Malpedia Library

Click here to download all references as Bib-File.•

2025-01-25 ⋅ Sophos ⋅ Anthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393

2025-01-23 ⋅ Github (PaloAltoNetworks) ⋅ Brad Duncan
Cluster of Infrastructure likely used by Affiliate of Dark Scorpius (Black Basta)
ReedBed

2025-01-23 ⋅ Hunt.io ⋅ Hunt.io
Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity
KEYPLUG

2025-01-23 ⋅ AhnLab ⋅ ASEC
RID Hijacking Technique Utilized by Andariel Attack Group
CreateHiddenAccount JuicyPotato

2025-01-23 ⋅ Lumen ⋅ Black Lotus Labs
The J-Magic Show: Magic Packets and Where to find them
J-Magic SEASPY

2025-01-22 ⋅ ESET Research ⋅ Facundo Muñoz
PlushDaemon compromises supply chain of Korean VPN service
SlowStepper PlushDaemon

2025-01-21 ⋅ KrCert ⋅ Dongwook Kim, Seulgi Lee
Analysis of Attack Strategies Targeting Centralized Management Solutions

2025-01-21 ⋅ Knownsec ⋅ Knownsec 404 Team
Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia
GamaCopy

2025-01-21 ⋅ Seqrite ⋅ Subhajeet Singha
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations
Unidentified PS 005 (Telegram Bot)

2025-01-20 ⋅ ⋅ JPCERT/CC ⋅ Hayato Sasaki
APT actor classification “addiction” - Practical issues of attribution seen in Lazarus subgroup classification

2025-01-20 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay, Joshua Platt
Qbot is Back.Connect
ReedBed UNC4393

2025-01-16 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
New Star Blizzard spear-phishing campaign targets WhatsApp accounts

2025-01-16 ⋅ Fortinet ⋅ Carl Windsor
Analysis of Threat Actor Data Posting
Belsen Group

2025-01-15 ⋅ ⋅ CTFIOT ⋅ CTFIOT
Article 113: One of the Russian-Ukrainian cyberwars, a review of the first major blackout in Ukraine caused by the Sandworm APT organization
KillDisk

2025-01-15 ⋅ ⋅ Habr ⋅ F.A.C.C.T. Information security
F.A.C.C.T. found new attacks of pro-Ukrainian cyber spies Sticky Werewolf
Ozone RAT

2025-01-15 ⋅ 0x0d4y ⋅ 0x0d4y
[BabbleLoader] A Deep Dive into EDR and Machine Learning-Based Endpoint Protection Evasion

2025-01-15 ⋅ ⋅ Qianxin ⋅ Acey9, Alex.Turing, Daji, wanghao
Zombies Never Die: Analysis of the Current Situation of Large Botnet AIRASHI
AIRASHI kitty-soks5

2025-01-14 ⋅ Vertex ⋅ Savage
More Than Malware Families: Retooling Our Approach to Tracking Software

2025-01-14 ⋅ The Record ⋅ Daryna Antoniuk
Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group

2025-01-14 ⋅ RedSense ⋅ Landon Rice, Marley Smith, Yelisey Bohuslavskiy
From Royal to BlackSuit
BlackSuit Royal Ransom Royal Ransom BlackSuit Royal Ransom