Malpedia Library

Click here to download all references as Bib-File.•

2023-03-23 ⋅ Mandiant ⋅ Josh Fleischer, Rufus Brown, Ryan Tomcik
UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor
HOLERUN LIGHTBUNNY Prophet Spider

2023-03-23 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Joey Chen, Juan Andrés Guerrero-Saade, QGroup
Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
mim221

2023-03-22 ⋅ Mandiant ⋅ Daniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems

2023-03-21 ⋅ Zscaler ⋅ Naveen Selvan, Sudeep Singh
The Unintentional Leak: A glimpse into the attack vectors of APT37
Chinotto

2023-03-21 ⋅ Twitter (@splinter_code) ⋅ Antonio Cocomazzi
Tweet on BlackByte ransomware rewrite in C++
BlackByte

2023-03-21 ⋅ Github (rivitna) ⋅ Andrey Zhdanov
BlackCat v3 Decryptor Scripts
BlackCat BlackCat

2023-03-20 ⋅ Mandiant ⋅ CASEY CHARRIER, James Sadowski
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace

2023-03-20 ⋅ NVISO Labs ⋅ Maxime Thiebaut
IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole
IcedID

2023-03-20 ⋅ ⋅ Medium s2wlab ⋅ HOTSAUCE, S2W TALON
Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking

2023-03-17 ⋅ Microsoft ⋅ Azure Network Security Team
KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

2023-03-16 ⋅ Mandiant ⋅ Alexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Muhammad Umair, TINA JOHNSON, Tufail Ahmed
Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
UNC3886

2023-03-15 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
QBot: Laying the Foundations for Black Basta Ransomware Activity
Black Basta QakBot

2023-03-15 ⋅ Avast ⋅ LUIS CORRONS
(Ab)using Adobe Acrobat Sign to distribute malware
RedLine Stealer

2023-03-14 ⋅ Check Point Research ⋅ Bohdan Melnykov, Raman Ladutska
South Korean Android Banking Menace - Fakecalls
Fakecalls

2023-03-14 ⋅ ESET Research ⋅ Facundo Muñoz
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia

2023-03-14 ⋅ Google ⋅ Benoit Sevens
Magniber ransomware actors used a variant of Microsoft SmartScreen bypass
Magniber

2023-03-14 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine
EnvyScout GraphicalNeutrino

2023-03-13 ⋅ SentinelOne ⋅ Jim Walter
CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking
CatB

2023-03-09 ⋅ DeepInstinct ⋅ Simon Kenin
DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL

2023-03-09 ⋅ Sophos ⋅ Gabor Szappanos
A border-hopping PlugX USB worm takes its act on the road
PlugX