Malpedia Library

Click here to download all references as Bib-File.•

2021-06-01 ⋅ Cisco ⋅ Josh Pyorre
Backdoors, RATs, Loaders evasion techniques
BazarNimrod GoldMax Oblique RAT

2021-05-26 ⋅ Cisco Talos ⋅ Vitor Ventura, Warren Mercer
Elizabethan England has nothing on modern-day Russia

2021-05-07 ⋅ Cisco Talos ⋅ Andrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck

2021-04-06 ⋅ Github (FrenchCisco) ⋅ FrenchCisco
Github Repository: RATel
RATel

2021-03-24 ⋅ Cisco ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Winter 2020-21
Egregor REvil WastedLocker

2021-03-09 ⋅ Cisco Talos ⋅ Cisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation

2021-03-02 ⋅ Cisco Talos ⋅ Asheer Malhotra
ObliqueRAT returns with new campaign using hijacked websites
Oblique RAT

2021-02-17 ⋅ Cisco Talos ⋅ Vanja Svajcer
Masslogger campaigns exfiltrates user credentials
MASS Logger

2021-01-04 ⋅ Cisco Talos ⋅ Azim Khodjibaev, Dmytro Korzhevin, Kendall McKay
Interview with a LockBit ransomware operator
LockBit

2020-12-21 ⋅ Cisco Talos ⋅ JON MUNSHAW
2020: The year in malware
WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader

2020-12-21 ⋅ US Court of Appeals for the Ninth Court ⋅ Cisco, Github, Google, Internet Association, LinkedIn, Microsoft, VMWare, WhatsApp
Case: 20-16408: WhatsApp et al. vs NSO Group

2020-12-14 ⋅ Cisco Talos ⋅ Nick Biasini
Threat Advisory: SolarWinds supply chain attack
SUNBURST TEARDROP

2020-12-09 ⋅ Cisco ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Fall 2020
Cobalt Strike IcedID Maze RansomEXX Ryuk

2020-11-18 ⋅ Cisco ⋅ Edmund Brumaghin, Jaeson Schultz, Nick Biasini
Back from vacation: Analyzing Emotet’s activity in 2020
Emotet

2020-11-17 ⋅ Cisco Talos ⋅ Nikhil Hegde
Nibiru ransomware variant decryptor
Nibiru

2020-10-29 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
KnSpy

2020-09-29 ⋅ Cisco Talos ⋅ Chris Neal
LodaRAT Update: Alive and Well
Loda

2020-09-21 ⋅ Cisco Talos ⋅ Joe Marshall, JON MUNSHAW, Nick Mavis
The art and science of detecting Cobalt Strike
Cobalt Strike

2020-09-02 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink
Salfram: Robbing the place without removing your name tag
Ave Maria ISFB SmokeLoader Zloader

2020-09-01 ⋅ Cisco Talos ⋅ Caitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends in Summer 2020
Cobalt Strike LockBit Mailto Maze Ryuk