Malpedia Library

Click here to download all references as Bib-File.•

2022-08-11 ⋅ sonatype ⋅ Ax Sharma
PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero

2022-08-11 ⋅ Group-IB ⋅ Group-IB
Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution

2022-08-11 ⋅ Cleafy ⋅ Federico Valentini, Francesco Iubatti
SOVA malware is back and is evolving rapidly
S.O.V.A.

2022-08-11 ⋅ Malcat ⋅ malcat team
LNK forensic and config extraction of a cobalt strike beacon
Cobalt Strike

2022-08-11 ⋅ AdvIntel ⋅ AdvIntel
“BazarCall” Advisory: Essential Guide to Attack Vector that Revolutionized Data Breaches

2022-08-10 ⋅ Avast Decoded ⋅ Threat Research Team
Avast Q2/2022 Threat Report: Farewell to Conti, Zloader, and Maldocs; Hello Resurrection of Raccoon Stealer, and more Ransomware Attacks
Conti Raccoon RecordBreaker Zloader Caramel Tsunami

2022-08-10 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattacks of the UAC-0010 group (Armageddon): malicious programs GammaLoad, GammaSteel (CERT-UA#5134)
Gamaredon Group

2022-08-10 ⋅ Cisco ⋅ Nick Biasini
Cisco Talos shares insights related to recent cyber attack on Cisco
Yanluowang UNC2447

2022-08-10 ⋅ BitSight ⋅ João Batista
Emotet SMB Spreader is Back
Emotet

2022-08-09 ⋅ Twitter (@Katechondic) ⋅ Katechondic
Tweet on malware, suspected to be from China based actor, targeting Taiwan
PUBLOAD

2022-08-09 ⋅ cyble ⋅ Cyble Research Labs
Bitter APT Group Using “Dracarys” Android Spyware
Dracarys

2022-08-09 ⋅ Kaspersky ⋅ Kurt Baumgartner, Seongsu Park
Andariel deploys DTrack and Maui ransomware
Dtrack Maui Ransomware

2022-08-09 ⋅ Zscaler ⋅ Jagadeeswar Ramanukolanu, Sudeep Singh
AiTM phishing attack targeting enterprise users of Gmail

2022-08-08 ⋅ AccidentalRebel ⋅ Karlo Licudine
Malware sandbox evasion in x64 assembly by checking ram size - Part 1

2022-08-08 ⋅ Kaspersky ⋅ Kaspersky Lab ICS CERT
Targeted attack on industrial enterprises and public institutions
Cotx RAT Logtu nccTrojan PortDoor

2022-08-08 ⋅ N1ght-W0lf Blog ⋅ Abdallah Elshinbary
YARA for config extraction
RedLine Stealer

2022-08-07 ⋅ Malverse ⋅ greenplan
Config Extractor per DanaBot (PARTE 1)
DanaBot

2022-08-06 ⋅ MalwareBookReports ⋅ muzi
A LOOK BACK AT BAZARLOADER’S DGA
BazarBackdoor

2022-08-05 ⋅ ⋅ 360 netlab ⋅ Daji, suqitian
The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information
Orchard

2022-08-05 ⋅ 360 netlab ⋅ 360 Netlab
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
Orchard