Malpedia Library

Click here to download all references as Bib-File.•

2021-05-11 ⋅ VMRay ⋅ Mateusz Lukaszewski, VMRay Labs Team
Threat Bulletin: Exploring the Differences and Similarities of Agent Tesla v2 & v3
Agent Tesla

2021-05-11 ⋅ Qianxin ⋅ Qi'anxin Threat Intelligence
Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait

2021-05-10 ⋅ ⋅ Anheng Threat Intelligence Center ⋅ Hunting Shadow Lab
Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks
DarkSide

2021-05-10 ⋅ TEAMT5 ⋅ Charles Li
APT Threat Landscape of Taiwan in 2020

2021-05-06 ⋅ Black Hat ⋅ Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment

2021-05-06 ⋅ Blackberry ⋅ BlackBerry Research and Intelligence team
Threat Thursday: Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics
REvil

2021-05-05 ⋅ Symantec ⋅ Threat Hunter Team
Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques
CHINACHOPPER

2021-05-05 ⋅ ThreatFabric ⋅ ThreatFabric
Smishing campaign in NL spreading Cabassous and Anatsa
Anatsa

2021-05-05 ⋅ Zscaler ⋅ Aniruddha Dolas, Manohar Ghule, Mohd Sadique
Catching RATs Over Custom Protocols Analysis of top non-HTTP/S threats
Agent Tesla AsyncRAT Crimson RAT CyberGate Ghost RAT Nanocore RAT NetWire RC NjRAT Quasar RAT Remcos

2021-05-03 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Financially Motivated Aggressive Group Carrying Out Ransomware Campaigns – Active IOCs
FiveHands SombRAT UNC2447

2021-05-03 ⋅ splunk ⋅ Splunk Threat Research Team
Clop Ransomware Detection: Threat Research Release, April 2021
Clop

2021-05-03 ⋅ Proofpoint ⋅ Bryan Campbell, Kelsey Merriman, Proofpoint Threat Research Team, Selena Larson
New Variant of Buer Loader Written in Rust
Buer

2021-04-29 ⋅ FireEye ⋅ Justin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty

2021-04-29 ⋅ NTT ⋅ Threat Detection NTT Ltd.
The Operations of Winnti group
Cobalt Strike ShadowPad Spyder Winnti Earth Lusca

2021-04-29 ⋅ 360 netlab ⋅ Jinye, Liu Ya, YANG XU
Threat Alert: New update from Sysrv-hello, now infecting victims‘ webpages to push malicious exe to end users

2021-04-29 ⋅ Maltego ⋅ Maltego Team
Investigating TA413 Threat Actor Group Using OpenCTI in Maltego

2021-04-28 ⋅ ThreatFabric ⋅ ThreatFabric
The Rage of Android Banking Trojans
Anubis Gustuff Medusa

2021-04-27 ⋅ Positive Technologies ⋅ PT ESC Threat Intelligence
Lazarus Group Recruitment: Threat Hunters vs Head Hunters

2021-04-26 ⋅ Dragos ⋅ Dragos
New ICS Threat Activity Group: TALONITE
FlowCloud Lookback

2021-04-22 ⋅ xorl %eax, %eax ⋅ Anastasios Pingios
A gentle introduction to building a threat intelligence team