Malpedia Library

Click here to download all references as Bib-File.•

2023-12-13 ⋅ CISA ⋅ CISA
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
GraphDrop

2023-12-13 ⋅ Stairwell ⋅ Silas Cutler
Kuiper ransomware analysis: Stairwell’s technical report

2023-12-13 ⋅ HackRead ⋅ WAQAS
Scammers Weaponize Google Forms in New BazarCall Attack

2023-12-13 ⋅ Lumen ⋅ Black Lotus Labs
Routers Roasting on an Open Firewall: the KV-botnet Investigation
KV

2023-12-13 ⋅ ShadowStackRE ⋅ ShadowStackRE
Rhysida Ransomware
Rhysida Rhysida

2023-12-12 ⋅ Proofpoint ⋅ Kelsey Merriman, Selena Larson, Xavier Chambrier
Security Brief: TA4557 Targets Recruiters Directly via Email
More_eggs FIN6

2023-12-12 ⋅ eSentire ⋅ Rob Pittman
Unraveling BatLoader and FakeBat
EugenLoader

2023-12-12 ⋅ Fourcore ⋅ Swapnil
Rhysida Ransomware: History, TTPs And Adversary Emulation Plans
Rhysida Rhysida Vanilla Tempest

2023-12-12 ⋅ Youtube (OALabs) ⋅ Sergei Frankoff
Tips For Analyzing Delphi Binaries in IDA (Danabot)
DanaBot

2023-12-12 ⋅ Ukrainska Pravda ⋅ Alona Mazurenko
Ukrainian intelligence attacks and paralyses Russia's tax system

2023-12-12 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286

2023-12-12 ⋅ Check Point Research ⋅ Check Point
November 2023’s Most Wanted Malware: New AsyncRAT Campaign Discovered while FakeUpdates Re-Entered the Top Ten after Brief Hiatus
FAKEUPDATES AsyncRAT

2023-12-11 ⋅ Lab52 ⋅ 3722304989, varit0
Mustang Panda’s PlugX new variant targetting Taiwanese government and diplomats
DOPLUGS

2023-12-11 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT

2023-12-11 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Bendik Hagen
Sandman APT | China-Based Adversaries Embrace Lua
KEYPLUG LuaDream

2023-12-11 ⋅ Washington Post ⋅ Ellen Nakashima, Joseph Menn
China’s cyber army is invading critical U.S. services

2023-12-10 ⋅ Detect FYI ⋅ Simone Kraus
Rhysida Ransomware and the Detection Opportunities
PolyVice Rhysida Vanilla Tempest

2023-12-10 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 23. LNK files. Simple Powershell example.
Emotet

2023-12-09 ⋅ Github (struppigel) ⋅ Karsten Hahn
AST based GootLoader unpacker, C2 extractor and deobfuscator
GootLoader

2023-12-08 ⋅ Twitter (@embee_research) ⋅ Embee_research
Ghidra Basics - Manual Shellcode Analysis and C2 Extraction
Cobalt Strike