Malpedia Library

Click here to download all references as Bib-File.•

2023-12-05 ⋅ YouTube (SecureWorks) ⋅ Austin Graham
Emulating Qakbot with Austin Graham
QakBot

2023-12-05 ⋅ PWC ⋅ PwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP

2023-12-05 ⋅ Kaspersky Labs ⋅ Sergey Puzan
BlueNoroff: new Trojan attacking macOS users
RustBucket

2023-12-05 ⋅ Medium g0njxa ⋅ g0njxa
Approaching stealers devs : a brief interview with StealC
Stealc

2023-12-05 ⋅ Proofpoint ⋅ Crista Giering, Greg Lesnewich, Proofpoint Threat Research Team
TA422’s Dedicated Exploitation Loop—the Same Week After Week

2023-12-04 ⋅ cyble ⋅ Cyble
TrickMo's Return: Banking Trojan Resurgence With New Features
TrickMo

2023-12-04 ⋅ Cado Security ⋅ Matt Muir
P2Pinfect - New Variant Targets MIPS Devices
P2Pinfect

2023-12-04 ⋅ The Record ⋅ Jonathan Greig
Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks

2023-12-04 ⋅ The DFIR Report ⋅ The DFIR Report
SQL Brute Force leads to Bluesky Ransomware
BlueSky Cobalt Strike

2023-12-03 ⋅ Medium OSINT Team ⋅ Criminal IP
SkidSec Hacker Group Announces Plans to Spread North Korean Propaganda Through Hacked Printers in South Korea
SkidSec

2023-12-03 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Linux version of Qilin ransomware focuses on VMware ESXi
Qilin

2023-12-03 ⋅ Twitter (@vxunderground) ⋅ VX-Underground
Tweet about ALPHV group compromising Tipalti to pressure its clients.
BlackCat BlackCat

2023-12-02 ⋅ Medium g0njxa ⋅ amadey
Approaching stealers devs : a brief interview with Amadey
Amadey

2023-12-02 ⋅ openhunting.io ⋅ openhunting.io
Threat Hunting Malware Infrastructure
VBREVSHELL AsyncRAT

2023-12-01 ⋅ ASEC ⋅ ASEC
Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey)
XRat Amadey Appleseed PEBBLEDASH

2023-12-01 ⋅ Chema Garcia
New Tool Set Found Used Against Organizations in the Middle East, Africa and the US
Agent Racoon Ntospy

2023-12-01 ⋅ Microsoft ⋅ Heike Ritter
Monthly news - December 2023
Pearl Sleet

2023-12-01 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044

2023-12-01 ⋅ ⋅ Genians ⋅ Genius Security Center
Cases of attacks disguised as North Korean market price analysis documents, etc. CVE-2022-41128 vulnerability called with HWP, HWPX, DOCX, XLSX files

2023-12-01 ⋅ The Record ⋅ Daryna Antoniuk
Russian developer of Trickbot malware pleads guilty, faces 35-year sentence
TrickBot