Malpedia Library

Click here to download all references as Bib-File.•

2023-07-26 ⋅ Sophos
Into the tank with Nitrogen
Nitrogen Loader

2023-07-26 ⋅ DataBreaches.net ⋅ Dissent
Major Malaysian water utilities company hit by hackers; Ranhill offline; hackers claim databases and backups deleted
Desorden Group

2023-07-26 ⋅ SPUR ⋅ Riley Kilmer
Christmas in July: A finely wrapped Malware Proxy Service
AVrecon

2023-07-26 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example.
Valak POWERSOURCE Gazer PowerDuke

2023-07-26 ⋅ ⋅ Weixin ⋅ Anheng Threat Intelligence Center
APT29 recently faked the German embassy and issued a malicious PDF file
BEATDROP Unidentified 107 (APT29)

2023-07-26 ⋅ Arctic Wolf ⋅ Akshay Suthar, Connor Belfiore, Steven Campbell
Conti and Akira: Chained Together
Akira Conti

2023-07-25 ⋅ K7 Security ⋅ Vigneshwaran P
Akira’s Play with Linux
Akira

2023-07-25 ⋅ Zscaler ⋅ Meghraj Nandanwar, Pradeep Mahato, Satyam Singh
Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis
QakBot

2023-07-25 ⋅ KrebsOnSecurity ⋅ Brian Krebs
Who and What is Behind the Malware Proxy Service SocksEscort?
AVrecon

2023-07-25 ⋅ Avertium ⋅ Avertium
EVOLUTION OF RUSSIAN APT29 – NEW ATTACKS AND TECHNIQUES UNCOVERED
GraphDrop

2023-07-25 ⋅ splunk ⋅ Splunk Threat Research Team
Amadey Threat Analysis and Detections
Amadey

2023-07-24 ⋅ AhnLab ⋅ ASEC
Lazarus Threat Group Attacking Windows Servers to Use as Malware Distribution Points

2023-07-24 ⋅ Mandiant ⋅ Conor Quigley, Daniel Kapellmann Zafra, David Mainor, Ryan Serabian
Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C.

2023-07-24 ⋅ Mandiant ⋅ Austin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor

2023-07-24 ⋅ Reuters ⋅ Gwladys Fouche, Louise Rasmussen, Terje Solsvik
Norway government ministries hit by cyber attack

2023-07-23 ⋅ Medium infoSec Write-ups ⋅ mov_eax_27
Unpacking an Emotet Trojan
Emotet

2023-07-22 ⋅ Github (0xperator) ⋅ 0xperator
HookBot Android Malware Builder Panel and APK Source
Hook

2023-07-21 ⋅ Secureworks ⋅ SecureWorks
Learning from Incident Response: January - March 2023
GOLD REBELLION

2023-07-21 ⋅ Mandiant ⋅ Doug Bienstock, Foti Castelan, James Nugent, Josh Murchie, Justin Moore
Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519)

2023-07-21 ⋅ Checkmarx ⋅ Tzachi Zornstein
First Known Targeted OSS Supply Chain Attacks Against the Banking Sector
Havoc