Malpedia Library

Click here to download all references as Bib-File.•

2022-06-23 ⋅ CrowdStrike ⋅ Patrick Bennett
The Call Is Coming from Inside the House: CrowdStrike Identifies Novel Exploit in VOIP Appliance (CVE-2022-29499)

2022-06-09 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Quick look into a new sample of Android/BianLian
BianLian Hydra

2022-06-03 ⋅ Avast Decoded ⋅ Threat Intelligence Team
Outbreak of Follina in Australia
AsyncRAT APT40

2022-06-03 ⋅ Avast ⋅ Threat Intelligence Team
Outbreak of Follina in Australia
AsyncRAT

2022-05-05 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Leandro Froes, Trend Micro Research
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
NetDooka PrivateLoader

2022-04-27 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, New Zealand National Cyber Security Centre (NZ NCSC), NSA, United Kingdom’s National Cyber Security Centre (NCSC-UK)
Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities

2022-04-20 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, Government Communications Security Bureau, National Crime Agency (NCA), NCSC UK, NSA
AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader

2022-04-18 ⋅ Trellix ⋅ Alexandre Mundo, Jambul Tologonov, Marc Elias
Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Conti

2022-04-12 ⋅ vmware ⋅ Sudhir Devkar
RuRansom – A Retaliatory Wiper
RURansom

2022-04-06 ⋅ HackRead ⋅ WAQAS
Anonymous Affiliate NB65 Breach State-Run Russian Broadcaster; Leak 786GB of Data
NB65

2022-03-29 ⋅ SentinelOne ⋅ Antonis Terefos, James Haughom, Jeff Cavanaugh, Jim Walter, Nick Fox, Shai Tilias
From the Front Lines | Hive Ransomware Deploys Novel IPfuscation Technique To Avoid Detection
Cobalt Strike Hive

2022-03-28 ⋅ Group-IB ⋅ Ilia Rozhnov
Group-IB unveils three groups of fraudsters behind delivery scams in Singapore

2022-03-28 ⋅ Trellix ⋅ Marc Elias, Max Kersten
PlugX: A Talisman to Behold
PlugX

2022-03-23 ⋅ Mandiant ⋅ Dan Scott, Elias fox, Gary Freas, Jeffery Johnson, Michael Barnhart, Michelle Cantos
Not So Lazarus: Mapping DPRK Cyber Threat Groups to Government Organizations

2022-03-21 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Conti Affiliate Exposed: New Domain Names, IP Addresses and Email Addresses Uncovered
HelloKitty BazarBackdoor Cobalt Strike Conti FiveHands HelloKitty IcedID

2022-03-21 ⋅ COMPASS SECURITY ⋅ Benjamin Bruppacher
VPN Appliance Forensics
LockBit

2022-03-19 ⋅ vsquare ⋅ Anna Gielewska, Julia Dauksza, Konrad Szczygieł
Behind the hack-and-leak scandal in Poland (UNC1151)

2022-03-17 ⋅ Cisco ⋅ Caitlin Huey, Tiago Pereira
From BlackMatter to BlackCat: Analyzing two attacks from one affiliate
BlackCat BlackMatter BlackCat BlackMatter

2022-03-08 ⋅ Twitter (@CyberJack42) ⋅ CyberJack
Tweet on ELFSHELF alias for KEYPLUG
KEYPLUG

2022-03-08 ⋅ Twitter (@ShaneHuntley) ⋅ Google Threat Analysis Group, Shane Huntley
Tweet on APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government in February