ATP Research Team
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
Divergent

2019-09-26 ⋅ Proofpoint ⋅ Bryan Campbell, Jeremy Hedges, Proofpoint Threat Insight Team
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos

2019-09-25 ⋅ Cylance ⋅ Cylance Research and Intelligence Team
PcShare Backdoor Attacks Targeting Windows Users with FakeNarrator Malware
PcShare

2019-09-24 ⋅ Secureworks ⋅ CTU Research Team
REvil: The GandCrab Connection
REvil GOLD SOUTHFIELD

2019-09-24 ⋅ Secureworks ⋅ CTU Research Team
REvil/Sodinokibi Ransomware
REvil GOLD SOUTHFIELD

2019-09-22 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Insight Team
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs
Lookback TA410

2019-09-19 ⋅ NSHC ⋅ ThreatRecon Team
Hagga of SectorH01 continues abusing Bitly, Blogger and Pastebin to deliver RevengeRAT and NanoCore
Nanocore RAT Revenge RAT

2019-09-18 ⋅ Symantec ⋅ Security Response Attack Investigation Team
Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
SysKit Tortoiseshell

2019-09-16 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Emotet is back: botnet springs back to life with new spam campaign
Emotet

2019-09-11 ⋅ Secureworks ⋅ CTU Research Team
COBALT DICKENS Goes Back to School…Again
Silent Librarian

2019-09-06 ⋅ Proofpoint ⋅ Proofpoint Threat Insight Team
PsiXBot Now Using Google DNS over HTTPS and Possible New Sexploitation Module
PsiX

2019-09-05 ⋅ Proofpoint ⋅ Michael Walsh, Proofpoint Threat Insight Team
Seems Phishy: Back to School Lures Target University Students and Staff
Silent Librarian

2019-09-04 ⋅ SonicWall ⋅ SonicWall CaptureLabs Threats Research Team
HILDACRYPT ransomware actively spreading in the wild
HILDACRYPT

2019-08-29 ⋅ ThreatRecon ⋅ ThreatRecon Team
SectorJ04 Group’s Increased Activity in 2019
FlawedAmmyy ServHelper TA505

2019-08-28 ⋅ Cylance ⋅ Cylance Threat Research Team
Inside the APT28 DLL Backdoor Blitz
PocoDown

2019-08-27 ⋅ Secureworks ⋅ CTU Research Team
TrickBot Modifications Target U.S. Mobile Users
TrickBot WIZARD SPIDER

2019-08-27 ⋅ Secureworks ⋅ CTU Research Team
LYCEUM Takes Center Stage in Middle East Campaign
LYCEUM

2019-08-26 ⋅ Qianxin ⋅ Red Raindrop Team
APT-C-09 Reappeared as Conflict Intensified Between India and Pakistan
BadNews

2019-08-24 ⋅ SonicWall ⋅ SonicWall CaptureLabs Threats Research Team
Simda Process Injection into Winlogon DGA Found
Simda

2019-08-12 ⋅ Proofpoint ⋅ Proofpoint Threat Insight Team
PsiXBot Continues to Evolve with Updated DNS Infrastructure
PsiX