Malpedia Library

Click here to download all references as Bib-File.•

2022-12-06 ⋅ Lacework Labs ⋅ Lacework Labs
AndroxGh0st – the python malware exploiting your AWS keys
AndroxGh0st Xcatze

2022-12-06 ⋅ Twitter (@URSNIFleak) ⋅ URSNIFleak
Twitter account with leaked data about the group behind URSNIF
RM3

2022-12-06 ⋅ ⋅ 360 Threat Intelligence Center ⋅ 360 Beacon Lab
Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism
AhMyth Meterpreter SpyNote AsyncRAT

2022-12-06 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets
PlugX

2022-12-05 ⋅ Accenture ⋅ Paul Mansfield, Thomas Willkan
Popularity spikes for information stealer malware on the dark web
MetaStealer Rhadamanthys

2022-12-05 ⋅ ⋅ KISA ⋅ KrCERT
TTPs#9: Analyzing the attack strategy monitoring the daily life of individuals
Chinotto

2022-12-05 ⋅ Human Rights Watch ⋅ Human Rights Watch
Iran: State-Backed Hacking of Activists, Journalists, Politicians

2022-12-02 ⋅ K7 Security ⋅ Rahul R
KoiVM Loader Resurfaces With a Bang
KoiVM

2022-12-01 ⋅ splunk ⋅ Splunk Threat Research Team
From Macros to No Macros: Continuous Malware Improvements by QakBot
QakBot

2022-12-01 ⋅ Zscaler ⋅ Zscaler
Back in Black... Basta - Technical Analysis of BlackBasta Ransomware 2.0
Black Basta

2022-11-30 ⋅ CyberFlorida ⋅ CyberFlorida
Malware with Sandbox Evasion Techniques Observed Stealing Browser Cached Credentials
SectopRAT

2022-11-30 ⋅ ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
Analysis of APT29's attack activities against Italy
Unidentified 098 (APT29 Slack Downloader)

2022-11-30 ⋅ Sophos ⋅ Andrew Brandt
LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling
LockBit

2022-11-30 ⋅ BitSight ⋅ André Tavares
Unpacking Colibri Loader: A Russian APT linked Campaign
Colibri Loader PrivateLoader

2022-11-30 ⋅ ESET Research ⋅ Filip Jurčacko
Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin

2022-11-29 ⋅ Mandiant ⋅ Doug Bienstock, Luke Jenkins, Parnian Najafi, Sarah Hawley
Suspected Russian Activity Targeting Government and Business Entities Around the Globe
CEELOADER CryptBot

2022-11-29 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Job hunting trap: Analysis of Lazarus attack activities using recruitment information such as Mizuho Bank of Japan as bait
CageyChameleon Cur1Downloader

2022-11-29 ⋅ IBM X-Force Exchange ⋅ IBM IRIS
CargoBay BlackHat Backdoor Analysis Report (IRIS-14738)
CargoBay

2022-11-28 ⋅ Mandiant ⋅ Geoff Ackerman, John Wolfram, Ryan Tomcik, Tommy Dacanay
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
BLUEHAZE DARKDEW MISTCLOAK UNC4191

2022-11-27 ⋅ SPUR ⋅ Riley Kilmer
Big Socks to Fill: Tracking the Next 911RE