Malpedia Library

2023-10-23 ⋅ SarlackLab ⋅ John Faria
Advice For Catching a RedLine Stealer
RedLine Stealer

2023-10-23 ⋅ Proofpoint ⋅ Jared Peck
From Copacabana to Barcelona: The Cross-Continental Threat of Brazilian Banking Malware
Grandoreiro TA2725

2023-10-23 ⋅ Twitter (@embee_research) ⋅ Embee_research
Cobalt Strike .VBS Loader - Decoding with Advanced CyberChef and Emulation
Cobalt Strike

2023-10-22 ⋅ Bleeping Computer ⋅ Bill Toulas
New TetrisPhantom hackers steal data from secure USB drives on govt systems

2023-10-20 ⋅ TechCrunch ⋅ Carly Page
Authorities confirm RagnarLocker ransomware taken down during international sting
RagnarLocker RagnarLocker

2023-10-20 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.

2023-10-20 ⋅ Twitter (@embee_research) ⋅ Embee_research
Decoding a Cobalt Strike .hta Loader Using CyberChef and Emulation
Cobalt Strike

2023-10-18 ⋅ Twitter (@embee_research) ⋅ Embee_research
Ghidra Tutorial - Using Entropy To Locate a Cobalt Strike Decryption Function
Cobalt Strike

2023-10-18 ⋅ Google ⋅ Kate Morgan
Government-backed actors exploiting WinRAR vulnerability
APT40

2023-10-18 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
FeedLoad ForestTiger HazyLoad RollSling Silent Chollima

2023-10-18 ⋅ Kaspersky Labs ⋅ GReAT, Kaspersky Lab ICS CERT
Updated MATA attacks industrial companies in Eastern Europe
Dacls Unidentified 106

2023-10-18 ⋅ Cado Security ⋅ Matt Muir, Nate Bill
Qubitstrike - An Emerging Malware Campaign Targeting Jupyter Notebooks

2023-10-17 ⋅ Kaspersky Labs ⋅ GReAT
APT trends report Q3 2023
BadRory TetrisPhantom

2023-10-17 ⋅ SOCRadar ⋅ SOCRadar
Dark Peep #2: War and a Piece of Hilarity
UserSec

2023-10-16 ⋅ Sekoia ⋅ Quentin Bourgue, Threat & Detection Research Team
ClearFake: a newcomer to the “fake updates” threats landscape
ClearFake

2023-10-16 ⋅ Twitter (@embee_research) ⋅ Embee_research
Decoding a Simple Visual Basic (.vbs) Script - DarkGate Loader
DarkGate

2023-10-16 ⋅ Kaspersky Labs ⋅ GReAT
A hack in hand is worth two in the bush
StrifeWater RAT Cyber Av3ngers

2023-10-15 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)
Poseidon UAC-0006

2023-10-13 ⋅ ⋅ Medium BI.ZONE ⋅ BI.ZONE
Sticky Werewolf spies attack state organizations of Russia and Belarus
Darktrack RAT

2023-10-13 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Power Supplier’s Network Infiltrated for 6 Months by “Redfly” Hackers – Active IOCs
Redfly