Malpedia Library

2023-10-23 ⋅ Kaspersky Labs ⋅ Georgy Kucherin, Leonid Bezvershenko, Valentin Pashkov
The outstanding stealth of Operation Triangulation
TriangleDB Operation Triangulation

2023-10-23 ⋅ SarlackLab ⋅ John Faria
Advice For Catching a RedLine Stealer
RedLine Stealer

2023-10-23 ⋅ Proofpoint ⋅ Jared Peck
From Copacabana to Barcelona: The Cross-Continental Threat of Brazilian Banking Malware
Grandoreiro TA2725

2023-10-23 ⋅ Twitter (@embee_research) ⋅ Embee_research
Cobalt Strike .VBS Loader - Decoding with Advanced CyberChef and Emulation
Cobalt Strike

2023-10-22 ⋅ Bleeping Computer ⋅ Bill Toulas
New TetrisPhantom hackers steal data from secure USB drives on govt systems

2023-10-21 ⋅ Infosec Writeups ⋅ Osama Ellahi
Malware analysis NJ RAT 0.7NC & 0.6.4
NjRAT

2023-10-20 ⋅ TechCrunch ⋅ Carly Page
Authorities confirm RagnarLocker ransomware taken down during international sting
RagnarLocker RagnarLocker

2023-10-20 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.

2023-10-20 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
IcedID gets Loaded
Latrodectus

2023-10-20 ⋅ Twitter (@embee_research) ⋅ Embee_research
Decoding a Cobalt Strike .hta Loader Using CyberChef and Emulation
Cobalt Strike

2023-10-19 ⋅ Symantec ⋅ Threat Hunter Team
Crambus: New Campaign Targets Middle Eastern Government
Clipog

2023-10-18 ⋅ Twitter (@embee_research) ⋅ Embee_research
Ghidra Tutorial - Using Entropy To Locate a Cobalt Strike Decryption Function
Cobalt Strike

2023-10-18 ⋅ Google ⋅ Kate Morgan
Government-backed actors exploiting WinRAR vulnerability
APT40

2023-10-18 ⋅ SOCRadar ⋅ SOCRadar
Threat Actor Profile: SiegedSec
SiegedSec

2023-10-18 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
FeedLoad ForestTiger HazyLoad RollSling Silent Chollima

2023-10-18 ⋅ Kaspersky Labs ⋅ GReAT, Kaspersky Lab ICS CERT
Updated MATA attacks industrial companies in Eastern Europe
Dacls Unidentified 106

2023-10-18 ⋅ Cado Security ⋅ Matt Muir, Nate Bill
Qubitstrike - An Emerging Malware Campaign Targeting Jupyter Notebooks

2023-10-17 ⋅ ⋅ AhnLab ⋅ ASEC Analysis Team
Lazarus Group’s Operation Dream Magic
LazarDoor wAgentTea

2023-10-17 ⋅ Kaspersky Labs ⋅ GReAT
APT trends report Q3 2023
BadRory TetrisPhantom

2023-10-17 ⋅ SOCRadar ⋅ SOCRadar
Dark Peep #2: War and a Piece of Hilarity
UserSec