Malpedia Library

Click here to download all references as Bib-File.•

2022-03-31 ⋅ CrowdStrike ⋅ Christopher Romano, Vaishnav Murthy
Cloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365

2022-03-27 ⋅ Github (0x00-0x7f) ⋅ Sadia Bashir
A Case of Vidar Infostealer - Part 1 (Unpacking)
Vidar

2022-03-26 ⋅ n0p Blog ⋅ Ali Mosajjal
Analysis of a Caddy Wiper Sample Targeting Ukraine
CaddyWiper

2022-03-23 ⋅ splunk ⋅ Shannon Davis
Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed
Avaddon Babuk BlackMatter Conti DarkSide LockBit Maze Mespinoza REvil Ryuk

2022-03-23 ⋅ KrebsOnSecurity ⋅ Brian Krebs
A Closer Look at the LAPSUS$ Data Extortion Group
RedLine Stealer

2022-03-22 ⋅ Trustwave ⋅ Karla Agregado
Dissecting a Phishing Campaign with a Captcha-based URL

2022-03-22 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
RedLine Stealer

2022-03-21 ⋅ Github (trendmicro) ⋅ Trend Micro Research
Python script to check a Cyclops Blink C&C
CyclopsBlink

2022-03-14 ⋅ Bleeping Computer ⋅ Bill Toulas
Android malware Escobar steals your Google Authenticator MFA codes
Aberebot

2022-03-13 ⋅ Security Affairs ⋅ Pierluigi Paganini
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
lampion

2022-03-03 ⋅ LIFARS ⋅ LIFARS
A Closer Look at the Russian Actors Targeting Organizations in Ukraine
HermeticWiper IsaacWiper Saint Bot WhisperGate

2022-03-01 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Research Team, Zydeca Cass
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
SunSeed

2022-02-26 ⋅ Seguranca Informatica ⋅ Pedro Tavares
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
lampion

2022-02-24 ⋅ nviso ⋅ Michel Coene
Threat Update – Ukraine & Russia conflict
EternalPetya GreyEnergy HermeticWiper Industroyer KillDisk WhisperGate

2022-02-17 ⋅ Twitter (@Honeymoon_IoC) ⋅ Gi7w0rm
Tweets on win.prometei caught via Cowrie
Prometei

2022-02-14 ⋅ Morphisec ⋅ Arnold Osipov, Hido Cohen
Journey of a Crypto Scammer - NFT-001
AsyncRAT BitRAT Remcos

2022-02-09 ⋅ Cisco ⋅ Vanja Svajcer, Vitor Ventura
What’s with the shared VBA code between Transparent Tribe and other threat actors?

2022-02-08 ⋅ GuidePoint Security ⋅ Drew Schmitt
Using Hindsight to Close a Cuba Cold Case
Cuba

2022-01-27 ⋅ BleepingComputer ⋅ Sergiu Gatlan
Taiwanese Apple and Tesla contractor hit by Conti ransomware
Conti

2022-01-25 ⋅ Palo Alto Networks Unit 42 ⋅ Yaron Samuel
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies
Agent Tesla