Malpedia Library

Click here to download all references as Bib-File.•

2023-04-19 ⋅ Google ⋅ Billy Leonard, Google Threat Analysis Group
Ukraine remains Russia’s biggest cyber focus in 2023
Rhadamanthys

2023-04-18 ⋅ ANY.RUN ⋅ ANY.RUN
PrivateLoader: Analyzing the Encryption and Decryption of a Modern Loader
PrivateLoader

2023-04-18 ⋅ Avast Decoded ⋅ Martin Chlumecký
DDosia Project: How NoName057(16) is trying to improve the efficiency of DDoS attacks
Dosia

2023-04-18 ⋅ Rapid7 Labs ⋅ Matt Green
Automating Qakbot Detection at Scale With Velociraptor
QakBot

2023-04-18 ⋅ Morphisec ⋅ Arnold Osipov, Michael Dereviashkin
What Makes Invalid Printer Loader So Stealthy?
Aurora

2023-04-18 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets
Drokbk

2023-04-18 ⋅ Cisco Talos ⋅ Matthew Olney
State-sponsored campaigns target global network infrastructure

2023-04-18 ⋅ NCSC UK ⋅ United Kingdom’s National Cyber Security Centre (NCSC-UK)
Jaguar Tooth - Cisco IOS malware that collects device information and enables backdoor access

2023-04-18 ⋅ Zscaler ⋅ Meghraj Nandanwar, Shatak Jain
Introducing DevOpt: A Multifunctional Backdoor Arsenal
DevOpt

2023-04-18 ⋅ Twitter (@threatinsight) ⋅ Threat Insight
Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware
BumbleBee

2023-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert
Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

2023-04-18 ⋅ Microsoft ⋅ Daniel Simpson, Dianne Gali, Stacyrch140
How Microsoft names threat actors

2023-04-17 ⋅ Medium (@lcam) ⋅ Luca Mella
Data Insights from Russian Cyber Militants: NoName05716
Dosia

2023-04-17 ⋅ AhnLab ⋅ ASEC
Trigona Ransomware Attacking MS-SQL Servers
Trigona

2023-04-17 ⋅ BE42LATE ⋅ B42 Labs
Noname057(16) Attack Tracker
Dosia

2023-04-17 ⋅ JUMPSEC LABS ⋅ max corbridge
Butting Heads with a Threat Actor on an Engagement

2023-04-17 ⋅ Leandro's blog ⋅ Leandro Froes
An in-depth look at the Golang Windows calls

2023-04-16 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 15: WinAPI GetProcAddress implementation. Simple C++ example.

2023-04-14 ⋅ Dragos ⋅ Dragos
2022 ICS/OT Threat Landscape Recap & What to Watch for This Year
INDUSTROYER2 Wassonite

2023-04-14 ⋅ Github (Hildaboo) ⋅ Hildaboo
SHATTEREDGLASS Server Emulator
SHATTEREDGLASS